Hi,
What is the instruction for installing shields on multi-node cluster?
Long story short, I have a node 1 with shield with username/password, then I am trying to add another node. Shield configuration is exactly the same. Am I supposed to set up same username/password on node 2? I did, and not sure if it's caused by that but I am getting this exception in the log.
[2016-03-04 14:54:40,144][INFO ][rest.suppressed ] /_nodes Params: {}
ElasticsearchSecurityException[missing authentication token for REST request [/_nodes]]
at org.elasticsearch.shield.support.Exceptions.authenticationError(Exceptions.java:39)
It's the same for a one node cluster a multiple node cluster. Just make sure the plugin is installed before trying to join nodes, and roll the same config out to all nodes.
This means you need to have the same users, roles, and user role mapping files on all nodes in the cluster. This isn't optional - you're not secure unless these files are in sync.
We're adding API-based user configuration to a near-term version, so the user/role config piece will be getting a lot easier soon!
So once I installed Shield on new node, I would run "bin/shield/esusers useradd myUser..." and set up identical username and password, is that correct?
I am also getting this exception as well. Not sure, if it's anything to do with shield though..
[RemoteTransportException[[node-2][myIP:9300][indices:data/write/bulk[s][r]]]; nested: ElasticsearchSecurityException[action [indices:data/write/bulk[s][r]] is unauthorized for user [__marvel_user]]; ]
RemoteTransportException[[node-2][myIP:9300][indices:data/write/bulk[s][r]]]; nested: ElasticsearchSecurityException[action [indices:data/write/bulk[s][r]] is unauthorized for user [__marvel_user]];
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.