TLS and cross cluster search

Elastic Stack Elasticsearch
,
1

Hello!!!

Please, i'm using the same certificate in 2 different clusters, which works just fine, but I'm only able to see my cluster 1 on kibana, the cluster 2 is not being available to be seing on kibana to generate dashboards about the logs it is managing.
I'm using basi license, and what i could notice is that kibana logs keep saying that elasticsearch license could not be found.
Is really possible to use 2 clusters with the tls enable?

What should I do to fix this issue?

 "type": "log",
  "@timestamp": "2021-06-23T11:05:17-03:00",
  "tags": [
    "warning",
    "plugins",
    "monitoring",
    "monitoring",
    "kibana-monitoring"
  ],
  "pid": 1020181,
  "message": "Error: Cluster client cannot be used after it has been closed.\n    at LegacyClusterClient.assertIsNotClosed (/usr/share/kibana/src/core/server/elasticsearch/legacy/cluster_client.js:196:13)\n    at LegacyClusterClient.callAsInternalUser (/usr/share/kibana/src/core/server/elasticsearch/legacy/cluster_client.js:116:12)\n    at sendBulkPayload (/usr/share/kibana/x-pack/plugins/monitoring/server/kibana_monitoring/lib/send_bulk_payload.js:22:18)\n    at BulkUploader._onPayload (/usr/share/kibana/x-pack/plugins/monitoring/server/kibana_monitoring/bulk_uploader.js:209:43)\n    at BulkUploader._fetchAndUpload (/usr/share/kibana/x-pack/plugins/monitoring/server/kibana_monitoring/bulk_uploader.js:195:20)\n    at runMicrotasks (<anonymous>)\n    at processTicksAndRejections (internal/process/task_queues.js:93:5)"
}

 "type": "log",
  "@timestamp": "2021-06-23T11:06:07-03:00",
  "tags": [
    "warning",
    "plugins",
    "monitoring",
    "monitoring",
    "kibana-monitoring"
  ],
  "pid": 1020181,
  "message": "Unable to bulk upload the stats payload to the local cluster"


[2021-06-22T14:20:00,904][WARN ][o.e.c.a.s.ShardStateAction] [ntw-node3] unexpected failure while sending request [internal:cluster/shard/failure] to [{ntw-node1}{J4iqvg0CT2aarDC4yEsWAA}$
org.elasticsearch.transport.RemoteTransportException: [ntw-node1][myipadd:9300][internal:cluster/shard/failure]
Caused by: org.elasticsearch.ElasticsearchSecurityException: action [internal:cluster/shard/failure] is unauthorized for user [elastic]
        at org.elasticsearch.xpack.core.security.support.Exceptions.authorizationError(Exceptions.java:35) ~[?:?]
        at org.elasticsearch.xpack.security.authz.AuthorizationService.denialException(AuthorizationService.java:656) ~[?:?]
        at org.elasticsearch.xpack.security.authz.AuthorizationService.denialException(AuthorizationService.java:611) ~[?:?]
        at org.elasticsearch.xpack.security.authz.AuthorizationService.authorizeAction(AuthorizationService.java:308) ~[?:?]
        at org.elasticsearch.xpack.security.authz.AuthorizationService.maybeAuthorizeRunAs(AuthorizationService.java:265) ~[?:?]
        at org.elasticsearch.xpack.security.authz.AuthorizationService.lambda$authorize$1(AuthorizationService.java:229) ~[?:?]
        at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:117) ~[elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.action.support.ContextPreservingActionListener.onResponse(ContextPreservingActionListener.java:32) ~[elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.xpack.security.authz.RBACEngine.lambda$resolveAuthorizationInfo$1(RBACEngine.java:127) ~[?:?]
        at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:117) ~[elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.xpack.security.authz.store.CompositeRolesStore.getRoles(CompositeRolesStore.java:276) ~[?:?]
        at org.elasticsearch.xpack.security.authz.RBACEngine.getRoles(RBACEngine.java:133) ~[?:?]
        at org.elasticsearch.xpack.security.authz.RBACEngine.resolveAuthorizationInfo(RBACEngine.java:121) ~[?:?]
        at org.elasticsearch.xpack.security.authz.AuthorizationService.authorize(AuthorizationService.java:231) ~[?:?]
        at org.elasticsearch.xpack.security.transport.ServerTransportFilter$NodeProfile.lambda$inbound$1(ServerTransportFilter.java:130) ~[?:?]
        at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:117) ~[elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$authenticateAsync$2(AuthenticationService.java:330) ~[?:?]
        at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$lookForExistingAuthentication$6(AuthenticationService.java:391) ~[?:?]
        at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lookForExistingAuthentication(AuthenticationService.java:402) ~[?:?]
        at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.authenticateAsync(AuthenticationService.java:327) ~[?:?]
        at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.access$000(AuthenticationService.java:268) ~[?:?]
        at org.elasticsearch.xpack.security.authc.AuthenticationService.authenticate(AuthenticationService.java:178) ~[?:?]
        at org.elasticsearch.xpack.security.transport.ServerTransportFilter$NodeProfile.inbound(ServerTransportFilter.java:121) ~[?:?]
        at org.elasticsearch.xpack.security.transport.SecurityServerTransportInterceptor$ProfileSecuredRequestHandler.messageReceived(SecurityServerTransportInterceptor.java:322) ~[?:?]
        at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:61) ~[elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.InboundHandler.handleRequest(InboundHandler.java:203) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.InboundHandler.messageReceived(InboundHandler.java:102) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.InboundHandler.inboundMessage(InboundHandler.java:84) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.TcpTransport.inboundMessage(TcpTransport.java:690) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.InboundPipeline.forwardFragments(InboundPipeline.java:131) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.InboundPipeline.doHandleBytes(InboundPipeline.java:106) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.InboundPipeline.handleBytes(InboundPipeline.java:71) [elasticsearch-7.12.0.jar:7.12.0]
        at org.elasticsearch.transport.netty4.Netty4MessageChannelHandler.channelRead(Netty4MessageChannelHandler.java:63) [transport-netty4-client-7.12.0.jar:7.12.0]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) [netty-transport-4.1.49.Final.jar:4.1.49.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) [netty-transport-4.1.49.Final.jar:4.1.49.Final]
        at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) [netty-transport-4.1.49.Final.jar:4.1.49.Final]
        at io.netty.handler.logging.LoggingHandler.channelRead(LoggingHandler.java:271) [netty-handler-4.1.49.Final.jar:4.1.49.Final]
2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.