Trouble creating my first cluster with X-pack

Hello All!

I am very new to elastic and have been given the job of upgrading our 3 sites from 6.6.1 to 7.4
To start I tried to create a cluster that mimics our sites. Just 3 master/data nodes with Kibana and Logstash.

My troubles have started with creating the test cluster, I deployed 3 vms that are identical (chef provisioning). With the process of installing elasticsearch being a manual step. I typed identical commands in to each and I have a cluster with 2 nodes the third node asks for a username and password when I try to check cluster health. I am using X-pack but the other two nodes did not do this.

I would like to figure out how I can re-initialize the node that is giving me the problem. I don't care about data loss as there is no data. I have gone in and deleted the /var/lib/elasticsearch folder to try re-initializing with no success, I am still asked for a password and the node won't join the cluster. The default username of elastic and password of changeme also did not work to login.

Please let me know what additional information is needed.

My elasticsearch.yml file was created on one node, and copied to the other two nodes with just the binding network address modified. The p12 certificate was also created on one of the nodes and copied to the other two as-is.

Thank you for taking the time to read through my post.

Below is the elasticsearch.yml file from the node with the issue.

cluster.name: FACTORY-CLUSTER
node.name: elk-dev32
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: 172.18.25.123
http.port: 9200
discovery.zen.ping.unicast.hosts: ["172.18.25.35", "172.18.25.123", "172.18.25.149"]
discovery.zen.minimum_master_nodes: 2

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-stack-ca.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/elastic-stack-ca.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/elastic-stack-ca.p12

So found out I need to do three things,

  1. Install our non prod license so I could get the three nodes to work

But then all 3 nodes were asking for a password so step two was to run

  1. /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive

This failed the first time because we are using self-signed certs so I had to add the following line to my elasticsearch.yml

  1. xpack.security.http.ssl.verification_mode: certificate

I now have a my first 3 node cluster up and running. I really wish the documentation was clearer on the extra step to setup the passwords before the cluster is usable. This cause a hours of headache for me.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.