I just tried to rebuild some AMIs for our very outdated 1.7 cluster and discovered that our ansible scripts now fail with a signature error on the elastic repo which used to work as documented here:
The error I'm getting is:
==> null: W: GPG error: http://packages.elastic.co/elasticsearch/1.7/debian stable Release: The following signatures were invalid: 46095ACC8548582C1A2699A9D27D666CD88E42B4 ==> null: E: The repository 'http://packages.elastic.co/elasticsearch/1.7/debian stable Release' is not signed.
To work around this, I simply curled the package and used dpkg -i to install it.
curl -L -O https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.7.6.deb dpkg -i elasticsearch-1.7.6.deb
If anyone has a better solution for this, I'd be interested to know. Any Elastic people reading this, please update the documentation for this or fix the signature; probably there are some more people getting stuck on this. Also, I think this may affect other packages as well.
For reference, here's my ansible code with the old way of installing commented out.
# - name: Install es add-apt-repostory # become: yes # apt: name=software-properties-common state=latest # - name: Add es apt key # become: yes # apt_key: url=https://packages.elastic.co/GPG-KEY-elasticsearch state=present # - name: Add es Repository # become: yes # apt_repository: repo='deb http://packages.elastic.co/elasticsearch/1.7/debian stable main' state=present # - name: Install ES 1.7.x # become: yes # apt: name=elasticsearch state=present allow-unauthenticated=true # NOTE official repo signature no longer works so working around it by installing using dpkg; should be the same package as before - name: download es deb package get_url: url: https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.7.6.deb dest: /tmp/elasticsearch-1.7.6.deb - name: install the es deb shell: dpkg -i /tmp/elasticsearch-1.7.6.deb