X-pack security enabled fails to start elastic search

Enabling x-pack.security fails to connect to elastic search and closes the elastic search connection by throwing the following error

[2018-10-30T12:54:36,196][INFO ][o.e.n.Node ] [elk] initialized
[2018-10-30T12:54:36,196][INFO ][o.e.n.Node ] [elk] starting ...
[2018-10-30T12:54:36,777][INFO ][o.e.t.TransportService ] [elk] publish_address {x.x.x.x:9300}, bound_addresses {x.x.x.x:9300}
[2018-10-30T12:54:37,250][INFO ][o.e.m.j.JvmGcMonitorService] [elk] [gc][1] overhead, spent [288ms] collecting in the last [1s]
[2018-10-30T12:54:37,789][INFO ][o.e.b.BootstrapChecks ] [elk] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-10-30T12:54:37,806][ERROR][o.e.b.Bootstrap ] [elk] node validation exception
[1] bootstrap checks failed
[1]: Transport SSL must be enabled for setups with production licenses. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
[2018-10-30T12:54:37,814][INFO ][o.e.n.Node ] [elk] stopping ...
[2018-10-30T12:54:37,840][INFO ][o.e.n.Node ] [elk] stopped
[2018-10-30T12:54:37,840][INFO ][o.e.n.Node ] [elk] closing ...
[2018-10-30T12:54:37,858][INFO ][o.e.n.Node ] [elk] closed
[2018-10-30T12:54:37,860][INFO ][o.e.x.m.j.p.NativeController] Native controller process has stopped - no new native processes can be started

syslog

kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:16:56Z","tags":["warning","elasticsearch","monitoring-ui"],"pid":30887,"message":"Unable to revive connection: http://localhost:9200/"}
kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:16:56Z","tags":["warning","elasticsearch","monitoring-ui"],"pid":30887,"message":"No living connections"}
kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:16:56Z","tags":["license","warning","xpack"],"pid":30887,"message":"License information from the X-Pack plugin could not be obtained from Elasticsearch for the [monitoring] cluster. Error: No Living connections"}
kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:16:58Z","tags":["warning","elasticsearch","admin"],"pid":30887,"message":"Unable to revive connection: http://localhost:9200/"}
kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:16:58Z","tags":["warning","elasticsearch","admin"],"pid":30887,"message":"No living connections"}
kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:17:01Z","tags":["warning","elasticsearch","admin"],"pid":30887,"message":"Unable to revive connection: http://localhost:9200/"}
kibana[30887]: {"type":"log","@timestamp":"2018-10-30T19:17:01Z","tags":["warning","elasticsearch","admin"],"pid":30887,"message":"No living connections"}

have platinum licence

elasticsearch.yml file

cluster.name: xxxx
discovery.zen.minimum_master_nodes: 2
discovery.zen.ping.unicast.hosts: ["server-1","server-2","server-3"]
network.host: 0.0.0.0
node.data: false
node.ingest: false
node.name: xxx
path.data: "/x/x/x"
path.logs: "/x/x/x"
path.repo: "/x/x/x"
transport.host: site
xpack.security.enabled: true

for now, there is no ssl set up. can't use x-pack security without using transport ssl in production mode?

Hi,

No. As clearly mentioned in the bootstrap check that failed

and in our documentation, TLS on the transport layer is required (unless using a single node listening on loopback )

Thanks for sharing :slight_smile:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.