Xpack issues

noelgeorgi · February 1, 2018, 8:40pm

Well I have created a 2 node master and a single data node cluster:

master:-config

cluster.name: elasticsearch
bootstrap.memory_lock: false
network.host: 0.0.0.0
xpack.security.authc.anonymous.username: anonymous_user
xpack.security.authc.anonymous.roles: anonymous_user
xpack.security.authc.anonymous.authz_exception: true
discovery.zen.ping.unicast.hosts: tasks.es-master
discovery.zen.minimum_master_nodes: 2
node.master: true
node.data: false
node.ingest: false
search.remote.connect: false
xpack.monitoring.enabled: false

data node config:

cluster.name: elasticsearch
bootstrap.memory_lock: false
network.host: 0.0.0.0
xpack.security.authc.anonymous.username: anonymous_user
xpack.security.authc.anonymous.roles: anonymous_user
xpack.security.authc.anonymous.authz_exception: true
discovery.zen.ping.unicast.hosts: tasks.es-master
discovery.zen.minimum_master_nodes: 2
node.data: true
node.master: false
node.ingest: false
search.remote.connect: false
xpack.monitoring.enabled: false

This is the user json data:

{
    "elastic": {
        "username": "elastic",
        "roles": [
            "superuser"
        ],
        "full_name": null,
        "email": null,
        "metadata": {
            "_reserved": true
        },
        "enabled": true
    },
    "kibana": {
        "username": "kibana",
        "roles": [
            "kibana_system"
        ],
        "full_name": null,
        "email": null,
        "metadata": {
            "_reserved": true
        },
        "enabled": true
    },
    "logstash_system": {
        "username": "logstash_system",
        "roles": [
            "logstash_system"
        ],
        "full_name": null,
        "email": null,
        "metadata": {
            "_reserved": true
        },
        "enabled": true
    },
    "anonymous_user": {
        "username": "anonymous_user",
        "roles": [
            "anonymous_user"
        ],
        "full_name": null,
        "email": null,
        "metadata": {
            "_reserved": true
        },
        "enabled": true
    }
}

noelgeorgi · February 1, 2018, 8:45pm

contd:
This is the role data:

{
    "watcher_admin": {
        "cluster": [
            "manage_watcher"
        ],
        "indices": [
            {
                "names": [
                    ".watches",
                    ".triggered_watches",
                    ".watcher-history-*"
                ],
                "privileges": [
                    "read"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "logstash_system": {
        "cluster": [
            "monitor",
            "cluster:admin/xpack/monitoring/bulk"
        ],
        "indices": [],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "kibana_user": {
        "cluster": [],
        "indices": [
            {
                "names": [
                    ".kibana*"
                ],
                "privileges": [
                    "manage",
                    "read",
                    "index",
                    "delete"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "machine_learning_user": {
        "cluster": [
            "monitor_ml"
        ],
        "indices": [
            {
                "names": [
                    ".ml-anomalies*",
                    ".ml-notifications"
                ],
                "privileges": [
                    "view_index_metadata",
                    "read"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "remote_monitoring_agent": {
        "cluster": [
            "manage_index_templates",
            "manage_ingest_pipelines",
            "monitor",
            "cluster:monitor/xpack/watcher/watch/get",
            "cluster:admin/xpack/watcher/watch/put",
            "cluster:admin/xpack/watcher/watch/delete"
        ],
        "indices": [
            {
                "names": [
                    ".marvel-es-*",
                    ".monitoring-*"
                ],
                "privileges": [
                    "all"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "machine_learning_admin": {
        "cluster": [
            "manage_ml"
        ],
        "indices": [
            {
                "names": [
                    ".ml-*"
                ],
                "privileges": [
                    "view_index_metadata",
                    "read"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "watcher_user": {
        "cluster": [
            "monitor_watcher"
        ],
        "indices": [
            {
                "names": [
                    ".watches",
                    ".watcher-history-*"
                ],
                "privileges": [
                    "read"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "monitoring_user": {
        "cluster": [],
        "indices": [
            {
                "names": [
                    ".marvel-es-*",
                    ".monitoring-*"
                ],
                "privileges": [
                    "read"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "reporting_user": {
        "cluster": [],
        "indices": [
            {
                "names": [
                    ".reporting-*"
                ],
                "privileges": [
                    "read",
                    "write"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "kibana_system": {
        "cluster": [
            "monitor",
            "cluster:admin/xpack/monitoring/bulk"
        ],
        "indices": [
            {
                "names": [
                    ".kibana*",
                    ".reporting-*"
                ],
                "privileges": [
                    "all"
                ]
            }
        ],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "transport_client": {
        "cluster": [
            "transport_client"
        ],
        "indices": [],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "superuser": {
        "cluster": [
            "all"
        ],
        "indices": [
            {
                "names": [
                    "*"
                ],
                "privileges": [
                    "all"
                ]
            }
        ],
        "run_as": [
            "*"
        ],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "ingest_admin": {
        "cluster": [
            "manage_index_templates",
            "manage_pipeline"
        ],
        "indices": [],
        "run_as": [],
        "metadata": {
            "_reserved": true
        },
        "transient_metadata": {
            "enabled": true
        }
    },
    "anonymous_user": {
        "cluster": [
            "cluster:monitor/health"
        ],
        "indices": [],
        "run_as": [],
        "metadata": {},
        "transient_metadata": {
            "enabled": true
        }
    }
}

getting exception when doing curl like this:
curl localhost:9200/_cluster/health

{
    "error": {
        "root_cause": [
            {
                "type": "security_exception",
                "reason": "action [cluster:monitor/health] is unauthorized for user [anonymous_user]"
            }
        ],
        "type": "security_exception",
        "reason": "action [cluster:monitor/health] is unauthorized for user [anonymous_user]"
    },
    "status": 403
}

used to work when master and data node were the same, any help?

TimV · February 6, 2018, 4:49am

I don't really understand your cluster setup - do you have 1 master node or 2?
Either way there's not a lot of sense in running a cluster with a dedicate master and a single dedicated data node.

My guess if that you had a caching issue. Did the problem go away eventually?

noelgeorgi · February 6, 2018, 5:01am

Yep I have 3 explicit masters and 2 data nodes, yup I forgot about this. The issue got resolved eventually. Most probably it might have been corrupt data. I am closing this.

noelgeorgi · February 6, 2018, 5:03am

@TimV well I had to explicitly disable monitoring on the master nodes to start up and form the cluster, is there any solution to this?

system · March 6, 2018, 5:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Node Master not discovered if I active XPACK Elasticsearch	1	383	July 25, 2019
ElasticsearchSecurityException when security is enabled on master node but not the data nodes Elasticsearch elastic-stack-security	7	349	October 20, 2023
Xpack enabled elastic stack Cluster Elasticsearch elastic-stack-security	8	406	March 3, 2021
Is Xpack related to "master_not_discovered_exception"? 503 Elasticsearch	5	620	March 22, 2021
Errors on fresh install Elasticsearch	1	405	December 5, 2019

Xpack issues

Related topics