Reputation: 183
Why Elasticsearch cluster does not recognizes a superuser on cluster restart?
I created a superuser on my 3 node elastic cluster. As seen below the user very well exists, I am pretty sure I am using the correct password. Also it allows me to change the password but at the same time it says user does not exists.
After shutting down all three nodes and restarting again, it started giving security exception.
{ "error": { "root_cause": [ { "type": "security_exception", "reason": "unable to authenticate user [prashant] for REST request [/_cluster/health]", "header": { "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\"" } } ], "type": "security_exception", "reason": "unable to authenticate user [prashant] for REST request [/_cluster/health]", "header": { "WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\"" } }, "status": 401 }
Upvotes: 0
Views: 910
Answers (1)
Reputation: 2908
So all users and their passwords as well as their roles are stored in a system-index in elasticsearch. It seems like you've lost your data (= indices) and elasticsearch doesn't recognize the user because there is no entry for that user in the system index.
You should verify that the user really exists by executing a curl/http request against the GET users API using the built-in elastic user, which has superuser privileges.
Upvotes: 0
Related Questions
- Running ElasticSearch as the root user
- Elasticsearch cluster 'master_not_discovered_exception'
- Elasticsearch count of searches against an index resets to zero after cluster restart
- Kibana on AWS user management: Created new user but can't see my index patterns
- Elasticsearch does not start automatically when I restart the server
- Elasticseach cluster won't elect new master after losing the previous ones on ECK
- ElasticSearch 6.4: no master re-election until node restart
- Setting [cluster] must not be empty
- elasticsearch can't start with an non-root user
- elasticsearch Cluster not rebalancing after adding nodes