CODEWITHSUNDEEP
elasticsearchkuberneteselasticsearch-opendistro
Kamol Hasan
Kamol Hasan

Reputation: 13466

Open Distro for Elasticsearch: reset default admin password

I'm new to open distro for elasticsearch and trying to run it on the Kubernetes cluster. After deploying the cluster, I need to change the password for admin user.

I went through this post - default-password-reset

I came to know that, to change the password I need to do the following steps:

Questions:

Upvotes: 0

Views: 6351

Answers (3)

vinnar
vinnar

Reputation: 15

You can also execute below commands to obtain value of username, password from you kubernetes cluster:

kubectl get secret -n wazuh elastic-cred -o go-template='{{.data.username | base64decode}}'
kubectl get secret -n wazuh elastic-cred -o go-template='{{.data.password | base64decode}}'

Note: '-n wazuh' indicates the namespace, use what applies to you

Ref: https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-deploy-elasticsearch.html

Upvotes: 0

Aref
Aref

Reputation: 133

docker exec -ti ELASTIC_MASTER bash

/usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh

##enter pass

yum install nano

#replace generated hash with new one nano /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml

#exec this command to take place sh /usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ -icl -nhnv -cacert config/root-ca.pem -cert config/admin.pem -key config/admin-key.pem

Upvotes: 2

Kamol Hasan
Kamol Hasan

Reputation: 13466

I had to recreate internal_users.yml file with the updated password hashes and mounted the file in /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml directory for database pods.

So, when the Elasticsearch nodes bootstrapped, it bootstrapped with the updated password for default users ( i.e. admin ).

I used bcrypt go package to generate password hash.

Upvotes: 2

Related Questions