Reputation: 705
Apply security on ELK Cluster - authentication issue
I have a 7.6.2 cluster of three nodes and want to apply the x-pack security. So I've updated my elasticsearch.yml conf. I first want to set password
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto
Unexpected response code [405] from calling GET http://xxx:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.
ERROR: X-Pack Security is disabled by configuration.
But it fails, so I restart one elasticsearch node, but then still impossible to set password
/etc/elasticsearch$ /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto
Your cluster health is currently RED.
This means that some cluster data is unavailable and your cluster is not fully functional.
It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.
Do you want to continue with the password setup process [y/N]y
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y
Connection failure to: http://xxx:9200/_security/user/apm_system/_password?pretty failed: Read timed out
ERROR:Failed to set password for user [apm_system].
And I'm not able to access anything as I have authentication issue. I can't find how to apply security successfully on my cluster. Unable to set password or unable to authenticate ?
Upvotes: 1
Views: 3138
Answers (3)
Reputation: 11
Your cluster does not have a data node.
Just add to the /etc/elasticsearch/elasticsearch.yml
node.data: true
and it will work.
Upvotes: 0
Reputation: 1
i have the same issue. after upgrade .
- i set "xpack.security.enabled= true " and trying to start but could not and it throws transport ssl to be enabled.
- set both xpack.security.transport.ssl.enabled: true & xpack.security.enabled= true tried setup passwords as per basic security. a. but got " fail to setup password on [apm_system] b. while trying _cat/health , got "missing credentials"
Upvotes: 0
Reputation: 61
You need to set xpack.security.enabled: true for all nodes in the cluster and then do a full cluster restart (all nodes). After that you can generate passwords using
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto
Upvotes: 2
Related Questions
- Access Control in Elastic - missing authentication credentials for REST request
- ELK cluster user password
- failed to authenticate user [elastic]
- failed to authenticate user [elastic] after enabling xpack.security in elasticsearch
- Elasticsearch 5.6 authentication
- missing authentication for rest request elasticsearch
- Authentication in Elasticsearch
- how to password protect Elastic search
- elasticsearch default credentials
- ElasticSearch Node Prompting For Authentication