ava.lang.NullPointerException: Cannot invoke \"Object.getClass()\" because \"event\" is null

Hi,

i am using Opensearch 2.16 (lastet).

On all my clusters and all nodes, i get the following message every few seconds:

{"type": "server", "timestamp": "2024-08-14T10:10:53,763Z", "level": "ERROR", "component": "o.o.s.c.ConfigurationRepository", "cluster.name": "--clustername--", "node.name": "--nodename--", "message": "org.opensearch.security.securityconf.DynamicConfigFactory@57058a20 listener errored: java.lang.NullPointerException: Cannot invoke \"Object.getClass()\" because \"event\" is null", "cluster.uuid": "K4W6fQAdTC-Mtstu1VkECg", "node.id": "-38fMORoQhu7L0IUrIpP8Q" ,
"stacktrace": ["java.lang.NullPointerException: Cannot invoke \"Object.getClass()\" because \"event\" is null",
"at org.greenrobot.eventbus.EventBus.postSingleEvent(EventBus.java:387) ~[eventbus-java-3.3.1.jar:?]",
"at org.greenrobot.eventbus.EventBus.post(EventBus.java:275) ~[eventbus-java-3.3.1.jar:?]",
"at org.opensearch.security.securityconf.DynamicConfigFactory.onChange(DynamicConfigFactory.java:326) ~[opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.notifyAboutChanges(ConfigurationRepository.java:570) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.notifyConfigurationListeners(ConfigurationRepository.java:559) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.reloadConfiguration0(ConfigurationRepository.java:554) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.loadConfigurationWithLock(ConfigurationRepository.java:538) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.reloadConfiguration(ConfigurationRepository.java:531) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.initalizeClusterConfiguration(ConfigurationRepository.java:284) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at org.opensearch.security.configuration.ConfigurationRepository.lambda$initOnNodeStart$10(ConfigurationRepository.java:439) [opensearch-security-2.16.0.0.jar:2.16.0.0]",
"at java.base/java.lang.Thread.run(Thread.java:1583) [?:?]"] }

What does the error mean? How can i fix it?

Hi @dbgtmaster,

Do you mind sharing your opensearch.yml content??

Thanks,
mj

Output of securityadmin.sh (looks fine):

$ sudo /usr/share/opensearch/plugins/opensearch-security/tools/securityadmin.sh -cd /etc/opensearch/opensearch-security -cert $ROOT_CERT -key $ROOT_KEY -cacert $CACERT -cn --clustername--
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=securityadmin"
OpenSearch Version: 2.16.0
Contacting opensearch cluster '--clustername--' and wait for YELLOW clusterstate ...
Clustername: --clustername--
Clusterstate: GREEN
Number of nodes: 3
Number of data nodes: 3
.opendistro_security index already exists, so we do not need to create one.
Populate config from /etc/opensearch/opensearch-security/
Will update '/config' with /etc/opensearch/opensearch-security/config.yml
   SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/opensearch/opensearch-security/roles.yml
   SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/opensearch/opensearch-security/roles_mapping.yml
   SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/opensearch/opensearch-security/internal_users.yml
   SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/opensearch/opensearch-security/action_groups.yml
   SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/opensearch/opensearch-security/tenants.yml
   SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/opensearch/opensearch-security/nodes_dn.yml
   SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/opensearch/opensearch-security/whitelist.yml
   SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/opensearch/opensearch-security/audit.yml
   SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/opensearch/opensearch-security/allowlist.yml
   SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","actiongroups","config","internalusers"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","actiongroups","config","internalusers"]) due to: null
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","actiongroups","config","internalusers"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","actiongroups","config","internalusers"]) due to: null
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","actiongroups","config","internalusers"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","actiongroups","config","internalusers"]) due to: null
Done with success

my opensearch config:

---
action.destructive_requires_name: true
bootstrap.memory_lock: true
cluster.indices.replication.strategy: SEGMENT
cluster.max_shards_per_node: 50000
cluster.name: --clustername--
cluster.routing.allocation.awareness.attributes: location
cluster.routing.allocation.cluster_concurrent_rebalance: 4
cluster.routing.allocation.disk.watermark.flood_stage: 99%
cluster.routing.allocation.disk.watermark.high: 97%
cluster.routing.allocation.disk.watermark.low: 93%
cluster.routing.allocation.node_concurrent_incoming_recoveries: 20
cluster.routing.allocation.node_concurrent_outgoing_recoveries: 20
cluster.routing.allocation.node_initial_primaries_recoveries: 40
cluster.routing.rebalance.enable: all
discovery.seed_hosts:
- host1
- host2
- host3
network.host: 0.0.0.0
node.attr.location: xyz
node.name: nodename
path.data: "/var/lib/opensearch"
path.logs: "/var/log/opensearch"
plugins.replication.autofollow.fetch_poll_interval: 30s
plugins.replication.autofollow.retry_poll_interval: 60s
plugins.security.audit.type: internal_opensearch
plugins.security.authcz.admin_dn:
- CN=securityadmin
plugins.security.nodes_dn:
- CN=opensearch
- CN=opensearch-xxxxx
- CN=opensearch-yyyyy
plugins.security.restapi.endpoints_disabled.security_rest_api_access.ACTIONGROUPS:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.endpoints_disabled.security_rest_api_access.CACHE:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.endpoints_disabled.security_rest_api_access.CONFIG:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.endpoints_disabled.security_rest_api_access.INTERNALUSERS:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.endpoints_disabled.security_rest_api_access.ROLES:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.endpoints_disabled.security_rest_api_access.ROLESMAPPING:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.endpoints_disabled.security_rest_api_access.SYSTEMINFO:
- PUT
- POST
- DELETE
- PATCH
plugins.security.restapi.roles_enabled:
- security_rest_api_access
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: "/secrets/opensearch.pem"
plugins.security.ssl.http.pemkey_filepath: "/secrets/opensearch.pkcs8"
plugins.security.ssl.http.pemtrustedcas_filepath: "/secrets/opensearch-ca_full.crt"
plugins.security.ssl.transport.pemcert_filepath: "/secrets/opensearch.pem"
plugins.security.ssl.transport.pemkey_filepath: "/secrets/opensearch.pkcs8"
plugins.security.ssl.transport.pemtrustedcas_filepath: "/secrets/opensearch-ca_full.crt"
plugins.security.ssl_cert_reload_enabled: true
plugins.security.system_indices.enabled: true
s3.client.default.endpoint: minio-xyz:9000
s3.client.default.path_style_access: 'true'
transport.bind_host: 0.0.0.0
transport.publish_host: transportname-xyz

@dbgtmaster, Is this a fresh OS 2.16 install or have you upgraded your cluster from previous versions? If upgraded what was the original version?

Thanks,
mj

The original version was 2.12 or 2.13.
I have about 15 clusters with different installed versions, and all clusters have this error.

@dbgtmaster, How do you deploy your Clusters?

Best,
mj

@Mantas i am using debian 11.10, deployed with the opensearch debian packages. (*.deb).

I’m getting exactly the same error, fresh install of OpenSearch 2.16 using debian packages on a three-node cluster with Debian 12.

I ran into this exact error for 2.13. See below for a temporary solution.

@merlinz01, @dbgtmaster

Did adding the below to audit.yml stop the errors from appearing for you?

config:
  enabled: false

thanks,
mj

Yes. The error is caused when that entry is missing; you can also set it to true.
I’m currently in the process of opening a PR to handle the error.

Today, i only tested with “enabled: false”, which stop the errors.
On monday, i will try it with “enabled: true”.

Regards,
Thomas