I have been tinkering with OpenSearch and OpenSearch Dashboards for a proof of concept solution at work.
All of a sudden my OpenSearch container will not start, and there are lots of errors regarding missing certificates in the logs. Cert files that I am sure used to be there, no longer are. Maybe I have accidently kicked it out of demo mode somehow.
Documentation states:
The demo configuration is automatically called as part of the setup for each supported distribution of OpenSearch.
What triggers the demo configuration tool?
Is it the fact that OPENSEARCH_INITIAL_ADMIN_PASSWORD is set?
Is it the fact that a custom opensearch.yml file is not been provided?
@big-edd If you deployed your OpeneSearch node as a service or binary tar file then you need to initiate the security plugin.
The easiest way is to execute install_demo_configuration.sh. It will configure basic security and add default configuration to the opensearch.yml file.
This is not required if you would use docker or Kubernetes deployment.
I am building our container “FROM opensearchproject/opensearch:latest”, so I will look at running it during the build process.
Since we have not needed this before with this container build, I am still curious about how install_demo_configuration.sh is normally executed in the OpenSearch container?
As you’ll notice the installation of the demo configuration is set to false.
The security plugin configuration is already configured in the opensearch.yml file and demo configuration files are present in the /usr/share/opensearch/config/opensearch-security folder.
When OpenSearch starts, the security plugin checks if the .opendistro_security. If it doesn’t exist it will initiate with the demo configuration. Otherwise, it will use the existing index.