How to tell if opendistro has been initialized

jondetert · June 1, 2020, 1:57pm

Hi, I’m trying to write ansible to install/configure the opendistro security plugin on top of elasticsearch. I’m using the opendistro_security/tools/securityadmin.sh to initialize the plugin, but I understand that the shell script is not idempotent: I can’t run it without clobbering any user-defined roles and role-mappings. So, I need a way to determine whether the opendistro security plugin has been initialized.

Should I just call the shell script with the --show-info argument? When opendistro_security hasn’t yet been initialized, it fails with a stack trace and return code 255. I assume it will do otherwise when it’s been initialized. Is there a better way to do this?

Thanks!

jondetert · June 1, 2020, 7:19pm

It looks like the following works, which i like better than using the securityadmin.sh script:

http GET https://eshost:esport/.opendestro_security

and if it does not return an HTTP response of 200, assume opendistro hasn’t been initialized

jondetert · June 1, 2020, 8:55pm

That didn’t work either, becuz sometimes the http GET would return a 503 with the message, ‘OpenDistro not initialized’, and sometimes it would return a 404. It seems dangerous to assume that any/all 503’s are due to O.D. not being initialized.

So, instead, I just create a marker file when OD is initialized, and check for the existence of the marker file before initializing.

Topic		Replies	Views
Security Not initialized error on Elasticsearch Restart Security	1	749	April 15, 2021
After securityadmin.sh opendistro_security index does not exist Security	1	1261	February 25, 2020
Troubleshooting Security Plugin Issues Security	22	11435	May 20, 2020
OpenDistro not initialized after recreating security indes. Nodes report initialized. Cluster still RED Security	1	1311	April 28, 2021
Opendistro Security not Initialized Security	3	1705	June 21, 2021

How to tell if opendistro has been initialized

Related Topics