Master node unable to connect to worker node

---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster: esdl-cluster

------------------------------------ Node ------------------------------------

Use a descriptive name for the node: esdl-cluster_manager
node.roles: [ cluster_manager ]
#node.master: true false
#node.ingest: false

Add custom attributes to the node:

#node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma): /var/lib/opensearch

Path to log files:

path.logs: /var/log/opensearch

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

#bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available

on the system and that the owner of the process is allowed to use this


OpenSearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

Set the bind address to a specific IP (IPv4 or IPv6):

Set a custom port for HTTP:

http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:

The default list of hosts is [“”, “[::1]”]

discovery.seed_hosts: [“”, “”, “”]

Bootstrap the cluster using an initial set of cluster-manager-eligible nodes:

cluster.initial_cluster_manager_nodes: [“esdl-cluster_manager”, “esdl-worker1”, “esdl-worker2”]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Gateway -----------------------------------

Block initial recovery after a full cluster restart until N nodes are started:

#gateway.recover_after_nodes: 3

For more information, consult the gateway module documentation.

---------------------------------- Various -----------------------------------

Require explicit names when deleting indices:

#action.destructive_requires_name: true

---------------------------------- Remote Store -----------------------------------

Controls whether cluster imposes index creation only with remote store enabled

cluster.remote_store.enabled: true

Repository to use for segment upload while enforcing remote store for an index

node.attr.remote_store.segment.repository: my-repo-1

Repository to use for translog upload while enforcing remote store for an index

node.attr.remote_store.translog.repository: my-repo-1

---------------------------------- Experimental Features -----------------------------------

Gates the visibility of the experimental segment replication features until they are production ready.

OpenSearch.experimental.feature.segment_replication_experimental.enabled: false

Gates the functionality of a new parameter to the snapshot restore API

that allows for creation of a new index type that searches a snapshot

directly in a remote repository without restoring all index data to disk

ahead of time.

OpenSearch.experimental.feature.searchable_snapshot.enabled: false

Gates the functionality of enabling extensions to work with OpenSearch.

This feature enables applications to extend features of OpenSearch outside of

the core.

OpenSearch.experimental.feature.extensions.enabled: false

Gates the concurrent segment search feature. This feature enables concurrent segment search in a separate

index searcher threadpool.

OpenSearch.experimental.feature.concurrent_segment_search.enabled: false

######## Start OpenSearch Security Demo Configuration ########

WARNING: revise all the lines below before you go into production node1.pem node1-key.pem root-ca.pem false true node1.pem node1-key.pem root-ca.pem true true
# - CN=esdl-cluster,OU=IT,O=ORG,L=SINGAPORE, C=SG

  • CN=sin-os-3,OU=IT,O=ORG,L=SINGAPORE, C=SG false internal_opensearch true true [“all_access”, “security_rest_api_access”] true [“.plugins-ml-config”, “.plugins-ml-connector”, “.plugins-ml-model-group”, “.plugins-ml-model”, “.plugins-ml-task”, “.plugins-ml-conversation-meta”, “.plugins-ml-conversation-interactions”, “.opendistro-alerting-config”, “.opendistro-alerting-alert*”, “.opendistro-anomaly-results*”, “.opendistro-anomaly-detector*”, “.opendistro-anomaly-checkpoints”, “.opendistro-anomaly-detection-state”, “.opendistro-reports-", ".opensearch-notifications-”, “.opensearch-notebooks”, “.opensearch-observability”, “.ql-datasources”, “.opendistro-asynchronous-search-response*”, “.replication-metadata-store”, “.opensearch-knn-models”, “.geospatial-ip2geo-data*”]

#node.max_local_storage_nodes: 3

Welcome, @yashkumar!

Next time you post a code snippet, use triple backticks (```) to surround them, they’ll look much nicer.

Does this answer help you? "Transport Client Authentication no longer supported" error when deploying cluster with security plugin enabled - #9 by pablo

According to your config, you’re using demo certificates. Did you enable it in all nodes?