Disclaimer: I have only done one or two “regular” ELK stack installations, so I am not really an “experienced” guy.
One thing that bothered / confused me during installation of ODfE is the security plugin.
Because you sometimes don’t see these things anymore when you are used to them, I am trying to describe my thought process during installation:
OpenDistro for Elasticsearch Security Demo Installer
** Warning: Do not use on production or public reachable systems **
Uhm? What is going on? I am trying to install this for a production system? How do I do that and why does it do this automatically?
### Success
Ah nice, that was easy.
### Execute this script now on all your nodes and then start all nodes
### Open Distro Security will be automatically initialized.
Wait? I thought this has just been done automatically when the package got installed? Why do I have to run it on all nodes again now? Also what is this script?
### If you like to change the runtime configuration
### change the files in ../securityconfig and execute:
../securityconfig
? That does not exist below my current folder.
sudo "/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh" -cd "/usr/share/elasticsearch/plugins/opendistro_security/securityconfig" -icl -key "/etc/elasticsearch/kirk-key.pem" -cert "/etc/elasticsearch/kirk.pem" -cacert "/etc/elasticsearch/root-ca.pem" -nhnv
Ah, that might explain the folder, but what does it do? Do I have to run it now?
### or run ./securityadmin_demo.sh
### To use the Security Plugin ConfigurationGUI
### To access your secured cluster open https://<hostname>:<HTTP port> and log in with admin/admin.
### (Ignore the SSL certificate warning because we installed self-signed demo certificates)
Hm? Do I run that script To use the Security Plugin ConfigurationGUI or To access your secured cluster… or both?
What does that script do anyway and wasn’t it just run already (see above mentioning of “Demo Installer”)?
admin/admin
? Seriously? Experience with other software packages shows that people will have installations using this on publicly reachable production servers. No matter how often you tell them to not do that. Please don’t even give them a chance to do so.
Neither of these steps is documented for the installation.
After this I wasn’t sure where to go from here. How do I set up a multi node system with a script that automatically sets up non-production systems without asking me a thing?
I’ll probably figure these things out soon, but at first glace and for my first experience with ODfE it was really confusing…