So I’m a bit confused by this one, due to some certificate renewal I had to reset some security settings and subsequently rebuild the security index.
That’s done, all successful using the security admin.
All nodes are report “initialized” but the cluster state is still red and curling the API still shows the following:
[2019-07-30T03:24:47,561][INFO ][c.a.o.s.c.IndexBaseConfigurationRepository] [elasticsearch-opendistro-es-master-5ccdf48f59-fsm6s] Node 'elasticsearch-opendistro-es-master-5ccdf48f59-fsm6s' initialized
[2019-07-30T03:24:51,016][ERROR][c.a.o.s.a.BackendRegistry] [elasticsearch-opendistro-es-master-5ccdf48f59-fsm6s] Not yet initialized (you may need to run securityadmin)
[2019-07-30T03:24:52,583][ERROR][c.a.o.s.a.BackendRegistry] [elasticsearch-opendistro-es-master-5ccdf48f59-fsm6s] Not yet initialized (you may need to run securityadmin)
The index exists and is in a green state (I disabled security temporarily to check). I ran security admin manually and it was successful. I then reloaded it.
[root@elasticsearch-opendistro-es-master-5ccdf48f59-4kdkk tools]# sh securityadmin.sh -cd ../securityconfig/ -cert /usr/share/elasticsearch/config/admin-certs/elk-admin-crt.pem -cacert /usr/share/elasticsearch/config/admin-certs/elk-admin-root-ca.pem -key /usr/share/elasticsearch/config/admin-certs/elk-admin-key.pem -icl -arc
Open Distro Security Admin v6
Will connect to localhost:9300 ... done
Elasticsearch Version: 6.7.1
Open Distro Security Version: 0.9.0.0
Connected as <blah>
Contacting elasticsearch cluster 'elasticsearch' ...
Clustername: elasticsearch
Clusterstate: RED
Number of nodes: 19
Number of data nodes: 6
.opendistro_security index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
Will update 'security/config' with ../securityconfig/config.yml
SUCC: Configuration for 'config' created or updated
Will update 'security/roles' with ../securityconfig/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update 'security/rolesmapping' with ../securityconfig/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update 'security/internalusers' with ../securityconfig/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update 'security/actiongroups' with ../securityconfig/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Done with success
Any ways I can bypass this? It’s a super weird scenario and I’d rather not lose our data.