The cluster is deployed as it is said in the OpenSearch documentation. There are three machines. One of them is master:
---------------- Master OpenSearch ------------------------
cluster.name: Graylog
node.name: OpenSearch1
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
network.host: 0.0.0.0
discovery.seed_hosts: ["192.168.x.x", "192.168.x.x", "192.168.x.x"]
node.roles: [master]
plugins.security.ssl.transport.pemcert_filepath: esnode.pem
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: esnode.pem
plugins.security.ssl.http.pemkey_filepath: esnode-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: root-ca.pem
plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn:
- CN=kirk,OU=client,O=client,L=test, C=de
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access "]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".plugins-ml-config", ".plugins-ml-con nector", ".plugins-ml-model-group", ".plugins-ml-model", ".plugins-ml-task", ".p lugins-ml-conversation-meta", ".plugins-ml-conversation-interactions", ".opendis tro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-result s*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opend istro-anomaly-detection-state", ".opendistro-reports-*", ".opensearch-notificati ons-*", ".opensearch-notebooks", ".opensearch-observability", ".ql-datasources", ".opendistro-asynchronous-search-response*", ".replication-metadata-store", ".o pensearch-knn-models", ".geospatial-ip2geo-data*"]
node.max_local_storage_nodes: 3
action.auto_create_index: false
plugins.security.disabled: true
-----------------------------------------------------------------------------------
And two data nodes:
------------------------- Data node 1 --------------------------
cluster.name: Graylog
node.name: OpenSearch2
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
network.host: 0.0.0.0
discovery.seed_hosts: ["192.168.x.x", "192.168.x.x", "192.168.x.x"]
node.roles: [data]
plugins.security.ssl.transport.pemcert_filepath: esnode.pem
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: esnode.pem
plugins.security.ssl.http.pemkey_filepath: esnode-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: root-ca.pem
plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn:
- CN=kirk,OU=client,O=client,L=test, C=de
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access "]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".plugins-ml-config", ".plugins-ml-con nector", ".plugins-ml-model-group", ".plugins-ml-model", ".plugins-ml-task", ".p lugins-ml-conversation-meta", ".plugins-ml-conversation-interactions", ".opendis tro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-result s*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opend istro-anomaly-detection-state", ".opendistro-reports-*", ".opensearch-notificati ons-*", ".opensearch-notebooks", ".opensearch-observability", ".ql-datasources", ".opendistro-asynchronous-search-response*", ".replication-metadata-store", ".o pensearch-knn-models", ".geospatial-ip2geo-data*"]
node.max_local_storage_nodes: 3
action.auto_create_index: false
plugins.security.disabled: true
--------------------------------------------------------------------------------------------------
---------------------- Data node 2 ------------------------------------------------
cluster.name: Graylog
node.name: OpenSearch2
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
network.host: 0.0.0.0
discovery.seed_hosts: ["192.168.x.x", "192.168.x.x", "192.168.x.x"]
node.roles: [data]
plugins.security.ssl.transport.pemcert_filepath: esnode.pem
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: esnode.pem
plugins.security.ssl.http.pemkey_filepath: esnode-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: root-ca.pem
plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn:
- CN=kirk,OU=client,O=client,L=test, C=de
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access "]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".plugins-ml-config", ".plugins-ml-con nector", ".plugins-ml-model-group", ".plugins-ml-model", ".plugins-ml-task", ".p lugins-ml-conversation-meta", ".plugins-ml-conversation-interactions", ".opendis tro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-result s*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opend istro-anomaly-detection-state", ".opendistro-reports-*", ".opensearch-notificati ons-*", ".opensearch-notebooks", ".opensearch-observability", ".ql-datasources", ".opendistro-asynchronous-search-response*", ".replication-metadata-store", ".o pensearch-knn-models", ".geospatial-ip2geo-data*"]
node.max_local_storage_nodes: 3
action.auto_create_index: false
plugins.security.disabled: true
---------------------------------------------------------------------------------------------------
I tried to change the default dashboard password using this guide - How to Change the Admin Password in OpenSearch (opster.com) but after adding the configuration in step 4 in the config file I received a fatal error with description - ValidationError: [config validation of [opensearch_security].auth.type]: types that failed validation. Is it a problem that I don’t have HTTPS set up for the cluster?