All shards failed after enabling the Enterprise version

Proximator · April 5, 2019, 3:22pm

Hello,

I have setup the search guard community version following the steps of this tutorial: ElasticSearch Security - Installing And Configuring Search-Guard How-To - Bugbear Thoughts

Everything worked as expected and I login into Kibana using admin/admin
but as it didn’t provide GUI configuration for roles/authorization, I tried to activate the entreprise trial version by adding :

searchguard.enterprise_modules_enabled: true
searchguard.restapi.roles_enabled: ["sg_all_access"]

To elasticsearch but when I restared both Elasticsearch and Kibana I got the following exception:

[2019-04-05T12:45:43,474][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [UxjXnMK] Search Guard License Type: TRIAL, valid
[2019-04-05T12:45:43,474][INFO ][c.f.s.c.IndexBaseConfigurationRepository] [UxjXnMK] Node 'UxjXnMK' initialized
[2019-04-05T12:46:26,281][DEBUG][o.e.a.s.TransportSearchAction] [UxjXnMK] All shards failed for phase: [query]
[2019-04-05T12:46:26,289][DEBUG][o.e.a.s.TransportSearchAction] [UxjXnMK] All shards failed for phase: [query]
[2019-04-05T12:46:26,289][WARN ][r.suppressed             ] [UxjXnMK] path: /.kibana/_search, params: {size=1000, ignore_unavailable=true, index=.kibana, filter_path=hits.hits._id}
org.elasticsearch.action.search.SearchPhaseExecutionException: all shards failed
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.onPhaseFailure(AbstractSearchAsyncAction.java:293) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.executeNextPhase(AbstractSearchAsyncAction.java:133) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.onPhaseDone(AbstractSearchAsyncAction.java:254) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.InitialSearchPhase.onShardFailure(InitialSearchPhase.java:101) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.InitialSearchPhase.lambda$performPhaseOnShard$1(InitialSearchPhase.java:209) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.InitialSearchPhase$1.doRun(InitialSearchPhase.java:188) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:759) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.TimedRunnable.doRun(TimedRunnable.java:41) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-6.6.0.jar:6.6.0]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_161]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_161]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_161]
[2019-04-05T12:46:26,282][WARN ][r.suppressed             ] [UxjXnMK] path: /.kibana/_search, params: {size=10000, ignore_unavailable=true, index=.kibana, filter_path=hits.hits._source.canvas-workpad}
org.elasticsearch.action.search.SearchPhaseExecutionException: all shards failed
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.onPhaseFailure(AbstractSearchAsyncAction.java:293) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.executeNextPhase(AbstractSearchAsyncAction.java:133) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.onPhaseDone(AbstractSearchAsyncAction.java:254) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.InitialSearchPhase.onShardFailure(InitialSearchPhase.java:101) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.InitialSearchPhase.lambda$performPhaseOnShard$1(InitialSearchPhase.java:209) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.search.InitialSearchPhase$1.doRun(InitialSearchPhase.java:188) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:759) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.TimedRunnable.doRun(TimedRunnable.java:41) [elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-6.6.0.jar:6.6.0]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_161]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_161]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_161]
[2019-04-05T12:46:26,280][WARN ][r.suppressed             ] [UxjXnMK] path: /.kibana/doc/kql-telemetry%3Akql-telemetry, params: {index=.kibana, id=kql-telemetry:kql-telemetry, type=doc}
org.elasticsearch.action.NoShardAvailableActionException: No shard available for [get [.kibana][doc][kql-telemetry:kql-telemetry]: routing [null]]
        at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.perform(TransportSingleShardAction.java:230) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.start(TransportSingleShardAction.java:209) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:100) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:62) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.support.TransportAction.doExecute(TransportAction.java:143) ~[elasticsearch-6.6.0.jar:6.6.0]
        at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:167) ~[elasticsearch-6.6.0.jar:6.6.0]
        at com.floragunn.searchguard.filter.SearchGuardFilter.apply0(SearchGuardFilter.java:253) ~[?:?]
        at com.floragunn.searchguard.filter.SearchGuardFilter.apply(SearchGuardFilter.java:107) ~[?:?]

Any idea what is the issue?

cstaley · April 8, 2019, 5:13am

What is your Elasticsearch and Search Guard Version?

Proximator · April 8, 2019, 9:14am

Elasticsearch: 6.6.0
com.floragunn:search-guard-6:6.6.0-24.3

cstaley · April 9, 2019, 10:40am

Thats sounds strange. How many nodes (master, data, coordinating) do you have in your cluster? I need to reproduce the issue but for now i don’t think thats really related to Search Guard. Make sure that you cluster is not in a “red” state (must be yellow or green) and are shards are assigned properly.

system · April 30, 2019, 10:51am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Search guard kibana not working. Search Guard	4	394	January 25, 2018
Search-Guard License from Compliance to Basic Search Guard	5	590	May 1, 2019
Search guard visualization not working. Search Guard	1	437	January 25, 2018
authentication failed through jwt Search Guard	5	1123	February 1, 2018
Search guard initialization fails with error none of the configured nodes are available Search Guard	9	591	November 10, 2022

All shards failed after enabling the Enterprise version

Related topics