If you think it is a bug report or you have a technical issue, please answer the following questions. For general questions, you can delete these questions.
Elasticsearch version: 6.8.2
SG version 6-6.8.2-25-5
Describe the issue:
After disk fulfillment all indices went to
“blocks” : {
“read_only_allow_delete” : “true”
},
as well as searchguard index.
I have extended disk space but also I need to remove this block with
‘{ “index.blocks.read_only_allow_delete”: null }’
I tried to make a curl with admin certificate but got
curl -k --cert certificate.pem --key mydomain.key -XPUT "http://localhost:9200/_all/_settings" -H 'Content-Type: application/json' -d '{ "index.blocks.read_only_allow_delete": null }'
Unauthorized
Also I tried to use sgadmin.sh to remove searchguard index but
${SG_PLUGIN_DIR}/tools/sgadmin.sh -ts ${ES_STORE_DIR}/truststore.jks -tspass changeit -ks ${ES_STORE_DIR}/broker.jks -kspass changeit -dci -nhnv
Search Guard Admin v6
Will connect to localhost:9300 ... done
Unable to check whether cluster is sane: None of the configured nodes are available: [{#transport#-1}{JayJ2ve0RkitYofJmXQXVw}{localhost}{127.0.0.1:9300}]
ERR: Cannot connect to Elasticsearch. Please refer to elasticsearch logfile for more information
Trace:
NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{JayJ2ve0RkitYofJmXQXVw}{localhost}{127.0.0.1:9300}]]
at org.elasticsearch.client.transport.TransportClientNodesService.ensureNodesAreAvailable(TransportClientNodesService.java:352)
at org.elasticsearch.client.transport.TransportClientNodesService.execute(TransportClientNodesService.java:248)
at org.elasticsearch.client.transport.TransportProxyClient.execute(TransportProxyClient.java:60)
at org.elasticsearch.client.transport.TransportClient.doExecute(TransportClient.java:388)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:403)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:391)
at com.floragunn.searchguard.tools.SearchGuardAdmin.execute(SearchGuardAdmin.java:460)
at com.floragunn.searchguard.tools.SearchGuardAdmin.main(SearchGuardAdmin.java:123)
Provide configuration:
elasticsearch/config/elasticsearch.yml
path:
logs: "/var/vcap/sys/log/elasticsearch"
data: "/var/vcap/store/elasticsearch"
repo: "/var/vcap/store/elasticsearch"
bootstrap.memory_lock: true
cluster.name: es_cluster
network.host: 0.0.0.0
xpack.security.enabled: false
searchguard.enterprise_modules_enabled: false
searchguard.enable_snapshot_restore_privilege: true
searchguard:
authcz:
admin_dn:
- CN=broker,OU=client,O=client,L=test, C=DE
ssl:
transport:
keystore_filepath: nodename-keystore.jks
keystore_password: changeit
truststore_filepath: truststore.jks
truststore_password: changeit
enforce_hostname_verification: false
elasticsearch/plugins/search-guard/sgconfig/sg_config.yml
searchguard:
dynamic:
# Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index
# Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default)
# Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
#filtered_alias_mode: warn
#kibana:
# Kibana multitenancy - NOT FREE FOR COMMERCIAL USE
# see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md
# To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki
#multitenancy_enabled: true
#server_username: kibanaserver
#index: '.kibana'
#do_not_fail_on_forbidden: false
http:
anonymous_auth_enabled: false
xff:
enabled: false
internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern
#internalProxies: '.*' # trust all internal proxies, regex pattern
remoteIpHeader: 'x-forwarded-for'
proxiesHeader: 'x-forwarded-by'
#trustedProxies: '.*' # trust all external proxies, regex pattern
###### see https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for regex help
###### more information about XFF https://en.wikipedia.org/wiki/X-Forwarded-For
###### and here https://tools.ietf.org/html/rfc7239
###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve
authc:
basic_internal_auth_domain:
http_enabled: true
transport_enabled: true
order: 4
http_authenticator:
type: basic
challenge: true
authentication_backend:
type: intern