Hi,
Greetings!
We have been trying to install SearchGuard in our Dev cluster (2 Master + 4 Data nodes). I am blocked by the error: [ERROR][c.f.s.t.SearchGuardRequestHandler] Internal or shard requests not allowed from a non-server node for transport type netty
I have tried adding searchguard.cert.oid: 1.2.3.4.5.5 in elasticsearch.yml. Still getting same error.
We have Certificate chain and it shows mutiple Oid’s when I list it using Keytool. So I tried adding searchguard.nodes_dn with all listed “CN=XXXX”, still getting the same error.
Can someone guide me to resolve this issue.
Best Regards,
Rakesh
Error message for reference:
c.f.s.t.SearchGuardRequestHandler] Internal or shard
requests not allowed from a non-server node for transport type netty
o.e.a.a.i.c.TransportCreateIndexAction] [node372M]
no known master node, scheduling a retry
[o.e.d.z.UnicastZenPing ] [node372M] [9]
failed send ping to {#zen_unicast_XXXXXX}
java.lang.IllegalStateException: handshake failed
with {#zen_unicast_XXXX}
at
org.elasticsearch.transport.TransportService.handshake(TransportService.java:364)
~[elasticsearch-5.2.2.jar:5.2.2]
at
org.elasticsearch.discovery.zen.UnicastZenPing$PingingRound.getOrConnect(UnicastZenPing.java:393)
~[elasticsearch-5.2.2.jar:5.2.2]
at
org.elasticsearch.discovery.zen.UnicastZenPing$3.doRun(UnicastZenPing.java:500)
[elasticsearch-5.2.2.jar:5.2.2]
at
org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:596)
[elasticsearch-5.2.2.jar:5.2.2]
at
org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37)
[elasticsearch-5.2.2.jar:5.2.2]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[?:1.8.0_131]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[?:1.8.0_131]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_131]