NoNodeAvailableException[None of the configured nodes are available:

Search Guard
1

Hi,
I’m running Centos7.3

Elasticsearch 5.2

searchguard 5.2

java version “1.8.0_112”

After all the configuration of ssl encryption of ES:

-Installing searchguard plugin 5.1.2-10

-Generating ssl files and ordering them

-openssl conf by adding netty-tcnative-1.1.33.Fork25-linux-x86_64.jar

  • elasticsearch.yml:

bootstrap: {memory_lock: true}

cluster: {name: elasticsearch}

discovery:

zen:

minimum_master_nodes: 1

ping:

unicast: {hosts: ‘efk1,efk2’}

http: {host: 192.168.40.168, max_content_length: 100mb, port: 9200}

network: {host: 192.168.40.168}

node: {data: true, master: true, name: ekf1}

path: {conf: /etc/elasticsearch, data: /var/lib/elasticsearch, logs: /var/log/elasticsearch,

scripts: /usr/share/elasticsearch/config/scripts}

transport: {tcp.compress: true, tcp.port: 9300}

BEGIN ANSIBLE MANAGED BLOCK

searchguard.authcz.admin_dn:

  • CN=kirk,OU=client,O=client,L=test, C=DE

searchguard.ssl.transport.keystore_filepath: node-0-keystore.jks

searchguard.ssl.transport.keystore_password: changeit

searchguard.ssl.transport.truststore_filepath: truststore.jks

searchguard.ssl.transport.truststore_password: changeit

searchguard.ssl.transport.enforce_hostname_verification: false

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: node-0-keystore.jks

searchguard.ssl.http.keystore_password: changeit

searchguard.ssl.http.truststore_filepath: truststore.jks

searchguard.ssl.http.truststore_password: changeit

END ANSIBLE MANAGED BLOCK

``

then while running the command:
tools/sgadmin.sh -cd sgconfig/ -ks sgconfig/kirk-keystore.jks -ts sgconfig/truststore.jks -nhnv -h 192.168.40.168 --diagnose

I have the following issue in the diag_trace file included,

Thanks,

sgadmin_diag_trace_2017-Jan-20_11-20-43.txt (13.9 KB)

2

Have you tried to add the -icl flag to sgadmin?

···

Am Dienstag, 14. Februar 2017 09:02:08 UTC+1 schrieb Oucema Bellagha:

Hi,
I’m running Centos7.3

Elasticsearch 5.2

searchguard 5.2

java version “1.8.0_112”

After all the configuration of ssl encryption of ES:

-Installing searchguard plugin 5.1.2-10

-Generating ssl files and ordering them

-openssl conf by adding netty-tcnative-1.1.33.Fork25-linux-x86_64.jar

  • elasticsearch.yml:

bootstrap: {memory_lock: true}

cluster: {name: elasticsearch}

discovery:

zen:

minimum_master_nodes: 1

ping:

unicast: {hosts: ‘efk1,efk2’}

http: {host: 192.168.40.168, max_content_length: 100mb, port: 9200}

network: {host: 192.168.40.168}

node: {data: true, master: true, name: ekf1}

path: {conf: /etc/elasticsearch, data: /var/lib/elasticsearch, logs: /var/log/elasticsearch,

scripts: /usr/share/elasticsearch/config/scripts}

transport: {tcp.compress: true, tcp.port: 9300}

BEGIN ANSIBLE MANAGED BLOCK

searchguard.authcz.admin_dn:

  • CN=kirk,OU=client,O=client,L=test, C=DE

searchguard.ssl.transport.keystore_filepath: node-0-keystore.jks

searchguard.ssl.transport.keystore_password: changeit

searchguard.ssl.transport.truststore_filepath: truststore.jks

searchguard.ssl.transport.truststore_password: changeit

searchguard.ssl.transport.enforce_hostname_verification: false

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: node-0-keystore.jks

searchguard.ssl.http.keystore_password: changeit

searchguard.ssl.http.truststore_filepath: truststore.jks

searchguard.ssl.http.truststore_password: changeit

END ANSIBLE MANAGED BLOCK

``

then while running the command:
tools/sgadmin.sh -cd sgconfig/ -ks sgconfig/kirk-keystore.jks -ts sgconfig/truststore.jks -nhnv -h 192.168.40.168 --diagnose

I have the following issue in the diag_trace file included,

Thanks,