searchguard/es: 5.3.0
- my cert is expired and i make a self-signed cert by example-pki-scripts. and i replace them for es cluster and sgtool too
when I restart the es cluster, then i was told: “index ‘searchguard’ not healthy yet, we try again … (Reason: no response)”, I wait 1 hour and still got that log, so:
-
then I uninstall searchguard for removing the “searchguard” indice.
-
then I reinstall searchguard again, and i was still told: “index ‘searchguard’ not healthy yet, we try again … (Reason: no response)”
-
then I start to execute sgadmintool, and i was told:
IndicesStatsRequest:
ClusterBlockException[blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];]
at org.elasticsearch.cluster.block.ClusterBlocks.globalBlockedException(ClusterBlocks.java:165)
at org.elasticsearch.action.admin.indices.stats.TransportIndicesStatsAction.checkGlobalBlock(TransportIndicesStatsAction.java:70)
at org.elasticsearch.action.admin.indices.stats.TransportIndicesStatsAction.checkGlobalBlock(TransportIndicesStatsAction.java:47)
at org.elasticsearch.action.support.broadcast.node.TransportBroadcastByNodeAction$AsyncAction.(TransportBroadcastByNodeAction.java:256)
at org.elasticsearch.action.support.broadcast.node.TransportBroadcastByNodeAction.doExecute(TransportBroadcastByNodeAction.java:234)
at org.elasticsearch.action.support.broadcast.node.TransportBroadcastByNodeAction.doExecute(TransportBroadcastByNodeAction.java:79)
``
it seems step into a dead cycle, I really have no idea about this problem. which cost me so many hours. I just wanna replace a new certificate. after my step 2, we can take the es cluster as its first time to use searchguard, why still failed? I cannot understand, could you guys/experts give me some help. its really strange