Hey guys,
I’d like to use an open source alternative to shield on my own non-work project. So I’ve read about floragunn search guard, but not had much luck with it.
With the plugin installed
#plugin --list
Installed plugins:
- search-guard
ES simply fails to start:
#service elasticsearch start
Starting elasticsearch (via systemctl): [ OK ]
#systemctl status elasticsearch
elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled)
Active: failed (Result: exit-code) since Thu 2015-09-03 22:30:22 EDT; 40s ago
Docs: http://www.elastic.co
Process: 24149 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -Des.pidfile=$PID_DIR/elasticsearch.pid -Des.default.path.home=$ES_HOME -Des.default.path.logs=$LOG_DIR -Des.default.path.data=$DATA_DIR -Des.default.config=$CONF_FILE -Des.default.path.conf=$CONF_DIR (code=exited, status=3)
Main PID: 24149 (code=exited, status=3)
Sep 03 22:30:19 es3 elasticsearch[24149]: at org.elasticsearch.bootstrap.Bootstrap.setupLogging(Bootstrap.java:131)
Sep 03 22:30:19 es3 elasticsearch[24149]: at org.elasticsearch.bootstrap.Bootstrap.main(Bootstrap.java:216)
Sep 03 22:30:19 es3 elasticsearch[24149]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:32)
Sep 03 22:30:19 es3 elasticsearch[24149]: log4j:ERROR Either File or DatePattern options are not set for appender [access_log].
Sep 03 22:30:21 es3 elasticsearch[24149]: {1.7.1}: Initialization Failed …
Sep 03 22:30:21 es3 elasticsearch[24149]: - ExecutionError[java.lang.NoClassDefFoundError: org/elasticsearch/common/ContextHolder]
Sep 03 22:30:21 es3 elasticsearch[24149]: NoClassDefFoundError[org/elasticsearch/common/ContextHolder]
Sep 03 22:30:21 es3 elasticsearch[24149]: ClassNotFoundException[org.elasticsearch.common.ContextHolder]
Sep 03 22:30:22 es3 systemd1: elasticsearch.service: main process exited, code=exited, status=3/NOTIMPLEMENTED
Sep 03 22:30:22 es3 systemd1: Unit elasticsearch.service entered failed state.
As soon as I remove search-guard, I appear to be back in business:
#plugin --remove search-guard
→ Removing search-guard…
Removed search-guard
#service elasticsearch start
Starting elasticsearch (via systemctl): [ OK ]
#systemctl status elasticsearch
elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled)
Active: active (running) since Thu 2015-09-03 22:41:32 EDT; 1min 5s ago
Docs: http://www.elastic.co
Main PID: 25025 (java)
CGroup: /system.slice/elasticsearch.service
└─25025 /bin/java -Xms1g -Xmx1g -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75…
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.parseAppender(PropertyConfigurator.java:842)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.parseCategory(PropertyConfigurator.java:768)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.parseCatsAndRenderers(PropertyConfigurator.java:672)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.doConfigure(PropertyConfigurator.java:516)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.configure(PropertyConfigurator.java:440)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.common.logging.log4j.LogConfigurator.configure(LogConfigurator.java:112)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.bootstrap.Bootstrap.setupLogging(Bootstrap.java:131)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.bootstrap.Bootstrap.main(Bootstrap.java:216)
Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:32)
Sep 03 22:41:33 es3 elasticsearch[25025]: log4j:ERROR Either File or DatePattern options are not set for appender [access_log].
I installed version 0.5. Maybe the problem is with the version I installed? I’ve found no version matrix on the project page on github the way I normally do on other plugin pages.
Here’s the github page for the project:
Search Guard Security Plugin for ES 1.6
I didn’t find a version for 1.7, so I tried the version for 1.6 hoping for backward compatibility.
Just wondering if anyone has any experience with this plugin in getting it to work under ES 1.7.1. I’m running this on CentOS 7.