cluster:

name: dst

node:

master: true

data: true

name: elasticsearch

ingest: true

network.host: 0.0.0.0

path:

data: /data/data

logs: /data/log

discovery:

zen:

ping.unicast.hosts: elasticsearch-discovery

minimum_master_nodes: 3

cluster.routing.allocation.disk.threshold_enabled: false

######## Start Search Guard Demo Configuration ########

WARNING: revise all the lines below before you go into production

searchguard.ssl.transport.pemcert_filepath: client.pem

searchguard.ssl.transport.pemkey_filepath: client-key.pem

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: false

#searchguard.ssl.http.enabled: true

#searchguard.ssl.http.pemcert_filepath: esnode.pem

#searchguard.ssl.http.pemkey_filepath: esnode-key.pem

#searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.allow_unsafe_democertificates: true

searchguard.allow_default_init_sgindex: true

searchguard.authcz.admin_dn:

• CN=kirk,OU=IT,O=IBM,L=Dallas,ST=TX,C=US

searchguard.audit.type: internal_elasticsearch

searchguard.enable_snapshot_restore_privilege: true

searchguard.check_snapshot_restore_write_privileges: true

searchguard.restapi.roles_enabled: [“sg_all_access”]

searchguard.enterprise_modules_enabled: false

node.max_local_storage_nodes: 3

######## End Search Guard Demo Configuration ########

Am 22.01.2018 um 15:14 schrieb Senthil kumar.R <rskit1986@gmail.com>:

Hi All,

ES Version - 6.1.2
Search Guard Version - 6.1.2-20.1

        I am facing the below issue after the installation of search guard plugin in elastic search on Kubernetes

[2018-01-22T13:32:58,969][INFO ][o.e.n.Node ] [elasticsearch] started
[2018-01-22T13:32:59,004][INFO ][c.f.s.c.IndexBaseConfigurationRepository] searchguard index does not exist yet, so we create a default config
[2018-01-22T13:32:59,009][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Will create searchguard index so we can apply default config
[2018-01-22T13:32:59,011][INFO ][o.e.g.GatewayService ] [elasticsearch] recovered [0] indices into cluster_state
[2018-01-22T13:32:59,125][INFO ][o.e.c.m.MetaDataCreateIndexService] [elasticsearch] [searchguard] creating index, cause [api], templates , shards [1]/[1], mappings
[2018-01-22T13:33:29,169][INFO ][c.f.s.s.ConfigHelper ] Will update 'config' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_config.yml

[2018-01-22T13:34:29,305][ERROR][c.f.s.c.ConfigurationLoader] Failure No shard available for [org.elasticsearch.action.get.MultiGetShardRequest@9e900a] retrieving configuration for [config, roles, rolesmapping, internalusers, actiongroups] (index=searchguard)

Below is my elastic search yaml file
----------------------------------------------------------

cluster:
    name: dst

node:
    master: true
    data: true
    name: elasticsearch
    ingest: true

network.host: 0.0.0.0

path:
    data: /data/data
    logs: /data/log

discovery:
    zen:
# ping.unicast.hosts: elasticsearch-discovery
        minimum_master_nodes: 3

cluster.routing.allocation.disk.threshold_enabled: false

######## Start Search Guard Demo Configuration ########
# WARNING: revise all the lines below before you go into production
searchguard.ssl.transport.pemcert_filepath: client.pem
searchguard.ssl.transport.pemkey_filepath: client-key.pem
searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem
searchguard.ssl.transport.enforce_hostname_verification: false
#searchguard.ssl.http.enabled: true
#searchguard.ssl.http.pemcert_filepath: esnode.pem
#searchguard.ssl.http.pemkey_filepath: esnode-key.pem
#searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem
searchguard.allow_unsafe_democertificates: true
searchguard.allow_default_init_sgindex: true
searchguard.authcz.admin_dn:
  - CN=kirk,OU=IT,O=IBM,L=Dallas,ST=TX,C=US

searchguard.audit.type: internal_elasticsearch
searchguard.enable_snapshot_restore_privilege: true
searchguard.check_snapshot_restore_write_privileges: true
searchguard.restapi.roles_enabled: ["sg_all_access"]
searchguard.enterprise_modules_enabled: false
node.max_local_storage_nodes: 3
######## End Search Guard Demo Configuration ########

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d9a48f59-be2e-4ed3-a31d-e8d39b0325a1%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.

Am 22.01.2018 um 15:14 schrieb Senthil kumar.R rski...@gmail.com:

On Monday, 22 January 2018 21:13:50 UTC+5:30, Search Guard wrote:

Am 23.01.2018 um 06:27 schrieb Senthil kumar.R <rskit1986@gmail.com>:

- Does your setup work without Search Guard? - Yes
- How many elasticsearch nodes you have? - 3 master and 2 data nodes
- Can you post a more complete log file? - attached
- Why did you set "cluster.routing.allocation.disk.threshold_enabled" to "false"? - setting to true also i tried and it was not working
- Does it work on non-kubernetes environment? - Yes

On Monday, 22 January 2018 21:13:50 UTC+5:30, Search Guard wrote:
We need a little bit more infos here:

- Does your setup work without Search Guard?
- How many elasticsearch nodes you have?
- Can you post a more complete log file?
- Why did you set "cluster.routing.allocation.disk.threshold_enabled" to "false"?
- Does it work on non-kubernetes environment?

> Am 22.01.2018 um 15:14 schrieb Senthil kumar.R <rski...@gmail.com>:
>
> Hi All,
>
> ES Version - 6.1.2
> Search Guard Version - 6.1.2-20.1
>
> I am facing the below issue after the installation of search guard plugin in elastic search on Kubernetes
>
> [2018-01-22T13:32:58,969][INFO ][o.e.n.Node ] [elasticsearch] started
> [2018-01-22T13:32:59,004][INFO ][c.f.s.c.IndexBaseConfigurationRepository] searchguard index does not exist yet, so we create a default config
> [2018-01-22T13:32:59,009][INFO ][c.f.s.c.IndexBaseConfigurationRepository] Will create searchguard index so we can apply default config
> [2018-01-22T13:32:59,011][INFO ][o.e.g.GatewayService ] [elasticsearch] recovered [0] indices into cluster_state
> [2018-01-22T13:32:59,125][INFO ][o.e.c.m.MetaDataCreateIndexService] [elasticsearch] [searchguard] creating index, cause [api], templates , shards [1]/[1], mappings
> [2018-01-22T13:33:29,169][INFO ][c.f.s.s.ConfigHelper ] Will update 'config' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_config.yml
>
> [2018-01-22T13:34:29,305][ERROR][c.f.s.c.ConfigurationLoader] Failure No shard available for [org.elasticsearch.action.get.MultiGetShardRequest@9e900a] retrieving configuration for [config, roles, rolesmapping, internalusers, actiongroups] (index=searchguard)
>
>
>
> Below is my elastic search yaml file
> ----------------------------------------------------------
>
>
> cluster:
> name: dst
>
> node:
> master: true
> data: true
> name: elasticsearch
> ingest: true
>
> network.host: 0.0.0.0
>
> path:
> data: /data/data
> logs: /data/log
>
> discovery:
> zen:
> # ping.unicast.hosts: elasticsearch-discovery
> minimum_master_nodes: 3
>
> cluster.routing.allocation.disk.threshold_enabled: false
>
> ######## Start Search Guard Demo Configuration ########
> # WARNING: revise all the lines below before you go into production
> searchguard.ssl.transport.pemcert_filepath: client.pem
> searchguard.ssl.transport.pemkey_filepath: client-key.pem
> searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem
> searchguard.ssl.transport.enforce_hostname_verification: false
> #searchguard.ssl.http.enabled: true
> #searchguard.ssl.http.pemcert_filepath: esnode.pem
> #searchguard.ssl.http.pemkey_filepath: esnode-key.pem
> #searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem
> searchguard.allow_unsafe_democertificates: true
> searchguard.allow_default_init_sgindex: true
> searchguard.authcz.admin_dn:
> - CN=kirk,OU=IT,O=IBM,L=Dallas,ST=TX,C=US
>
> searchguard.audit.type: internal_elasticsearch
> searchguard.enable_snapshot_restore_privilege: true
> searchguard.check_snapshot_restore_write_privileges: true
> searchguard.restapi.roles_enabled: ["sg_all_access"]
> searchguard.enterprise_modules_enabled: false
> node.max_local_storage_nodes: 3
> ######## End Search Guard Demo Configuration ########
>
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d9a48f59-be2e-4ed3-a31d-e8d39b0325a1%40googlegroups.com\.
> For more options, visit https://groups.google.com/d/optout\.

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/8742ba23-4755-4ec7-8db9-1f8bef888c83%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.
<es-sg.log>