Hello!
I am trying to setup search guard 2.
I have 2 data nodes, 1 master node and 1 search node.
Search guard ssl is already installed and working
I have install both plugins on every node in the cluster. In the documentation it said: "search-guard-2
needs only a single entry in elasticsearch.yml " Does it mean it is enough if all the configuration it is done in the elasticsearch.yml in the master node?
Also, in the documentation example, we have inside /usr/share/elasticsearch/plugins/search-guard-2/sgconfig many files as:
- elasticsearch.yml
- node-0-keystore.jks
- node-2-keystore.jks
- sg_config.yml
- sg_roles_mapping.yml
- spock-keystore.jks
- kirk-keystore.jks
- node-1-keystore.jks
- sg_action_groups.yml
- sg_internal_users.yml
- sg_roles.yml
- truststore.jks
Do we need all the nodes keystore?
and we have to apply the configuration:
plugins/search-guard-2/tools/sgadmin.sh -cd plugins/search-guard-2/sgconfig/ -ks plugins/search-guard-2/sgconfig/keystore.jks -ts plugins/search-guard-2/sgconfig/truststore.jks -nhnv
Do we need to apply the configuration in every node?
Which keystore and truststore are used? Can we use the same as for search-guard-ssl?
After using the keystore and truststore that we have from search-guard-ssl, running the sgadmin.sh we get the error:
{localhost/127.0.0.1:9300} not part of the cluster Cluster [elasticsearch], ignoring…
Exception in thread “main” NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{127.0.0.1}{localhost/127.0.0.1:9300}]]
at org.elasticsearch.client.transport.TransportClientNodesService.ensureNodesAreAvailable(TransportClientNodesService.java:290)
at org.elasticsearch.client.transport.TransportClientNodesService.execute(TransportClientNodesService.java:207)
at org.elasticsearch.client.transport.support.TransportProxyClient.execute(TransportProxyClient.java:55)
at org.elasticsearch.client.transport.TransportClient.doExecute(TransportClient.java:286)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:351)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:340)
at org.elasticsearch.client.support.AbstractClient$ClusterAdmin.execute(AbstractClient.java:840)
at org.elasticsearch.client.support.AbstractClient$ClusterAdmin.health(AbstractClient.java:860)
at com.floragunn.searchguard.tools.SearchGuardAdmin.main(SearchGuardAdmin.java:144)
The line 144 is when we try to get the cluster_health, and actually we cannot get the health of the cluster:
curl https://myessearchnode:9200/_cluster/health?pretty
Search Guard not initialized (SG11)
Do you have any idea of how to solve these problems?
Thanks in advance!!
Cheers,
Rocio