sgadmin - No nodes available

Hi,

Installed and used enterprise modules, if any - No We are using community module

JVM version and operating system version - 1.8

Elasticsearch 6.2.0
Searchguard is 6.2.2

we installed searchguard for elasticsearch and followed all process, but after executing elasticsearch, it is not starting elasticsearch, giving Not yet initialized [you may need to run sgadmin]
while running sgadmin it is giving NoNodesAvalaible exception error.
error: unable to check whether cluster is sane: none f the configured nodes are available.

Below is the sgadmin command which we are using :

sgadmin.sh -cd ..\sgconfig -key ..\..\..\config\kirk-key.pem -cert ..\..\..\config\kirk.pem -cacert ..\..\..\config\root-ca.pem -nhnv -icl

Any early solution for this will be very helpful.
Thanks in advance:-)

I am experiencing the exact same issue, though with newer versions of SG and ES.

Elasticsearch is 6.3.0

Search Guard is 22.3 (SG6-6.3.0)

Java is 1.8.0 (Oracle)

3-node ES cluster on AWS, security groups allow traffic between nodes on 9300, discovery-ec2 plugin finds the other nodes, all have certificates with CNs that match the elasticsearch.yml configuration options.

Trying to run sgadmin.sh yields:

$ /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh \

-cd sgconfig -icl -nhnv
-cacert /etc/elasticsearch/ssl/ca.pem
-cert /root/admin.pem
-key /root/admin-key.pem
WARNING: JAVA_HOME not set, will use /usr/bin/java
Search Guard Admin v6
Will connect to localhost:9300 … done
Unable to check whether cluster is sane: None of the configured nodes are available: [{#transport#-1}{73T-3U1pRxu2xv1rNReE-Q}{localhost}{127.0.0.1:9300}]
ERR: Cannot connect to Elasticsearch. Please refer to elasticsearch logfile for more information
Trace:
NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{73T-3U1pRxu2xv1rNReE-Q}{localhost}{127.0.0.1:9300}]]
at org.elasticsearch.client.transport.TransportClientNodesService.ensureNodesAreAvailable(TransportClientNodesService.java:347)
at org.elasticsearch.client.transport.TransportClientNodesService.execute(TransportClientNodesService.java:245)
at org.elasticsearch.client.transport.TransportProxyClient.execute(TransportProxyClient.java:60)
at org.elasticsearch.client.transport.TransportClient.doExecute(TransportClient.java:378)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:405)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:394)
at com.floragunn.searchguard.tools.SearchGuardAdmin.main0(SearchGuardAdmin.java:451)
at com.floragunn.searchguard.tools.SearchGuardAdmin.main(SearchGuardAdmin.java:124)

``

However, nothing shows up in /var/log/elasticsearch/elasticsearch.log.

I have trawled through Google, Stack Overflow and the GitHub issues for this project and none of the responses or solutions offered explain why this happens.

Launching the above with -dg also doesn’t yield a stack trace, nor does it work with -arc.

···

On Friday, May 18, 2018 at 7:16:22 PM UTC+12, sanjayap sanju wrote:

Hi,

Installed and used enterprise modules, if any - No We are using community module

JVM version and operating system version - 1.8

Elasticsearch 6.2.0
Searchguard is 6.2.2

we installed searchguard for elasticsearch and followed all process, but after executing elasticsearch, it is not starting elasticsearch, giving Not yet initialized [you may need to run sgadmin]
while running sgadmin it is giving NoNodesAvalaible exception error.
error: unable to check whether cluster is sane: none f the configured nodes are available.

Below is the sgadmin command which we are using :

sgadmin.sh -cd ..\sgconfig -key ..\..\..\config\kirk-key.pem -cert ..\..\..\config\kirk.pem -cacert ..\..\..\config\root-ca.pem -nhnv -icl

Any early solution for this will be very helpful.
Thanks in advance:-)

My elasticsearch.yml is as follows:

This file was automatically generated

path.data: /var/lib/elasticsearch

path.logs: /var/log/elasticsearch

discovery.zen.minimum_master_nodes: 3

discovery.zen.hosts_provider: ec2

network.host: [“ec2:privateIpv4”, “local”]

cloud.node.auto_attributes: true

cluster.routing.allocation.awareness.attributes: aws_availability_zone

Search Guard settings

xpack.security.enabled: false

searchguard.ssl.transport.pemcert_filepath: ssl/node.pem

searchguard.ssl.transport.pemkey_filepath: ssl/node-key.pem

searchguard.ssl.transport.pemtrustedcas_filepath: ssl/ca.pem

searchguard.ssl.transport.enforce_hostname_verification: false

searchguard.nodes_dn:

  • CN=node

searchguard.authcz.admin_dn:

  • CN=admin

searchguard.ssl.http.enabled: true

searchguard.ssl.http.pemcert_filepath: ssl/http.pem

searchguard.ssl.http.pemkey_filepath: ssl/http-key.pem

searchguard.ssl.http.pemtrustedcas_filepath: ssl/ca.pem

searchguard.restapi.roles_enabled: [“sg_all_access”]

``

···

On Friday, May 18, 2018 at 7:16:22 PM UTC+12, sanjayap sanju wrote:

Hi,

Installed and used enterprise modules, if any - No We are using community module

JVM version and operating system version - 1.8

Elasticsearch 6.2.0
Searchguard is 6.2.2

we installed searchguard for elasticsearch and followed all process, but after executing elasticsearch, it is not starting elasticsearch, giving Not yet initialized [you may need to run sgadmin]
while running sgadmin it is giving NoNodesAvalaible exception error.
error: unable to check whether cluster is sane: none f the configured nodes are available.

Below is the sgadmin command which we are using :

sgadmin.sh -cd ..\sgconfig -key ..\..\..\config\kirk-key.pem -cert ..\..\..\config\kirk.pem -cacert ..\..\..\config\root-ca.pem -nhnv -icl

Any early solution for this will be very helpful.
Thanks in advance:-)