自分の証明書で opendistro エラスティック検索を構成しようとしていました。
esip:9200 にカールしたときの応答は
Open Distro Security が初期化されていません。
後でセキュリティを初期化するためにsecurity admin.shを実行しようとしたとき、エラーは次のようになりました
Open Distro Security Admin v7
Will connect to localhost:9300 ... done
Connected as CN=master
Elasticsearch Version: 7.8.0
Open Distro Security Version: 1.9.0.0
Contacting elasticsearch cluster 'elasticsearch' ...
Clustername: elasticsearch
Clusterstate: RED
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
ERR: .opendistro_security index state is RED.
Populate config from /Users/jk/Desktop/ELK 7.9.0/opendistroforelasticsearch-1.9.0/plugins/opendistro_security/securityconfig
Will update '_doc/config' with plugins/opendistro_security/securityconfig/config.yml
FAIL: Configuration for 'config' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][config], source[n/a, actual length: [3.7kb], max length: 2kb]}] and a refresh]]
Will update '_doc/roles' with plugins/opendistro_security/securityconfig/roles.yml
FAIL: Configuration for 'roles' failed because of NodeClosedException[node closed {master}{FXhShYtXTIOatM7kb36ePQ}{sxggZ8ceRHu4maB_ARDaBQ}{192.168.0.108}{192.168.0.108:9300}{dmr}]
Will update '_doc/rolesmapping' with plugins/opendistro_security/securityconfig/roles_mapping.yml
WARNING: JAVA_HOME not set, will use /usr/bin/java
Open Distro Security Admin v7
Will connect to localhost:9300 ... done
Connected as CN=master
Elasticsearch Version: 7.8.0
Open Distro Security Version: 1.9.0.0
Contacting elasticsearch cluster 'elasticsearch' ...
Clustername: elasticsearch
Clusterstate: RED
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
ERR: .opendistro_security index state is RED.
Populate config from /Users/jk/Desktop/ELK 7.9.0/opendistroforelasticsearch-1.9.0/plugins/opendistro_security/securityconfig
Will update '_doc/config' with plugins/opendistro_security/securityconfig/config.yml
FAIL: Configuration for 'config' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][config], source[n/a, actual length: [3.7kb], max length: 2kb]}] and a refresh]]
Will update '_doc/roles' with plugins/opendistro_security/securityconfig/roles.yml
FAIL: Configuration for 'roles' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][roles], source[{"roles":"eyJfbWV0YSI6eyJ0eXBlIjoicm9sZXMiLCJjb25maWdfdmVyc2lvbiI6Mn0sImtpYmFuYV9yZWFkX29ubHkiOnsicmVzZXJ2ZWQiOnRydWV9LCJzZWN1cml0eV9yZXN0X2FwaV9hY2Nlc3MiOnsicmVzZXJ2ZWQiOnRydWV9LCJhbGVydGluZ192aWV3X2FsZXJ0cyI6eyJyZXNlcnZlZCI6dHJ1ZSwiaW5kZXhfcGVybWlzc2lvbnMiOlt7ImluZGV4X3BhdHRlcm5zIjpbIi5vcGVuZGlzdHJvLWFsZXJ0aW5nLWFsZXJ0KiJdLCJhbGxvd2VkX2FjdGlvbnMiOlsicmVhZCJdfV19LCJhbGVydGluZ19jcnVkX2FsZXJ0cyI6eyJyZXNlcnZlZCI6dHJ1ZSwiaW5kZXhfcGVybWlzc2lvbnMiOlt7ImluZGV4X3BhdHRlcm5zIjpbIi5vcGVuZGlzdHJvLWFsZXJ0aW5nLWFsZXJ0KiJdLCJhbGxvd2VkX2FjdGlvbnMiOlsiY3J1ZCJdfV19LCJhbGVydGluZ19mdWxsX2FjY2VzcyI6eyJyZXNlcnZlZCI6dHJ1ZSwiaW5kZXhfcGVybWlzc2lvbnMiOlt7ImluZGV4X3BhdHRlcm5zIjpbIi5vcGVuZGlzdHJvLWFsZXJ0aW5nLWNvbmZpZyIsIi5vcGVuZGlzdHJvLWFsZXJ0aW5nLWFsZXJ0KiJdLCJhbGxvd2VkX2FjdGlvbnMiOlsiY3J1ZCJdfV19fQ=="}]}] and a refresh]]
Will update '_doc/rolesmapping' with plugins/opendistro_security/securityconfig/roles_mapping.yml
FAIL: Configuration for 'rolesmapping' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][rolesmapping], source[{"rolesmapping":"eyJfbWV0YSI6eyJ0eXBlIjoicm9sZXNtYXBwaW5nIiwiY29uZmlnX3ZlcnNpb24iOjJ9LCJhbGxfYWNjZXNzIjp7InJlc2VydmVkIjpmYWxzZSwiYmFja2VuZF9yb2xlcyI6WyJhZG1pbiJdLCJkZXNjcmlwdGlvbiI6Ik1hcHMgYWRtaW4gdG8gYWxsX2FjY2VzcyJ9LCJvd25faW5kZXgiOnsicmVzZXJ2ZWQiOmZhbHNlLCJ1c2VycyI6WyIqIl0sImRlc2NyaXB0aW9uIjoiQWxsb3cgZnVsbCBhY2Nlc3MgdG8gYW4gaW5kZXggbmFtZWQgbGlrZSB0aGUgdXNlcm5hbWUifSwibG9nc3Rhc2giOnsicmVzZXJ2ZWQiOmZhbHNlLCJiYWNrZW5kX3JvbGVzIjpbImxvZ3N0YXNoIl19LCJraWJhbmFfdXNlciI6eyJyZXNlcnZlZCI6ZmFsc2UsImJhY2tlbmRfcm9sZXMiOlsia2liYW5hdXNlciJdLCJkZXNjcmlwdGlvbiI6Ik1hcHMga2liYW5hdXNlciB0byBraWJhbmFfdXNlciJ9LCJyZWFkYWxsIjp7InJlc2VydmVkIjpmYWxzZSwiYmFja2VuZF9yb2xlcyI6WyJyZWFkYWxsIl19LCJtYW5hZ2Vfc25hcHNob3RzIjp7InJlc2VydmVkIjpmYWxzZSwiYmFja2VuZF9yb2xlcyI6WyJzbmFwc2hvdHJlc3RvcmUiXX0sImtpYmFuYV9zZXJ2ZXIiOnsicmVzZXJ2ZWQiOnRydWUsInVzZXJzIjpbImtpYmFuYXNlcnZlciJdfX0="}]}] and a refresh]]
Will update '_doc/internalusers' with plugins/opendistro_security/securityconfig/internal_users.yml
FAIL: Configuration for 'internalusers' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][internalusers], source[{"internalusers":"eyJfbWV0YSI6eyJ0eXBlIjoiaW50ZXJuYWx1c2VycyIsImNvbmZpZ192ZXJzaW9uIjoyfSwiYWRtaW4iOnsiaGFzaCI6IiQyYSQxMiRWY0NEZ2gyTkRrMDdKR04wcmpHYk0uQWQ0MXFWUi9ZRkpjZ0hwMFVHbnM1SkR5bXYuLlRPRyIsInJlc2VydmVkIjp0cnVlLCJiYWNrZW5kX3JvbGVzIjpbImFkbWluIl0sImRlc2NyaXB0aW9uIjoiRGVtbyBhZG1pbiB1c2VyIn0sImtpYmFuYXNlcnZlciI6eyJoYXNoIjoiJDJhJDEyJDRBY2dBdDN4d09XYWRBNXM1YmxMNmV2MzlPWEROaG1PZXNFb28zM2VadHJxMk4wWXJVM0guIiwicmVzZXJ2ZWQiOnRydWUsImRlc2NyaXB0aW9uIjoiRGVtbyBraWJhbmFzZXJ2ZXIgdXNlciJ9LCJraWJhbmFybyI6eyJoYXNoIjoiJDJhJDEyJEpKU1hOZlRvd3o3VXU1dHRYZmVZcGVZRTBhckFDdmN3bFBCU3RCMUYuTUk3ZjBVOVo0REdDIiwicmVzZXJ2ZWQiOmZhbHNlLCJiYWNrZW5kX3JvbGVzIjpbImtpYmFuYXVzZXIiLCJyZWFkYWxsIl0sImF0dHJpYnV0ZXMiOnsiYXR0cmlidXRlMSI6InZhbHVlMSIsImF0dHJpYnV0ZTIiOiJ2YWx1ZTIiLCJhdHRyaWJ1dGUzIjoidmFsdWUzIn0sImRlc2NyaXB0aW9uIjoiRGVtbyBraWJhbmFybyB1c2VyIn0sImxvZ3N0YXNoIjp7Imhhc2giOiIkMmEkMTIkdTFTaFI0bDR1QlMzVXY1OVBhMnk1LjF1UXVaQnJadG1OZnFCM2lNLy5qTDBYb1Y5c2doUzIiLCJyZXNlcnZlZCI6ZmFsc2UsImJhY2tlbmRfcm9sZXMiOlsibG9nc3Rhc2giXSwiZGVzY3JpcHRpb24iOiJEZW1vIGxvZ3N0YXNoIHVzZXIifSwicmVhZGFsbCI6eyJoYXNoIjoiJDJhJDEyJGFlNHljd3p3dkx0Wnh3WjgyUm1pRXVuQmJJUGlBbUdaZHVCQWpLTjBUWGR3UUZ0Q3dBUnoyIiwicmVzZXJ2ZWQiOmZhbHNlLCJiYWNrZW5kX3JvbGVzIjpbInJlYWRhbGwiXSwiZGVzY3JpcHRpb24iOiJEZW1vIHJlYWRhbGwgdXNlciJ9LCJzbmFwc2hvdHJlc3RvcmUiOnsiaGFzaCI6IiQyeSQxMiREcHdtZXRIS3dnWW5vcmJnZHZPUkNlbnY0TkFLOGNQVWc4QUk2cHhMQ3VXZi9BTGMwLnY3VyIsInJlc2VydmVkIjpmYWxzZSwiYmFja2VuZF9yb2xlcyI6WyJzbmFwc2hvdHJlc3RvcmUiXSwiZGVzY3JpcHRpb24iOiJEZW1vIHNuYXBzaG90cmVzdG9yZSB1c2VyIn19"}]}] and a refresh]]
Will update '_doc/actiongroups' with plugins/opendistro_security/securityconfig/action_groups.yml
FAIL: Configuration for 'actiongroups' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][actiongroups], source[{"actiongroups":"eyJfbWV0YSI6eyJ0eXBlIjoiYWN0aW9uZ3JvdXBzIiwiY29uZmlnX3ZlcnNpb24iOjJ9fQ=="}]}] and a refresh]]
Will update '_doc/tenants' with plugins/opendistro_security/securityconfig/tenants.yml
FAIL: Configuration for 'tenants' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][tenants], source[{"tenants":"eyJfbWV0YSI6eyJ0eXBlIjoidGVuYW50cyIsImNvbmZpZ192ZXJzaW9uIjoyfSwiYWRtaW5fdGVuYW50Ijp7InJlc2VydmVkIjpmYWxzZSwiZGVzY3JpcHRpb24iOiJEZW1vIHRlbmFudCBmb3IgYWRtaW4gdXNlciJ9fQ=="}]}] and a refresh]]
Will update '_doc/nodesdn' with plugins/opendistro_security/securityconfig/nodes_dn.yml
FAIL: Configuration for 'nodesdn' failed because of UnavailableShardsException[[.opendistro_security][0] primary shard is not active Timeout: [1m], request: [BulkShardRequest [[.opendistro_security][0]] containing [index {[.opendistro_security][_doc][nodesdn], source[{"nodesdn":"eyJfbWV0YSI6eyJ0eXBlIjoibm9kZXNkbiIsImNvbmZpZ192ZXJzaW9uIjoyfX0="}]}] and a refresh]]
ERR: cannot upload configuration, see errors above