I am setting up Elasticsearch version 7.17.11 on Ubuntu 20.04. It will be a single instance of Elasticsearch but I will have separate instances for Kibana and Logstash. I am trying to recreate our setup in another cloud project without using a cluster for Elasticsearch and those settings are the only differences from a working build as far as I am aware.
This is the error when I run the bin/elasticsearch-setup-passwords tool:
Failed to authenticate user 'elastic' against https://localhost:9200/_security/_authenticate?pretty
Possible causes include:
* The password for the 'elastic' user has already been changed on this cluster
* Your elasticsearch node is running against a different keystore
This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore
ERROR: Failed to verify bootstrap password
The keystore does appear to be at /etc/elasticsearch/elasticsearch.keystore. The password cannot have been already changed because I create a new instance with Terraform every time and run an Ansible playbook against it.
This is my elasticsearch.yml file:
node.name: test-elasticsearch
network.host: localhost
http.port: 9200
discovery.type: single-node
# Transport layer
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.transport.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.transport.ssl.certificate_authorities: /etc/elasticsearch/certs/ca/ca.crt
# HTTP layer
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.http.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: /etc/elasticsearch/certs/ca/ca.crt
# Elasticsearch authentication
xpack.security.enabled: true
#xpack.security.enabled: false
path.data: /mnt/elastic_data_disk
path.logs: /mnt/elastic_data_disk
The certs have been setup with the bin/elasticsearch-certutil tool and put in the correct paths BTW.
This is the instances.yml file I used to configure the certs BTW (with full public IP - censored here):
instances:
- name: "test-elasticsearch"
ip:
- "35.xx.xx.xx"
Any help is appreciated: I have read all of the related Elastic documentation I am aware of that relates and I am stuck and cannot find anything online. Does anyone have any idea how to fix this?
I am installing Elasticsearch. I am having trouble with creating the elastic password - it incorrectly says it has already been configured and I cannot proceed without knowing the elastic password.
