1. 首頁
  2. 問答
  3. 升級Elasticsearch 2.1.1至2.2.0 - 缺少身份驗證令牌?

升級Elasticsearch 2.1.1至2.2.0 - 缺少身份驗證令牌?

2016-02-03 47 views
0

我決定嘗試將當前羣集從ES2.1.1升級到ES2.2.0。 鏡像對。羣集在AWS內運行,因此我使用cloud-aws插件進行通信。升級Elasticsearch 2.1.1至2.2.0 - 缺少身份驗證令牌?

我成功升級了第一個節點,並且它已經承擔了主站狀態,但升級第二個節點時遇到了一個奇怪的通信/身份驗證問題。

我注意到指南here,但我似乎仍然遇到一個奇怪的問題。

從第二個節點上主羣集日誌:

[2016-02-03 12:29:41,241][INFO ][discovery.ec2   ] [Sharon Ventura] failed to send join request to master [{Space Phantom}{NzN7b7ZHT8uPu6oXJAORMg}{10.60.164.147}{10.60.164.147:9300}], reason [RemoteTransportException[[Space Phantom][10.60.164.147:9300][internal:discovery/zen/join]]; nested: IllegalStateException[failure when sending a validation request to node]; nested: RemoteTransportException[[Sharon Ventura][10.60.163.74:9300][internal:discovery/zen/join/validate]]; nested: ElasticsearchSecurityException[missing authentication token for action [internal:discovery/zen/join/validate]]; ] 
[2016-02-03 12:29:42,455][DEBUG][action.admin.cluster.health] [Sharon Ventura] no known master node, scheduling a retry 
[2016-02-03 12:29:44,255][INFO ][discovery.ec2   ] [Sharon Ventura] failed to send join request to master [{Space Phantom}{NzN7b7ZHT8uPu6oXJAORMg}{10.60.164.147}{10.60.164.147:9300}], reason [RemoteTransportException[[Space Phantom][10.60.164.147:9300][internal:discovery/zen/join]]; nested: IllegalStateException[failure when sending a validation request to node]; nested: RemoteTransportException[[Sharon Ventura][10.60.163.74:9300][internal:discovery/zen/join/validate]]; nested: ElasticsearchSecurityException[missing authentication token for action [internal:discovery/zen/join/validate]]; ] 
[2016-02-03 12:29:47,269][INFO ][discovery.ec2   ] [Sharon Ventura] failed to send join request to master [{Space Phantom}{NzN7b7ZHT8uPu6oXJAORMg}{10.60.164.147}{10.60.164.147:9300}], reason [RemoteTransportException[[Space Phantom][10.60.164.147:9300][internal:discovery/zen/join]]; nested: IllegalStateException[failure when sending a validation request to node]; nested: RemoteTransportException[[Sharon Ventura][10.60.163.74:9300][internal:discovery/zen/join/validate]]; nested: ElasticsearchSecurityException[missing authentication token for action [internal:discovery/zen/join/validate]]; ] 
[2016-02-03 12:29:49,472][DEBUG][action.admin.cluster.state] [Sharon Ventura] timed out while retrying [cluster:monitor/state] after failure (timeout [30s]) 
[2016-02-03 12:29:49,473][INFO ][rest.suppressed   ] /_cluster/settings Params: {} 
MasterNotDiscoveredException[null] 
     at org.elasticsearch.action.support.master.TransportMasterNodeAction$AsyncSingleAction$5.onTimeout(TransportMasterNodeAction.java:205) 
     at org.elasticsearch.cluster.ClusterStateObserver$ObserverClusterStateListener.onTimeout(ClusterStateObserver.java:239) 
     at org.elasticsearch.cluster.service.InternalClusterService$NotifyTimeout.run(InternalClusterService.java:794) 
     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
     at java.lang.Thread.run(Thread.java:745) 
[2016-02-03 12:29:50,283][INFO ][discovery.ec2   ] [Sharon Ventura] failed to send join request to master [{Space Phantom}{NzN7b7ZHT8uPu6oXJAORMg}{10.60.164.147}{10.60.164.147:9300}], reason [RemoteTransportException[[Space Phantom][10.60.164.147:9300][internal:discovery/zen/join]]; nested: IllegalStateException[failure when sending a validation request to node]; nested: RemoteTransportException[[Sharon Ventura][10.60.163.74:9300][internal:discovery/zen/join/validate]]; nested: ElasticsearchSecurityException[missing authentication token for action [internal:discovery/zen/join/validate]]; ]

我elasticsearch.yml文件:

cluster.name: cluster01 
http.cors.enabled: true 
network.host: 0.0.0.0 
discovery.type: ec2 
discovery.ec2.tag.project_code_info: "cluster01" 
cloud.aws.region: eu-central-1

我可以在它檢測到的第一個節點的日誌中看到:它有[Space Phantom][10.60.164.147:9300] 檢測到它沒有任何干預,但它顯然無法驗證。

我懷疑這可能與Shield插件有關,該插件也已安裝,但正確和相同的權限設置與以前相同。沒有其他變化。

我在屏蔽中使用用戶名和密碼,沒有配置SSL。

任何人都可以協助嗎?

來源

2016-02-03 Kareem

回答

1

我設法弄清楚了,如@ user3458016所要求的。

我設法解決重置所有設置和配置,刪除插件licenseshield,刪除所有用戶和以前一樣重新添加所有的人(所有節點上)這個問題,通過。這些配置在開始時是相同的,所以這很奇怪。

首先,停止所有節點上的elasticsearch。 如果本地運行,停止kibana。

如果您有任何自定義角色,檢查該配置在/etc/elasticsearch/shield/roles.yml如果可能的話 從單一記錄的配置刷新此。

刪除插件:

/usr/share/elasticsearch/bin/plugin remove elasticsearch/license/latest /usr/share/elasticsearch/bin/plugin remove elasticsearch/shield/latest

刪除用戶:

/usr/share/elasticsearch/bin/shield/esusers userdel admin /usr/share/elasticsearch/bin/shield/esusers userdel logstash

重新添加插件:

/usr/share/elasticsearch/bin/plugin install elasticsearch/license/latest -b /usr/share/elasticsearch/bin/plugin install elasticsearch/shield/latest -b

再添加用戶:

/usr/share/elasticsearch/bin/shield/esusers useradd admin -p adminuserpw -r admin /usr/share/elasticsearch/bin/shield/esusers useradd logstash -p logstashuserpw -r logstash

如果您有任何自定義角色,仔細檢查/etc/elasticsearch/shield/roles.yml的這個配置驗證配置沒有被修改或以上-書面。

開始彈性搜索第一個節點。 如果本地運行,則啓動kibana。

檢查指標已正確提出並且驗證主節點狀態

在所有其他節點上執行上述所有步驟。其餘節點上

開始elasticsearch,一次一個。 在開始下一個節點之前驗證健康的羣集複製。

我希望有人認爲這有用。

來源

2016-02-29 16:16:22 Kareem

相關問題

 相關問題