I’m attempting to add nodes to a running ODFE cluster.
So far I’ve:
- Installed ODFE on the new node
- Created certificates and sent them to this machine
- Configured the previously running node’s
elasticsearch.ymlto have discovery.seed_hosts and cluster.initial_master_nodes to include the new node.
- I’ve configured the same on the new node (with the information for the previous node).
Once I restart the new ODFE node’s API I get: Open Distro Security not initialized.
When I try to run
securityadmin.sh on the older node nothing seems out of the ordinary and in the new one it will state:
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ... Cannot retrieve cluster state due to: null. This is not an error, will keep on trying ... Root cause: MasterNotDiscoveredException[null] (org.elasticsearch.discovery.MasterNotDiscoveredException/org.elasticsearch.discovery.MasterNotDiscoveredException) * Try running securityadmin.sh with -icl (but no -cl) and -nhnv (If that works you need to check your clustername as well as hostnames in your TLS certificates) * Make sure that your keystore or PEM certificate is a client certificate (not a node certificate) and configured properly in elasticsearch.yml * If this is not working, try running securityadmin.sh with --diagnose and see diagnose trace log file) * Add --accept-red-cluster to allow securityadmin to operate on a red cluster.
Is there any documentation on how to add nodes to existing clusters that have security enabled?