Created
August 5, 2020 18:14
-
-
Save bryanboza/7779d43fc4a0695193c3dca93d312579 to your computer and use it in GitHub Desktop.
log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OpenDistro for Elasticsearch Security Demo Installer | |
** Warning: Do not use on production or public reachable systems ** | |
Basedir: /usr/share/elasticsearch | |
Elasticsearch install type: rpm/deb on CentOS Linux release 7.7.1908 (Core) | |
Elasticsearch config dir: /usr/share/elasticsearch/config | |
Elasticsearch config file: /usr/share/elasticsearch/config/elasticsearch.yml | |
Elasticsearch bin dir: /usr/share/elasticsearch/bin | |
Elasticsearch plugins dir: /usr/share/elasticsearch/plugins | |
Elasticsearch lib dir: /usr/share/elasticsearch/lib | |
Detected Elasticsearch Version: x-content-7.6.1 | |
Detected Open Distro Security Version: 1.6.0.0 | |
### Success | |
### Execute this script now on all your nodes and then start all nodes | |
### Open Distro Security will be automatically initialized. | |
### If you like to change the runtime configuration | |
### change the files in ../securityconfig and execute: | |
"/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh" -cd "/usr/share/elasticsearch/plugins/opendistro_security/securityconfig" -icl -key "/usr/share/elasticsearch/config/kirk-key.pem" -cert "/usr/share/elasticsearch/config/kirk.pem" -cacert "/usr/share/elasticsearch/config/root-ca.pem" -nhnv | |
### or run ./securityadmin_demo.sh | |
### To use the Security Plugin ConfigurationGUI | |
### To access your secured cluster open https://<hostname>:<HTTP port> and log in with admin/admin. | |
### (Ignore the SSL certificate warning because we installed self-signed demo certificates) | |
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release. | |
[2020-08-05T17:36:39,747][WARN ][o.e.d.c.s.Settings ] [odfe-node1] [node.max_local_storage_nodes] setting was deprecated in Elasticsearch and will be removed in a future release! See the breaking changes documentation for the next major version. | |
[2020-08-05T17:36:39,813][INFO ][o.e.e.NodeEnvironment ] [odfe-node1] using [1] data paths, mounts [[/usr/share/elasticsearch/data (/dev/vda1)]], net usable_space [52.2gb], net total_space [58.4gb], types [ext4] | |
[2020-08-05T17:36:39,814][INFO ][o.e.e.NodeEnvironment ] [odfe-node1] heap size [990.7mb], compressed ordinary object pointers [true] | |
[2020-08-05T17:36:39,930][INFO ][o.e.n.Node ] [odfe-node1] node name [odfe-node1], node ID [03OfzIepR9OkYUr7V6M95g], cluster name [odfe-cluster] | |
[2020-08-05T17:36:39,931][INFO ][o.e.n.Node ] [odfe-node1] version[7.6.1], pid[1], build[oss/tar/aa751e09be0a5072e8570670309b1f12348f023b/2020-02-29T00:15:25.529771Z], OS[Linux/4.19.76-linuxkit/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/12.0.2/12.0.2+10] | |
[2020-08-05T17:36:39,932][INFO ][o.e.n.Node ] [odfe-node1] JVM home [/opt/jdk-12.0.2] | |
[2020-08-05T17:36:39,933][INFO ][o.e.n.Node ] [odfe-node1] JVM arguments [-Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.locale.providers=COMPAT, -Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -Djava.io.tmpdir=/tmp/elasticsearch-1460717961155121328, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Djava.security.policy=file:///usr/share/elasticsearch/plugins/opendistro_performance_analyzer/pa_config/es_security.policy, -Dclk.tck=100, -Djdk.attach.allowAttachSelf=true, -Des.cgroups.hierarchy.override=/, -Xmx1G, -XX:MaxDirectMemorySize=536870912, -Des.path.home=/usr/share/elasticsearch, -Des.path.conf=/usr/share/elasticsearch/config, -Des.distribution.flavor=oss, -Des.distribution.type=tar, -Des.bundled_jdk=true] | |
[2020-08-05T17:36:40,984][INFO ][c.a.o.e.p.c.PluginSettings] [odfe-node1] Config: metricsLocation: /dev/shm/performanceanalyzer/, metricsDeletionInterval: 1, httpsEnabled: false, cleanup-metrics-db-files: true | |
[2020-08-05T17:36:41,199][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] ES Config path is /usr/share/elasticsearch/config | |
[2020-08-05T17:36:41,377][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] JVM supports TLSv1.3 | |
[2020-08-05T17:36:41,378][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] Config directory is /usr/share/elasticsearch/config/, from there the key- and truststore files are resolved relatively | |
[2020-08-05T17:36:41,881][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] TLS Transport Client Provider : JDK | |
[2020-08-05T17:36:41,881][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] TLS Transport Server Provider : JDK | |
[2020-08-05T17:36:41,881][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] TLS HTTP Provider : JDK | |
[2020-08-05T17:36:41,881][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] Enabled TLS protocols for transport layer : [TLSv1.3, TLSv1.2, TLSv1.1] | |
[2020-08-05T17:36:41,881][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] Enabled TLS protocols for HTTP layer : [TLSv1.3, TLSv1.2, TLSv1.1] | |
[2020-08-05T17:36:42,167][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Clustername: odfe-cluster | |
[2020-08-05T17:36:42,194][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Directory /usr/share/elasticsearch/config has insecure file permissions (should be 0700) | |
[2020-08-05T17:36:42,194][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/log4j2.properties has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,194][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/elasticsearch.yml has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,194][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/esnode.pem has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,195][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/kirk.pem has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,195][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/kirk-key.pem has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,195][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/esnode-key.pem has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,195][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/root-ca.pem has insecure file permissions (should be 0600) | |
[2020-08-05T17:36:42,352][INFO ][c.a.o.j.JobSchedulerPlugin] [odfe-node1] Loaded scheduler extension: opendistro-managed-index, index: .opendistro-ism-config | |
[2020-08-05T17:36:42,399][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [aggs-matrix-stats] | |
[2020-08-05T17:36:42,399][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [analysis-common] | |
[2020-08-05T17:36:42,400][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [ingest-common] | |
[2020-08-05T17:36:42,400][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [ingest-geoip] | |
[2020-08-05T17:36:42,400][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [ingest-user-agent] | |
[2020-08-05T17:36:42,401][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [lang-expression] | |
[2020-08-05T17:36:42,401][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [lang-mustache] | |
[2020-08-05T17:36:42,401][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [lang-painless] | |
[2020-08-05T17:36:42,401][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [mapper-extras] | |
[2020-08-05T17:36:42,402][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [parent-join] | |
[2020-08-05T17:36:42,402][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [percolator] | |
[2020-08-05T17:36:42,402][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [rank-eval] | |
[2020-08-05T17:36:42,402][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [reindex] | |
[2020-08-05T17:36:42,402][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [repository-url] | |
[2020-08-05T17:36:42,403][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [transport-netty4] | |
[2020-08-05T17:36:42,404][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro-job-scheduler] | |
[2020-08-05T17:36:42,404][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro-knn] | |
[2020-08-05T17:36:42,404][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_alerting] | |
[2020-08-05T17:36:42,405][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_index_management] | |
[2020-08-05T17:36:42,405][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_performance_analyzer] | |
[2020-08-05T17:36:42,405][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_security] | |
[2020-08-05T17:36:42,405][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_sql] | |
[2020-08-05T17:36:42,426][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Disabled https compression by default to mitigate BREACH attacks. You can enable it by setting 'http.compression: true' in elasticsearch.yml | |
[2020-08-05T17:36:45,334][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured categories on rest layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES] | |
[2020-08-05T17:36:45,334][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured categories on transport layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES] | |
[2020-08-05T17:36:45,335][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured Users to ignore: [kibanaserver] | |
[2020-08-05T17:36:45,335][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured Users to ignore for read compliance events: [kibanaserver] | |
[2020-08-05T17:36:45,336][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured Users to ignore for write compliance events: [kibanaserver] | |
[2020-08-05T17:36:45,488][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Message routing enabled: true | |
[2020-08-05T17:36:45,491][WARN ][c.a.o.s.c.ComplianceConfig] [odfe-node1] If you plan to use field masking pls configure opendistro_security.compliance.salt to be a random string of 16 chars length identical on all nodes | |
[2020-08-05T17:36:45,491][INFO ][c.a.o.s.c.ComplianceConfig] [odfe-node1] PII configuration [auditLogPattern=org.joda.time.format.DateTimeFormatter@5d6d424d, auditLogIndex=null]: {} | |
[2020-08-05T17:36:46,029][INFO ][o.e.d.DiscoveryModule ] [odfe-node1] using discovery type [zen] and seed hosts providers [settings] | |
[2020-08-05T17:36:46,550][INFO ][c.a.o.e.p.h.c.PerformanceAnalyzerConfigAction] [odfe-node1] PerformanceAnalyzer Enabled: true | |
[2020-08-05T17:36:46,611][INFO ][o.e.n.Node ] [odfe-node1] initialized | |
[2020-08-05T17:36:46,611][INFO ][o.e.n.Node ] [odfe-node1] starting ... | |
[2020-08-05T17:36:46,742][INFO ][o.e.t.TransportService ] [odfe-node1] publish_address {172.18.0.2:9300}, bound_addresses {0.0.0.0:9300} | |
[2020-08-05T17:36:46,942][INFO ][o.e.b.BootstrapChecks ] [odfe-node1] bound or publishing to a non-loopback address, enforcing bootstrap checks | |
[2020-08-05T17:36:46,953][INFO ][o.e.c.c.Coordinator ] [odfe-node1] setting initial configuration to VotingConfiguration{03OfzIepR9OkYUr7V6M95g} | |
[2020-08-05T17:36:47,184][INFO ][o.e.c.s.MasterService ] [odfe-node1] elected-as-master ([1] nodes joined)[{odfe-node1}{03OfzIepR9OkYUr7V6M95g}{ZsJZidwsTl2agJRWf5QZrA}{172.18.0.2}{172.18.0.2:9300}{dim} elect leader, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 1, version: 1, delta: master node changed {previous [], current [{odfe-node1}{03OfzIepR9OkYUr7V6M95g}{ZsJZidwsTl2agJRWf5QZrA}{172.18.0.2}{172.18.0.2:9300}{dim}]} | |
[2020-08-05T17:36:47,267][INFO ][o.e.c.c.CoordinationState] [odfe-node1] cluster UUID set to [85jVpbOlTsuXZfCsOiPLtw] | |
[2020-08-05T17:36:47,315][INFO ][o.e.c.s.ClusterApplierService] [odfe-node1] master node changed {previous [], current [{odfe-node1}{03OfzIepR9OkYUr7V6M95g}{ZsJZidwsTl2agJRWf5QZrA}{172.18.0.2}{172.18.0.2:9300}{dim}]}, term: 1, version: 1, reason: Publication{term=1, version=1} | |
WARNING: An illegal reflective access operation has occurred | |
WARNING: Illegal reflective access by com.amazon.opendistro.elasticsearch.performanceanalyzer.collectors.MasterServiceEventMetrics (file:/usr/share/elasticsearch/plugins/opendistro_performance_analyzer/opendistro_performance_analyzer-1.6.0.0.jar) to field java.util.concurrent.ThreadPoolExecutor.workers | |
WARNING: Please consider reporting this to the maintainers of com.amazon.opendistro.elasticsearch.performanceanalyzer.collectors.MasterServiceEventMetrics | |
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations | |
WARNING: All illegal access operations will be denied in a future release | |
[2020-08-05T17:36:47,489][INFO ][o.e.h.AbstractHttpServerTransport] [odfe-node1] publish_address {172.18.0.2:9200}, bound_addresses {0.0.0.0:9200} | |
[2020-08-05T17:36:47,489][INFO ][o.e.n.Node ] [odfe-node1] started | |
[2020-08-05T17:36:47,490][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Node started | |
[2020-08-05T17:36:47,490][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Check if .opendistro_security index exists ... | |
[2020-08-05T17:36:47,491][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] .opendistro_security index does not exist yet, so we create a default config | |
[2020-08-05T17:36:47,494][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] 4 Open Distro Security modules loaded so far: [Module [type=AUDITLOG, implementing class=com.amazon.opendistroforelasticsearch.security.auditlog.impl.AuditLogImpl], Module [type=MULTITENANCY, implementing class=com.amazon.opendistroforelasticsearch.security.configuration.PrivilegesInterceptorImpl], Module [type=DLSFLS, implementing class=com.amazon.opendistroforelasticsearch.security.configuration.OpenDistroSecurityFlsDlsIndexSearcherWrapper], Module [type=REST_MANAGEMENT_API, implementing class=com.amazon.opendistroforelasticsearch.security.dlic.rest.api.OpenDistroSecurityRestApiActions]] | |
[2020-08-05T17:36:47,494][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Background init thread started. Install default config?: true | |
[2020-08-05T17:36:47,499][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Will create .opendistro_security index so we can apply default config | |
[2020-08-05T17:36:47,506][INFO ][o.e.g.GatewayService ] [odfe-node1] recovered [0] indices into cluster_state | |
[2020-08-05T17:36:47,699][INFO ][o.e.c.m.MetaDataCreateIndexService] [odfe-node1] [.opendistro_security] creating index, cause [api], templates [], shards [1]/[1], mappings [] | |
[2020-08-05T17:36:47,711][INFO ][o.e.c.r.a.AllocationService] [odfe-node1] updating number_of_replicas to [0] for indices [.opendistro_security] | |
[2020-08-05T17:36:48,096][INFO ][o.e.c.r.a.AllocationService] [odfe-node1] Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.opendistro_security][0]]]). | |
[2020-08-05T17:36:48,147][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Index .opendistro_security created?: true | |
[2020-08-05T17:36:48,149][INFO ][c.a.o.s.s.ConfigHelper ] [odfe-node1] Will update 'CONFIG' with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/config.yml | |
[2020-08-05T17:36:48,313][INFO ][o.e.c.m.MetaDataMappingService] [odfe-node1] [.opendistro_security/LQusa9BeTE2wubJsCYdAow] create_mapping [_doc] | |
[2020-08-05T17:36:48,456][INFO ][c.a.o.s.s.ConfigHelper ] [odfe-node1] Will update 'ROLES' with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml | |
[2020-08-05T17:36:48,508][INFO ][o.e.c.m.MetaDataMappingService] [odfe-node1] [.opendistro_security/LQusa9BeTE2wubJsCYdAow] update_mapping [_doc] | |
[2020-08-05T17:36:48,641][INFO ][c.a.o.s.s.ConfigHelper ] [odfe-node1] Will update 'ROLESMAPPING' with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles_mapping.yml | |
[2020-08-05T17:36:48,674][INFO ][o.e.c.m.MetaDataMappingService] [odfe-node1] [.opendistro_security/LQusa9BeTE2wubJsCYdAow] update_mapping [_doc] | |
[2020-08-05T17:36:48,745][INFO ][c.a.o.s.s.ConfigHelper ] [odfe-node1] Will update 'INTERNALUSERS' with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml | |
[2020-08-05T17:36:48,783][INFO ][o.e.c.m.MetaDataMappingService] [odfe-node1] [.opendistro_security/LQusa9BeTE2wubJsCYdAow] update_mapping [_doc] | |
[2020-08-05T17:36:48,845][INFO ][c.a.o.s.s.ConfigHelper ] [odfe-node1] Will update 'ACTIONGROUPS' with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/action_groups.yml | |
[2020-08-05T17:36:48,866][INFO ][o.e.c.m.MetaDataMappingService] [odfe-node1] [.opendistro_security/LQusa9BeTE2wubJsCYdAow] update_mapping [_doc] | |
[2020-08-05T17:36:48,932][INFO ][c.a.o.s.s.ConfigHelper ] [odfe-node1] Will update 'TENANTS' with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/tenants.yml | |
[2020-08-05T17:36:48,945][INFO ][o.e.c.m.MetaDataMappingService] [odfe-node1] [.opendistro_security/LQusa9BeTE2wubJsCYdAow] update_mapping [_doc] | |
[2020-08-05T17:36:49,004][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Default config applied | |
[2020-08-05T17:36:49,180][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Node 'odfe-node1' initialized | |
[2020-08-05T17:38:26,397][INFO ][o.e.n.Node ] [odfe-node1] stopping ... | |
[2020-08-05T17:38:26,401][INFO ][c.a.o.s.a.s.SinkProvider ] [odfe-node1] Closing InternalESSink | |
[2020-08-05T17:38:26,402][INFO ][c.a.o.s.a.s.SinkProvider ] [odfe-node1] Closing DebugSink | |
[2020-08-05T17:38:26,501][INFO ][o.e.n.Node ] [odfe-node1] stopped | |
[2020-08-05T17:38:26,501][INFO ][o.e.n.Node ] [odfe-node1] closing ... | |
[2020-08-05T17:38:26,528][INFO ][o.e.n.Node ] [odfe-node1] closed | |
OpenDistro for Elasticsearch Security Demo Installer | |
** Warning: Do not use on production or public reachable systems ** | |
Basedir: /usr/share/elasticsearch | |
Elasticsearch install type: rpm/deb on CentOS Linux release 7.7.1908 (Core) | |
Elasticsearch config dir: /usr/share/elasticsearch/config | |
Elasticsearch config file: /usr/share/elasticsearch/config/elasticsearch.yml | |
Elasticsearch bin dir: /usr/share/elasticsearch/bin | |
Elasticsearch plugins dir: /usr/share/elasticsearch/plugins | |
Elasticsearch lib dir: /usr/share/elasticsearch/lib | |
Detected Elasticsearch Version: x-content-7.6.1 | |
Detected Open Distro Security Version: 1.6.0.0 | |
/usr/share/elasticsearch/config/elasticsearch.yml seems to be already configured for Security. Quit. | |
Unlinking stale socket /usr/share/supervisor/supervisord.sock | |
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release. | |
[2020-08-05T18:12:27,387][WARN ][o.e.d.c.s.Settings ] [odfe-node1] [node.max_local_storage_nodes] setting was deprecated in Elasticsearch and will be removed in a future release! See the breaking changes documentation for the next major version. | |
[2020-08-05T18:12:27,418][INFO ][o.e.e.NodeEnvironment ] [odfe-node1] using [1] data paths, mounts [[/usr/share/elasticsearch/data (/dev/vda1)]], net usable_space [52gb], net total_space [58.4gb], types [ext4] | |
[2020-08-05T18:12:27,419][INFO ][o.e.e.NodeEnvironment ] [odfe-node1] heap size [990.7mb], compressed ordinary object pointers [true] | |
[2020-08-05T18:12:27,704][INFO ][o.e.n.Node ] [odfe-node1] node name [odfe-node1], node ID [03OfzIepR9OkYUr7V6M95g], cluster name [odfe-cluster] | |
[2020-08-05T18:12:27,704][INFO ][o.e.n.Node ] [odfe-node1] version[7.6.1], pid[1], build[oss/tar/aa751e09be0a5072e8570670309b1f12348f023b/2020-02-29T00:15:25.529771Z], OS[Linux/4.19.76-linuxkit/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/12.0.2/12.0.2+10] | |
[2020-08-05T18:12:27,705][INFO ][o.e.n.Node ] [odfe-node1] JVM home [/opt/jdk-12.0.2] | |
[2020-08-05T18:12:27,705][INFO ][o.e.n.Node ] [odfe-node1] JVM arguments [-Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.locale.providers=COMPAT, -Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -Djava.io.tmpdir=/tmp/elasticsearch-14068579249073238345, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Djava.security.policy=file:///usr/share/elasticsearch/plugins/opendistro_performance_analyzer/pa_config/es_security.policy, -Dclk.tck=100, -Djdk.attach.allowAttachSelf=true, -Des.cgroups.hierarchy.override=/, -Xmx1G, -XX:MaxDirectMemorySize=536870912, -Des.path.home=/usr/share/elasticsearch, -Des.path.conf=/usr/share/elasticsearch/config, -Des.distribution.flavor=oss, -Des.distribution.type=tar, -Des.bundled_jdk=true] | |
[2020-08-05T18:12:28,808][INFO ][c.a.o.e.p.c.PluginSettings] [odfe-node1] Config: metricsLocation: /dev/shm/performanceanalyzer/, metricsDeletionInterval: 1, httpsEnabled: false, cleanup-metrics-db-files: true | |
[2020-08-05T18:12:29,096][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] ES Config path is /usr/share/elasticsearch/config | |
[2020-08-05T18:12:29,423][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] JVM supports TLSv1.3 | |
[2020-08-05T18:12:29,424][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] Config directory is /usr/share/elasticsearch/config/, from there the key- and truststore files are resolved relatively | |
[2020-08-05T18:12:30,243][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] TLS Transport Client Provider : JDK | |
[2020-08-05T18:12:30,243][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] TLS Transport Server Provider : JDK | |
[2020-08-05T18:12:30,243][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] TLS HTTP Provider : JDK | |
[2020-08-05T18:12:30,244][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] Enabled TLS protocols for transport layer : [TLSv1.3, TLSv1.2, TLSv1.1] | |
[2020-08-05T18:12:30,244][INFO ][c.a.o.s.s.DefaultOpenDistroSecurityKeyStore] [odfe-node1] Enabled TLS protocols for HTTP layer : [TLSv1.3, TLSv1.2, TLSv1.1] | |
[2020-08-05T18:12:30,613][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Clustername: odfe-cluster | |
[2020-08-05T18:12:30,652][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Directory /usr/share/elasticsearch/config has insecure file permissions (should be 0700) | |
[2020-08-05T18:12:30,658][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/log4j2.properties has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,659][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/elasticsearch.yml has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,660][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/esnode.pem has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,661][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/kirk.pem has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,662][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/kirk-key.pem has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,662][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/esnode-key.pem has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,663][WARN ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] File /usr/share/elasticsearch/config/root-ca.pem has insecure file permissions (should be 0600) | |
[2020-08-05T18:12:30,897][INFO ][c.a.o.j.JobSchedulerPlugin] [odfe-node1] Loaded scheduler extension: opendistro-managed-index, index: .opendistro-ism-config | |
[2020-08-05T18:12:31,024][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [aggs-matrix-stats] | |
[2020-08-05T18:12:31,024][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [analysis-common] | |
[2020-08-05T18:12:31,025][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [ingest-common] | |
[2020-08-05T18:12:31,025][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [ingest-geoip] | |
[2020-08-05T18:12:31,025][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [ingest-user-agent] | |
[2020-08-05T18:12:31,025][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [lang-expression] | |
[2020-08-05T18:12:31,026][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [lang-mustache] | |
[2020-08-05T18:12:31,026][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [lang-painless] | |
[2020-08-05T18:12:31,027][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [mapper-extras] | |
[2020-08-05T18:12:31,027][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [parent-join] | |
[2020-08-05T18:12:31,028][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [percolator] | |
[2020-08-05T18:12:31,028][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [rank-eval] | |
[2020-08-05T18:12:31,028][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [reindex] | |
[2020-08-05T18:12:31,029][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [repository-url] | |
[2020-08-05T18:12:31,029][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded module [transport-netty4] | |
[2020-08-05T18:12:31,030][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro-job-scheduler] | |
[2020-08-05T18:12:31,030][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro-knn] | |
[2020-08-05T18:12:31,031][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_alerting] | |
[2020-08-05T18:12:31,031][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_index_management] | |
[2020-08-05T18:12:31,031][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_performance_analyzer] | |
[2020-08-05T18:12:31,031][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_security] | |
[2020-08-05T18:12:31,032][INFO ][o.e.p.PluginsService ] [odfe-node1] loaded plugin [opendistro_sql] | |
[2020-08-05T18:12:31,099][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Disabled https compression by default to mitigate BREACH attacks. You can enable it by setting 'http.compression: true' in elasticsearch.yml | |
[2020-08-05T18:12:34,531][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured categories on rest layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES] | |
[2020-08-05T18:12:34,532][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured categories on transport layer to ignore: [AUTHENTICATED, GRANTED_PRIVILEGES] | |
[2020-08-05T18:12:34,533][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured Users to ignore: [kibanaserver] | |
[2020-08-05T18:12:34,533][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured Users to ignore for read compliance events: [kibanaserver] | |
[2020-08-05T18:12:34,534][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Configured Users to ignore for write compliance events: [kibanaserver] | |
[2020-08-05T18:12:34,703][INFO ][c.a.o.s.a.i.AuditLogImpl ] [odfe-node1] Message routing enabled: true | |
[2020-08-05T18:12:34,706][WARN ][c.a.o.s.c.ComplianceConfig] [odfe-node1] If you plan to use field masking pls configure opendistro_security.compliance.salt to be a random string of 16 chars length identical on all nodes | |
[2020-08-05T18:12:34,706][INFO ][c.a.o.s.c.ComplianceConfig] [odfe-node1] PII configuration [auditLogPattern=org.joda.time.format.DateTimeFormatter@1f57666b, auditLogIndex=null]: {} | |
[2020-08-05T18:12:35,373][INFO ][o.e.d.DiscoveryModule ] [odfe-node1] using discovery type [zen] and seed hosts providers [settings] | |
[2020-08-05T18:12:35,885][INFO ][c.a.o.e.p.h.c.PerformanceAnalyzerConfigAction] [odfe-node1] PerformanceAnalyzer Enabled: true | |
[2020-08-05T18:12:35,962][INFO ][o.e.n.Node ] [odfe-node1] initialized | |
[2020-08-05T18:12:35,962][INFO ][o.e.n.Node ] [odfe-node1] starting ... | |
[2020-08-05T18:12:36,116][INFO ][o.e.t.TransportService ] [odfe-node1] publish_address {172.18.0.2:9300}, bound_addresses {0.0.0.0:9300} | |
[2020-08-05T18:12:36,326][INFO ][o.e.b.BootstrapChecks ] [odfe-node1] bound or publishing to a non-loopback address, enforcing bootstrap checks | |
[2020-08-05T18:12:36,328][INFO ][o.e.c.c.Coordinator ] [odfe-node1] cluster UUID [85jVpbOlTsuXZfCsOiPLtw] | |
[2020-08-05T18:12:36,522][INFO ][o.e.c.s.MasterService ] [odfe-node1] elected-as-master ([1] nodes joined)[{odfe-node1}{03OfzIepR9OkYUr7V6M95g}{Xkq_axBVQhKY_2lDPoGU1w}{172.18.0.2}{172.18.0.2:9300}{dim} elect leader, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 2, version: 11, delta: master node changed {previous [], current [{odfe-node1}{03OfzIepR9OkYUr7V6M95g}{Xkq_axBVQhKY_2lDPoGU1w}{172.18.0.2}{172.18.0.2:9300}{dim}]} | |
[2020-08-05T18:12:36,705][INFO ][o.e.c.s.ClusterApplierService] [odfe-node1] master node changed {previous [], current [{odfe-node1}{03OfzIepR9OkYUr7V6M95g}{Xkq_axBVQhKY_2lDPoGU1w}{172.18.0.2}{172.18.0.2:9300}{dim}]}, term: 2, version: 11, reason: Publication{term=2, version=11} | |
[2020-08-05T18:12:37,084][INFO ][o.e.h.AbstractHttpServerTransport] [odfe-node1] publish_address {172.18.0.2:9200}, bound_addresses {0.0.0.0:9200} | |
[2020-08-05T18:12:37,094][INFO ][o.e.n.Node ] [odfe-node1] started | |
[2020-08-05T18:12:37,095][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] Node started | |
[2020-08-05T18:12:37,096][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Check if .opendistro_security index exists ... | |
[2020-08-05T18:12:37,096][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] .opendistro_security index does not exist yet, so we create a default config | |
[2020-08-05T18:12:37,103][INFO ][c.a.o.s.OpenDistroSecurityPlugin] [odfe-node1] 4 Open Distro Security modules loaded so far: [Module [type=MULTITENANCY, implementing class=com.amazon.opendistroforelasticsearch.security.configuration.PrivilegesInterceptorImpl], Module [type=AUDITLOG, implementing class=com.amazon.opendistroforelasticsearch.security.auditlog.impl.AuditLogImpl], Module [type=DLSFLS, implementing class=com.amazon.opendistroforelasticsearch.security.configuration.OpenDistroSecurityFlsDlsIndexSearcherWrapper], Module [type=REST_MANAGEMENT_API, implementing class=com.amazon.opendistroforelasticsearch.security.dlic.rest.api.OpenDistroSecurityRestApiActions]] | |
[2020-08-05T18:12:37,104][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Background init thread started. Install default config?: true | |
[2020-08-05T18:12:37,119][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Will create .opendistro_security index so we can apply default config | |
[2020-08-05T18:12:37,419][INFO ][o.e.g.GatewayService ] [odfe-node1] recovered [1] indices into cluster_state | |
WARNING: An illegal reflective access operation has occurred | |
WARNING: Illegal reflective access by com.amazon.opendistro.elasticsearch.performanceanalyzer.collectors.MasterServiceEventMetrics (file:/usr/share/elasticsearch/plugins/opendistro_performance_analyzer/opendistro_performance_analyzer-1.6.0.0.jar) to field java.util.concurrent.ThreadPoolExecutor.workers | |
WARNING: Please consider reporting this to the maintainers of com.amazon.opendistro.elasticsearch.performanceanalyzer.collectors.MasterServiceEventMetrics | |
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations | |
WARNING: All illegal access operations will be denied in a future release | |
[2020-08-05T18:12:38,504][INFO ][o.e.c.r.a.AllocationService] [odfe-node1] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.opendistro_security][0]]]). | |
[2020-08-05T18:12:39,060][INFO ][c.a.o.s.c.ConfigurationRepository] [odfe-node1] Node 'odfe-node1' initialized | |
bryanboza@Bryans-MacBook-Pro-2 05-test % |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment