HPE Community
HPE Morpheus Enterprise
1834431 Members
2501 Online
110067 Solutions
New Discussion

Elasticsearch security warnings in Morpheus logs

 
dgaharwar
Trusted Contributor

‎02-13-2023 10:16 AM

‎02-13-2023 10:16 AM

Elasticsearch security warnings in Morpheus logs

IMPORTANT!: This is just FYI and is strongly not recommended.

The below error may be seen in the logs which is just a warning and don’t cause any harm.

2022-12-19_11:18:21.76897 Warnings: [Elasticsearch built-in security features are not enabled. Without authentication, your cluster could be accessible to anyone. See Set up minimal security for Elasticsearch | Elasticsearch Guide [7.17] | Elastic to enable security.]

The below morpheus.rb option that can be switched from false to true.

elasticsearch['secure_mode'] = false

However, we don’t recommend configuring this setting in All-in-One and HA environments as we haven’t documented the manual steps for configuring TLS on nodes two and three. But that’s just a warning and you can totally ignore that.

Reply
2 REPLIES 2
Not applicable

‎03-15-2023 06:42 AM

‎03-15-2023 06:42 AM

Re: Elasticsearch security warnings in Morpheus logs

Is elasticsearch[‘secure_mode’] recommended/supported on a single-node installation?

Reason I ask, when I enabled this setting on a Morpheus v 5.4.15 installation, morpheus-ctl bombed with the following error:

  • execute the ruby block elasticsearch_wait

  • execute[update elastic user password] action run

    ================================================================================
    Error executing action run on resource ‘execute[update elastic user password]’

    Mixlib::ShellOut::ShellCommandFailed

    Command execution failed. STDOUT/STDERR suppressed for sensitive resource

    Resource Declaration:

    suppressed sensitive resource output

    Compiled Resource:

    suppressed sensitive resource output

    System Info:

    chef_version=14.14.29
    platform=ubuntu
    platform_version=20.04
    ruby=ruby 2.6.10p210 (2022-04-12 revision 67958) [x86_64-linux]
    program_name=/opt/morpheus/embedded/bin/chef-client
    executable=/opt/morpheus/embedded/bin/chef-client

[2023-03-15T13:37:15+00:00] INFO: Running queued delayed notifications before re-raising exception

Running handlers:
[2023-03-15T13:37:15+00:00] ERROR: Running exception handlers
Running handlers complete
[2023-03-15T13:37:15+00:00] ERROR: Exception handlers complete
Chef Client failed. 17 resources updated in 26 seconds
[2023-03-15T13:37:15+00:00] FATAL: Stacktrace dumped to /opt/morpheus/embedded/cookbooks/cache/chef-stacktrace.out
[2023-03-15T13:37:15+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2023-03-15T13:37:15+00:00] FATAL: Mixlib::ShellOut::ShellCommandFailed: execute[update elastic user password] (morpheus-solo::elasticsearch line 385) had an error: Mixlib::ShellOut::ShellCommandFailed: Command execution failed. STDOUT/STDERR suppressed for sensitive resource

0 Kudos
Reply
dgaharwar
Trusted Contributor

‎03-20-2023 02:48 PM

‎03-20-2023 02:48 PM

Re: Elasticsearch security warnings in Morpheus logs

Seems like it’s not recommended for All-in-One as well. The content has been updated.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.