LDAP connectivity failures , few questions


(Mateusz Kołodziejczyk) #21

Sorry, what exactly do you want me to comment?


#22

Hello Simone ,

thanks for taking care . I’m now able to login with my new account .
still didn’t hear from you regarding the latest release.
before I install , can you please confirm that the version 6.1.1 I’ve downloaded 2 days ago includes the bug fixes mentioned above ?

Thanks.


(Simone Scarduzio) #23

yes it 1.17.3 is the latest plugin version


(Simone Scarduzio) #24

The new LDAP connector is attached to the rewritten core project. This code is in the main repo, but is
not live yet (still marked as experimental).

The rewritten core, written in Scala, replaces a lot of old code in ROR. We are at the moment ironing out the new code base to behave like the old one, especially in flawlessly supporting the Kibana use cases.
Once this is done, we will remove the old code and send out a major release.

We can manually send you any build if you ask.

Then we will try the new plugin in the old version first. Right?


#25

I understand . thanks for the update Simone . we’ll wait for the major release .


(Simone Scarduzio) #26

@alonzo the new core testing is going well, very soon we’ll have a pre build. Would you like to try it?


#27

thank you , we’ll wait for the pre build .


#28

Hi Simone,

if we would like to test the new core on QA env, can you please share a link to download it ?
I see that if I donwload the current version it is still 1.17.3 which is the one before the fix .


(Simone Scarduzio) #29

Hi @alonzo,

Yes we have a pre release here for you.

https://readonlyrest-data.s3-eu-west-1.amazonaws.com/tmp/readonlyrest-1.17.4-pre5_es6.6.2.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEKIPNTOTIVGQ4EQ/20190405/eu-west-1/s3/aws4_request&X-Amz-Date=20190405T153722Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=da7c2ea896900440a63ae6f4c499afb514cf0ef42cc8eea02ec13c87d586c24d

We are waiting for another PR before performance testing and GA. But hey, thank you for giving this a test run.


#30

thanks Simone, just to make sure , does it include the ROR and the kibana plugin ?
and last thing , our test environment has ES 6.1.1 , I think the downloaded file is for 6.6. will it support also the 6.1.1 version we have ?


(Simone Scarduzio) #31

HI @alonzo, the LDAP fix you are after is in the newly rewritten “core” component of the ES plugin.

No matter what ES version you are using, this piece of code will be running.

Sorry about the version mismatch, we are working now to get the new core to talk with 6.1.x and get back to you with a build ASAP.


(Mateusz Kołodziejczyk) #32

Hi @alonzo. We’ve prepared a build for you (ES 6.1.1). Please, let me know if you will have any problem with it.

https://readonlyrest-data.s3-eu-west-1.amazonaws.com/tmp/readonlyrest-1.17.5-pre1_es6.1.1.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJEKIPNTOTIVGQ4EQ/20190410/eu-west-1/s3/aws4_request&X-Amz-Date=20190410T162733Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=e8ca996171e188032a19d97d9cfbb285a3c566303830e8ef71d669e961c11967


#33

sorry for the delay , I’ve just came back to office after few days .
I’ll install the new version and try to reproduce the failure.
thanks a lot .


#34

today we have the kibana plugin readonlyrest_kbn_enterprise-1.6.27_es_6.1.1zip and
readonlyrest-1.16.27_es6.1.1.zip

I now have the new prebuild 1.17.75 , I guess it is for the ROR , what about the kibana plugin ? do I have to download new version ?


(Simone Scarduzio) #35

Hi @alonzo, yes mixing so distant version of kibana/elasticsearch plugins wouldn’t be the best solution. I will provide you with the best suitable version in private message.


#36

ok, I installed version 6.1.1 on new server and started the node with no problems, also did curl -XGET servername:9200 and got the output .
then I ran : elasticsearch-plugin install file:/// … /readonlyrest-1.17.5-pre1_es6.1.1.zip
during the installation process I got messages :
WARNING: plugin requiers additional permissions
java.io.FilePermision << >> read
java.lang.RuntimePermission …
.
.
.
java.util.PropertyPermission * read,write
Continue with installation? [y/N] y
-> Installed readonlyrest

I brought my readonlyrest.yml file from another host to the same directory where the elasticsearch.yml file is placed .
I see the readonlyrest directory under /usr/share/elasticsearch .
if I run bin/elasticsearch-plugin list I get : readonlyrest .

then I started the elasticsearch service and few seconds after that I got :
SLF4J : Defaulting to no-operation (NOP) logger implementation
SLF4J : see http://www.slf4j.org/codes.html#StaticLoggerBInder for further details

the /var/log/elasticsearch/cluster_name.log contains the following errors :
[ERROR][o.e.b.Bootstrap ] …
org.elasticsearch.common.settings.SettingsException: Failed to get setting group for [] setting prefix and setting [pidfile] because of a missing ‘.’
at org.elasticsearch.common.settings.Settings.getGroupsInternal(settings.java:497) ~[elasticsearch-6.1.1.jar:6.1.1] …
uncaught exception in thread [main]

do I miss something ?


(Simone Scarduzio) #37

never saw this message, can you show the full stack trace?


#38

I had to copy it since my network is not connected to the web .
I hope I didn’t miss anything.

[WARN] [o.e.b.ElasticsearchUnacuaghtExceptionHandler] [node_name] [ server_a ] uncaught exception in therad [main]
org.elasticsearch.bootstrap.StartupException: SettingsException [Failed to get setting group for [] setting
prefix and setting [pidfile] because of missing ‘.’]
at org.elasticsearch.bootstrap.Elasticsearch.init (Elasticsearch.java:125) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Elasticsearch.execute (Elasticsearch.java:112) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute (EnvironmentAwareCommand.java:86) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling (Command.java:124) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.cli.Command.main (Command.java:90) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Elasticsearch.main (Elasticsearch.java:92) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Elasticsearch.main (Elasticsearch.java:85) ~[elasticsearch-6.1.1.jar:6.1.1]
Caused by: org.elasticsearch.common.settings.SettingsException [Failed to get setting group for [] setting prefix and setting [pidfile] because of missing ‘.’
at org.elasticsearch.common.settings.getGroupsInternal (Settings.java:497) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.common.settings.getAsGroups(Settings.java:513) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.common.settings.getAsGroups(Settings.java:509) ~[elasticsearch-6.1.1.jar:6.1.1]
at tech.beshu.ror.es.ReadonlyRestPlugin.lambda$createComponents$0(ReadonlyRestPlugin.java:109) ~[?:?]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_60]
at tech.beshu.ror.es.ReadonlyRestPlugin.createComponents(ReadonlyRestPlugin.java:106) ~[?:?]
at org.elasticsearch.node.Node.lambda$new$7 (Node.java:395) ~[elasticsearch-6.1.1.jar:6.1.1]
at java.util.stream.ReferencePipeline$7$1.accept(unknown Source) ~[?:1.8.0_60]
at java.util.ArrayList$ArrayListSpliterator.forEachRemaining (Unknown Source) ~[?:1.8.0_60]
at java.util.stream.AbstractPipeline.copyInto (Unknown Source) ~[?:1.8.0_60]
at java.util.stream.AbstractPipeline.wrapAndCopyInto (Unknown Source) ~[?:1.8.0_60]
at java.util.stream.ReduceOps$ReduceOp.evaluateSequential (Unknown Source) ~[?:1.8.0_60]
at java.util.stream.AbstractPipeline.evaluate (Unknown Source) ~[?:1.8.0_60]
at java.util.stream.ReferencePipeline.collect (Unknown Source) ~[?:1.8.0_60]
at org.elasticsearch.noe.Node.(Node.java:398) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.noe.Node.(Node.java:245) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Bootstrap$5.(Bootstrap.java:212) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Bootstrap.setup (Bootstrap.java:212) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Bootstrap.init (Bootstrap.java:322) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.bootstrap.Elasticsearch.init (Elasticsearch.java:121) ~[elasticsearch-6.1.1.jar:6.1.1]


#39

just one thing , the readonlyrest.yml I have is the one I took from another cluster which works fine with version 1.16.27 , so if the file is supported by the new version 1.17.75 then we should look for something else which causes this issue . maybe env variable which I have to set or something else ?


(Simone Scarduzio) #40
  1. is this happening just with the new core ROR version? Or also with the current latest available version for 6.1.1?

  2. Looks like it’s not recognising the “pidfile” setting (which probably is on elasticsearch.yml rather than readonlyrest.yml). Just for testing, try to comment that and run again to see if it stops somewhere else.