Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG][Security Plugin Configuration] #80

Closed
rodolfovillordo opened this issue Jul 19, 2022 · 3 comments · Fixed by #81 or #97
Closed

[BUG][Security Plugin Configuration] #80

rodolfovillordo opened this issue Jul 19, 2022 · 3 comments · Fixed by #81 or #97
Labels
bug Something isn't working

Comments

@rodolfovillordo
Copy link
Contributor

rodolfovillordo commented Jul 19, 2022
edited
Loading

Describe the bug

The Playbook execution fails at the task Security Plugin configuration | Copy the opensearch security internal users template execution on a single-node deployment. Tested on an EC2 Ubuntu instance.

To Reproduce
Steps to reproduce the behavior:

  1. checkout the latest version from this repository
  2. Change the cluster_type variable to single-node unnecessary step ref: [1.x] Fix nonexistent "os_sec_plugin_conf_path" directory error. #81 (comment)
  3. configure the inventory hosts as below
aos ansible_host=<public_ip> ansible_user=ubuntu ip=<private_ip> roles=data,master

dashboards1 ansible_host=<2nd_instance_public_ip> ansible_user=ubuntu ip=<second_instance_private_ip>

# List all the nodes in the os cluster
[os-cluster]
aos

# List all the Master eligible nodes under this group
[master]
aos

[dashboards]
dashboards1
  1. See error
TASK [linux/opensearch : Security Plugin configuration | Copy the opensearch security internal users template] *******************************************************************************
fatal: [aos]: FAILED! => {"changed": false, "checksum": "17c615cd8e9089aedb31891e7aedd1ff8fa32318", "msg": "Destination directory /usr/share/opensearch/plugins/opensearch-security/securityconfig does not exist"}

Expected behavior
Finish the deployment without errors.

Playbook Name
Specify the Playbook which is affected?
roles/linux/opensearch/tasks/security.yml

Screenshots
N/A

Host/Environment (please complete the following information):

  • Ansible Version: 2.12.6
  • Playbook Version: 2.1.0

Additional context
The task Security Plugin configuration | Copy the opensearch security internal users template execution assumes that the {{ os_sec_plugin_conf_path }} already exists when copying the internal_users template. However, the template module does not create parent directories.
@rodolfovillordo rodolfovillordo added the bug Something isn't working label Jul 19, 2022
@rodolfovillordo rodolfovillordo mentioned this issue Jul 19, 2022
Merged
@rodolfovillordo
Copy link
Contributor Author

PR for the fix: #81

This was referenced Jul 19, 2022
Closed
Closed
@minhthong582000
Copy link

minhthong582000 commented Sep 26, 2022
edited
Loading

@rodolfovillordo. Starting from version 2.x.x, the opensearch-security configuration files are moved to /usr/share/opensearch/config/opensearch-security. So if we specify the os_sec_plugin_conf_path like this, everything works fine:

os_sec_plugin_conf_path: /usr/share/opensearch/config/opensearch-security

Already tested on my local machines.

Related MR: opensearch-project/security#1749

@peterzhuamazon
Copy link
Member

peterzhuamazon commented Oct 4, 2022
edited
Loading

@rodolfovillordo. Starting from version 2.x.x, the opensearch-security configuration files are moved to /usr/share/opensearch/config/opensearch-security. So if we specify the os_sec_plugin_conf_path like this, everything works fine:

os_sec_plugin_conf_path: /usr/share/opensearch/config/opensearch-security

Already tested on my local machines.

Related MR: opensearch-project/security#1749

The path in 2.x is moved to opensearchroot/config/opensearch-security not in plugins/opensearch-security/securityconfig anymore.

opensearch-project/opensearch-plugins#127

@peterzhuamazon peterzhuamazon linked a pull request Oct 4, 2022 that will close this issue
[1.x] Fix nonexistent "os_sec_plugin_conf_path" directory error. #81
Merged
@peterzhuamazon peterzhuamazon mentioned this issue Oct 4, 2022
Merged
@peterzhuamazon peterzhuamazon linked a pull request Oct 4, 2022 that will close this issue
Fix nonexistent os_sec_plugin_conf_path directory error #97
Merged
@peterzhuamazon peterzhuamazon mentioned this issue Oct 7, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
3 participants
@rodolfovillordo @minhthong582000 @peterzhuamazon