Switching the Elasticsearch Security Mode

Scenario

Elasticsearch provides an independent switch for controlling the security mode. When security authentication is required, users can switch the security mode by modifying the configuration item.

Switching from the security mode to the normal mode may cause security risks. Exercise caution when performing this operation.
Normal-to-security switchover is risky, while security-to-normal switchover increases security risks but is not risky. Exercise caution when performing this operation.

Security-to-Normal Switchover

Log in to Manager.
Choose Cluster > Name of the desired cluster > Services > Elasticsearch > Configurations > All Configurations.

Search for the ELASTICSEARCH_SECURITY_ENABLE parameter, change its value to false, and click Save.

After the configuration is saved, restart the Elasticsearch service.
Choose Cluster > Name of the desired cluster > Services > Elasticsearch > More. Check whether the Enable Ranger button is unavailable.
- If yes, no further action is required.
- If no, the Elasticsearch service of the cluster uses the user- and role-based authentication mode. In this case, go to 6.
After switching the Elasticsearch mode, restart the authentication plug-in.
1. Log in to the active OMS node as user root, and run the following command to switch to user omm:
  su - omm
2. Run the following command to search for the process of the authentication plug-in:
  jps | grep AosMainProcess
3. Run the following command to stop the process of the authentication plug-in:
  kill -9 pid
  
  Set pid to the process ID obtained in 6.b.
4. Wait about three minutes until the authentication plug-in process is automatically restarted.

Normal-to-Security Switchover

Choose Cluster > Name of the desired cluster > Services > Elasticsearch > More. Check whether the Enable Ranger button is unavailable.
- If yes, the Elasticsearch service of the cluster uses the Ranger-based authentication mode. In this case, go to 2.
- If no, the Elasticsearch service of the cluster uses the user- and role-based authentication mode. In this case, go to 3.
Create a policy in Ranger by referring to Authentication Based on Ranger based on the index name and permission control information used by the user. Otherwise, the existing policies cannot be accessed after you have switched the authentication mode, and no other action is required.
For details about preparations before switching from the normal mode to the security mode and configuration operations after the switchover, see Synchronizing Index Owner Group.

After switching the Elasticsearch mode, restart the authentication plug-in.
1. Log in to the active OMS node as user root, and run the following command to switch to user omm:
  su - omm
2. Run the following command to search for the process of the authentication plug-in:
  jps | grep AosMainProcess
3. Run the following command to stop the process of the authentication plug-in:
  kill -9 pid
  
  Set pid to the process ID obtained in 4.b.
4. Wait about three minutes until the authentication plug-in process is automatically restarted.

Parent topic: Using Elasticsearch

Previous topic: Connecting Elasticsearch to Flume ESSink

Next topic: Synchronizing Index Owner Group

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot