Closed byalexandrepedrosa closed 1 year ago
It's not an bug, reading docs to hardening elasticsearch, have found the hint:
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/_discovery_configuration_check.html
If you do not need any discovery configuration, for instance if running a single-node cluster, set
discovery.seed_hosts: []
to disable discovery and satisfy this bootstrap check.
Previously was using the setup from docs 7.10 (version in graylog manuals) steps said:
This bootstrap check ensures that discovery is not running with the default configuration. It can be satisfied by setting at least one of the following properties:
discovery.seed_hosts
discovery.seed_providers
cluster.initial_master_nodes
Then I have tested all 3 informing the instance as master, but not empty like docs on 7.17 says to.
To fix the infinite loop need use:
discovery.seed_hosts: []
Now its working, allowing have native encryption from tls and extra security options using opensearch, and with an package in active development (opensearch).
Fresh install in LXD container can't get it working using Opensearch, works with Elasticsearch 7.10.2.
Expected Behavior
Work using Opensearch since Elasticsearch 7 will no longer receive updates.
Current Behavior
I tested using OpenJDK 8 to 18 and Oracle 8.
Initialization always loops on the line:
Service logs, configurations, and environment variables:
Error from graylog.log
Graylog server.conf:
Mongodb mongod.conf:
Opensearch opensearch.yml
Tables at MongoDB are created using the following versions:
Example of table list:
The version 4.3.1-1 stops at same error, but don't create tables on MongoDB.
Possible Solution
My guess is around endpoints don't be same so check fails on Opensearch because are using an inexistent endpoint and enter in loop for try n times.
Steps to Reproduce (for bugs)
Using a fresh install with the above config files would reproduce the problem (I tested using a second container and the same error occurs).
And follow the order:
Error should happen on the query about cluster.
Curiosity:
To make it run once with Opensearch:
Once the Graylog has already passed the stage of verifying the cluster (even using single node) it can work without error with Opensearch (so I suspect it is a problem of querying an endpoint that does not exist in opensearch and only in the step of searching for cluster that occurs on every start/restart of Graylog).
Context
Financial companies with security certifications hardly accept solutions using abandoned packages or without updates, being practical in these to always opt for LTS Systems (read, it doesn't need to be edge, but it needs to have Long-term Support), in this way to be able to offer Graylog as a possible solution for Log management in these companies, it is necessary to comply with the policy they practice, in this case, since Elasticsearch will no longer receive updates when offering Graylog using Opensearch, which maintains updates, would be within these rules.
Your Environment
Ubuntu 22 comes with OpenSSL 3 and MongoDB are not ready for it, the workaround I have used is install the lib package from previous version libssl1.1_1.1.1f-1ubuntu2.16_amd64.deb. Not sure if this would be an problem since bugs occours without encryption.
Have disable the cluster and used:
discovery.type: single-node
Does not work with Opensearch.