search

elastic / ansible-elasticsearch

Ansible playbook for Elasticsearch
Other
1.59k stars 857 forks source link

Can't enable x-pack and install additional plugins on the same playbook #785

Closed GMafra closed 3 years ago

GMafra commented 3 years ago

Elasticsearch version

7.11.2

Role version: (If using master please specify github sha)

Master -> 4f01bc74a079c726a5045bed5595273fbe2d2bc0

OS version (uname -a if on a Unix-like system):

3.10.0-1160.11.1.el7.x86_64

Description of the problem including expected versus actual behaviour:

Can't install repository-s3 plugin if enabling X-pack on the same playbook, it throws the following errors:

TASK [elastic.elasticsearch : Check installed elasticsearch plugins] ****************************************************************************************************************************************
fatal: [HOSTNAME]: FAILED! => {"changed": false, "cmd": "ls /usr/share/elasticsearch/plugins | grep -vE 'x-pack'", "delta": "0:00:00.005121", "end": "2021-03-15 08:39:14.021654", "msg": "non-zero return code", "rc": 1, "start": "2021-03-15 08:39:14.016533", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
TASK [elastic.elasticsearch : Install elasticsearch plugins] ************************************************************************************************************************************************
FAILED - RETRYING: Install elasticsearch plugins (5 retries left).
FAILED - RETRYING: Install elasticsearch plugins (5 retries left).
FAILED - RETRYING: Install elasticsearch plugins (5 retries left).
FAILED - RETRYING: Install elasticsearch plugins (4 retries left).
FAILED - RETRYING: Install elasticsearch plugins (4 retries left).
FAILED - RETRYING: Install elasticsearch plugins (4 retries left).
FAILED - RETRYING: Install elasticsearch plugins (3 retries left).
FAILED - RETRYING: Install elasticsearch plugins (3 retries left).
FAILED - RETRYING: Install elasticsearch plugins (3 retries left).
FAILED - RETRYING: Install elasticsearch plugins (2 retries left).
FAILED - RETRYING: Install elasticsearch plugins (2 retries left).
FAILED - RETRYING: Install elasticsearch plugins (2 retries left).
FAILED - RETRYING: Install elasticsearch plugins (1 retries left).
FAILED - RETRYING: Install elasticsearch plugins (1 retries left).
FAILED - RETRYING: Install elasticsearch plugins (1 retries left).
failed: [HOSTNAME] (item={'plugin': 'repository-s3 x-pack'}) => {"ansible_loop_var": "item", "attempts": 5, "changed": false, "cmd": ["/usr/share/elasticsearch/bin/elasticsearch-plugin", "install", "repository-s3", "x-pack", "--batch", "--silent"], "delta": "0:02:08.681638", "end": "2021-03-15 08:53:07.901842", "item": {"plugin": "repository-s3 x-pack"}, "msg": "non-zero return code", "rc": 1, "start": "2021-03-15 08:50:59.220204", "stderr": "Exception in thread \"main\" java.net.ConnectException: Connection timed out\n\tat java.base/sun.nio.ch.Net.connect0(Native Method)\n\tat java.base/sun.nio.ch.Net.connect(Net.java:574)\n\tat java.base/sun.nio.ch.Net.connect(Net.java:563)\n\tat java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:588)\n\tat java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:333)\n\tat java.base/java.net.Socket.connect(Socket.java:648)\n\tat java.base/sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:290)\n\tat java.base/sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:173)\n\tat java.base/sun.net.NetworkClient.doConnect(NetworkClient.java:182)\n\tat java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:474)\n\tat java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:569)\n\tat java.base/sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:265)\n\tat java.base/sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:372)\n\tat java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:189)\n\tat java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1194)\n\tat java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1082)\n\tat java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:175)\n\tat java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)\n\tat org.elasticsearch.plugins.InstallPluginCommand.urlExists(InstallPluginCommand.java:409)\n\tat org.elasticsearch.plugins.InstallPluginCommand.getElasticUrl(InstallPluginCommand.java:365)\n\tat org.elasticsearch.plugins.InstallPluginCommand.download(InstallPluginCommand.java:296)\n\tat org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:242)\n\tat org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:215)\n\tat org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75)\n\tat org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116)\n\tat org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:80)\n\tat org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116)\n\tat org.elasticsearch.cli.Command.main(Command.java:79)\n\tat org.elasticsearch.plugins.PluginCli.main(PluginCli.java:36)", "stderr_lines": ["Exception in thread \"main\" java.net.ConnectException: Connection timed out", "\tat java.base/sun.nio.ch.Net.connect0(Native Method)", "\tat java.base/sun.nio.ch.Net.connect(Net.java:574)", "\tat java.base/sun.nio.ch.Net.connect(Net.java:563)", "\tat java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:588)", "\tat java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:333)", "\tat java.base/java.net.Socket.connect(Socket.java:648)", "\tat java.base/sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:290)", "\tat java.base/sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:173)", "\tat java.base/sun.net.NetworkClient.doConnect(NetworkClient.java:182)", "\tat java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:474)", "\tat java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:569)", "\tat java.base/sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:265)", "\tat java.base/sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:372)", "\tat java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:189)", "\tat java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1194)", "\tat java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1082)", "\tat java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:175)", "\tat java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:142)", "\tat org.elasticsearch.plugins.InstallPluginCommand.urlExists(InstallPluginCommand.java:409)", "\tat org.elasticsearch.plugins.InstallPluginCommand.getElasticUrl(InstallPluginCommand.java:365)", "\tat org.elasticsearch.plugins.InstallPluginCommand.download(InstallPluginCommand.java:296)", "\tat org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:242)", "\tat org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:215)", "\tat org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75)", "\tat org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116)", "\tat org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:80)", "\tat org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116)", "\tat org.elasticsearch.cli.Command.main(Command.java:79)", "\tat org.elasticsearch.plugins.PluginCli.main(PluginCli.java:36)"], "stdout": "", "stdout_lines": []}

Expected result is to have Elasticsearch deployed with both plugins installed.

Playbook:

- name: ES deploy
  hosts: all
  roles:
    - role: elastic.elasticsearch
  vars:
    es_heap_size: "{{ ansible_memory_mb.real.total//2 }}m"
    es_version: 7.11.2
    es_config:
      node.name: "{{inventory_hostname}}"
      cluster.name: "{{cluster_name}}"
      cluster.initial_master_nodes: "{{groups[cluster_name][0]}}"
      discovery.seed_hosts: "{{groups[cluster_name][0]}}:9300"
      network.host: 0.0.0.0
      http.port: 9200
      node.data: true
      node.master: true
      transport.host: 0.0.0.0
      transport.port: 9300
      bootstrap.memory_lock: false
      xpack.security.authc.realms.file.file1.order: 0
      xpack.security.authc.realms.native.native1.order: 1
      repositories.url.allowed_urls:
        ["https://HOSTNAME/*"]
    es_plugins:
      - plugin: repository-s3
    es_api_basic_auth_username: elastic
    es_api_basic_auth_password: elasticChanged
    es_enable_http_ssl: true
    es_enable_transport_ssl: true
    es_ssl_keystore: "../certs/{{ansible_hostname}}/{{ansible_hostname}}.p12"
    es_ssl_truststore: "../certs/ca/ca.p12"
    es_ssl_keystore_password: "testpass123"
    es_ssl_truststore_password: "testpass123"
    es_validate_certs: no
    es_xpack_trial: true
GMafra commented 3 years ago

Found the issue, repository-s3 repo url was blocked on the FW