Closed Tlecomte13 closed 1 month ago
hi @Tlecomte13, I think you missed out the right-side env var. It should be similar following diff here, no? 👀
- - OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_ADMIN_PASSWORD}`
+ - OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_INITIAL_ADMIN_PASSWORD}`
Hi @hainenber, my environment variable in the .env file is indeed OPENSEARCH_ADMIN_PASSWORD
, I haven’t changed anything except the image version, where I went from 2.17 to 2.16, and with version 2.16 it works perfectly.
I tried directly without using an env file, like this:
OPENSEARCH_INITIAL_ADMIN_PASSWORD=Yd76....
Of course, taking into account the uppercase, lowercase, special characters, etc., as mentioned in the documentation.
Hi @hainenber @Tlecomte13 ,
OPENSEARCH_INITIAL_ADMIN_PASSWORD wont take effect if you havent delete the volume. If you already have 2.16 started and set password to 123, then update to 2.17 with password 456 wont take effect. The password will still be 123.
Would you provide more log about the error to know exactly what is happening.
Thanks
Oh im a bystander in this case 😄
I assume you are trying to resolve @Tlecomte13 case
Also I just checked that build code did not make any related changes for months. I do see some changes related to the cert and user setup here directly in https://github.com/opensearch-project/security/compare/2.16...2.17.
cc: @cwperks @DarshitChanpura @derek-ho to take a look here.
We have tested the docker container in 2.17.0 here and seems it works fine: https://build.ci.opensearch.org/blue/organizations/jenkins/distribution-validation/detail/distribution-validation/1250/pipeline/51
Hi @peterzhuamazon, @hainenber
So, after a night’s sleep, I wanted to try what @peterzhuamazon suggested, which was to upgrade from version 2.16 to 2.17 while keeping my volumes. It worked fine. I thought it must be something during the project’s initiation, so I deleted all the volumes using docker system prune -a
to make sure I had nothing left.
And it works... even though the day before I did the same steps and only changed the image version.
The only thing I can recall is that before setting up OpenSearch, in the meantime, I updated my Docker version to 4.34.2. I don't think it’s related, but how can I explain how crazy this is driving me? I can’t understand why it didn’t work yesterday.
I can now upgrade to version 2.17 and stay up to date, but I don’t know what happened or how to reproduce it now.
Thanks anyway for your help, I'm going to close the ticket.
Describe the bug
In version 2.17 of the official OpenSearch Docker image, the environment variable
OPENSEARCH_INITIAL_ADMIN_PASSWORD
is not functioning as expected. When launching the container, OpenSearch prompts for an admin password despite the variable being set in the docker-compose.yml file.The admin password is correctly set in the container and can be verified within the environment variables.
curl
curl -k -u admin:<password> https://localhost:9200
Unauthorized
Using version 2.16 of the OpenSearch Docker image works perfectly fine, with the OPENSEARCH_INITIAL_ADMIN_PASSWORD variable being recognized correctly and allowing the container to start without issues.
Related component
Build
To Reproduce
Expected behavior
The container should start successfully without prompting for an admin password. It should utilize the password provided through the OPENSEARCH_INITIAL_ADMIN_PASSWORD environment variable, allowing access to the OpenSearch instance without any authentication issues.
Additional Details
Plugins Please list all plugins currently enabled.
Screenshots If applicable, add screenshots to help explain your problem.
Host/Environment (please complete the following information):
Additional context Add any other context about the problem here.