[Docker] Fixes security enabled logic to execute demo config only if security plugin is enabled #4446
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…plugin is enabled Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
DarshitChanpura
requested review from
dblock,
peterzhuamazon,
bbarani,
gaiksaya,
rishabh6788,
zelinh,
jordarlu,
prudhvigodithi,
Divyaasm and
tianleh
as code owners
88 tasks
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #4446 +/- ##
=======================================
Coverage 91.55% 91.55%
=======================================
Files 190 190
Lines 6214 6214
=======================================
Hits 5689 5689
Misses 525 525 ☔ View full report in Codecov by Sentry. |
Expand to see working logs with DISABLE_SECURITY_PLUGIN flag:➜ opensearch git:(fix-security-enable-check) docker pull opensearchstaging/opensearch:2.12.0.9399 && docker run -it -p 9200:9200 -e "discovery.type=single-node" -e "DISABLE_SECURITY_PLUGIN=true" -v "<custom-path>/opensearch-docker-entrypoint.sh:/usr/share/opensearch/opensearch-docker-entrypoint.sh" opensearchstaging/opensearch:2.12.0.9399
2.12.0.9399: Pulling from opensearchstaging/opensearch
Digest: sha256:87b2c2bed78237714aea05572b71757470b9b0622867615dde14c1ac3e2eeb27
Status: Image is up to date for opensearchstaging/opensearch:2.12.0.9399
docker.io/opensearchstaging/opensearch:2.12.0.9399
What's Next?
1. Sign in to your Docker account → docker login
2. View a summary of image vulnerabilities and recommendations → docker scout quickview opensearchstaging/opensearch:2.12.0.9399
Disabling OpenSearch Security Plugin
Enabling execution of OPENSEARCH_HOME/bin/opensearch-performance-analyzer/performance-analyzer-agent-cli for OpenSearch Performance Analyzer Plugin
WARNING: Using incubator modules: jdk.incubator.vector
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.12.0.jar)
WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
WARNING: System::setSecurityManager will be removed in a future release
Feb 13, 2024 6:19:58 PM sun.util.locale.provider.LocaleProviderAdapter <clinit>
WARNING: COMPAT locale provider will be removed in a future release
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/opensearch/lib/opensearch-2.12.0.jar)
WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
WARNING: System::setSecurityManager will be removed in a future release
[2024-02-13T18:19:59,033][INFO ][o.o.n.Node ] [01d3ab2017b1] version[2.12.0], pid[10], build[tar/a9c03c2d08051dc3f8e5f8c7920473e53d0d2752/2024-02-13T00:08:43.386451404Z], OS[Linux/6.6.12-linuxkit/aarch64], JVM[Eclipse Adoptium/OpenJDK 64-Bit Server VM/21.0.2/21.0.2+13-LTS]
[2024-02-13T18:19:59,034][INFO ][o.o.n.Node ] [01d3ab2017b1] JVM home [/usr/share/opensearch/jdk], using bundled JDK/JRE [true]
[2024-02-13T18:19:59,034][INFO ][o.o.n.Node ] [01d3ab2017b1] JVM arguments [-Xshare:auto, -Dopensearch.networkaddress.cache.ttl=60, -Dopensearch.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -XX:+ShowCodeDetailsInExceptionMessages, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.security.manager=allow, -Djava.locale.providers=SPI,COMPAT, -Xms1g, -Xmx1g, -XX:+UseG1GC, -XX:G1ReservePercent=25, -XX:InitiatingHeapOccupancyPercent=30, -Djava.io.tmpdir=/tmp/opensearch-17431464996054885810, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Djava.security.manager=allow, --add-modules=jdk.incubator.vector, -Djava.util.concurrent.ForkJoinPool.common.threadFactory=org.opensearch.secure_sm.SecuredForkJoinWorkerThreadFactory, -Dclk.tck=100, -Djdk.attach.allowAttachSelf=true, -Djava.security.policy=/usr/share/opensearch/config/opensearch-performance-analyzer/opensearch_security.policy, --add-opens=jdk.attach/sun.tools.attach=ALL-UNNAMED, -Dopensearch.cgroups.hierarchy.override=/, -XX:MaxDirectMemorySize=536870912, -Dopensearch.path.home=/usr/share/opensearch, -Dopensearch.path.conf=/usr/share/opensearch/config, -Dopensearch.distribution.type=tar, -Dopensearch.bundled_jdk=true]
[2024-02-13T18:20:00,314][INFO ][o.o.s.s.t.SSLConfig ] [01d3ab2017b1] SSL dual mode is disabled
[2024-02-13T18:20:00,315][WARN ][o.o.s.OpenSearchSecurityPlugin] [01d3ab2017b1] OpenSearch Security plugin installed but disabled. This can expose your configuration (including passwords) to the public.
[2024-02-13T18:20:00,916][INFO ][o.o.p.c.c.PluginSettings ] [01d3ab2017b1] Config: metricsLocation: /dev/shm/performanceanalyzer/, metricsDeletionInterval: 1, httpsEnabled: false, cleanup-metrics-db-files: true, batch-metrics-retention-period-minutes: 7, rpc-port: 9650, webservice-port 9600
[2024-02-13T18:20:01,519][INFO ][o.o.i.r.ReindexPlugin ] [01d3ab2017b1] ReindexPlugin reloadSPI called
[2024-02-13T18:20:01,521][INFO ][o.o.i.r.ReindexPlugin ] [01d3ab2017b1] Unable to find any implementation for RemoteReindexExtension
[2024-02-13T18:20:01,580][INFO ][o.o.j.JobSchedulerPlugin ] [01d3ab2017b1] Loaded scheduler extension: opendistro_anomaly_detector, index: .opendistro-anomaly-detector-jobs
[2024-02-13T18:20:01,630][INFO ][o.o.j.JobSchedulerPlugin ] [01d3ab2017b1] Loaded scheduler extension: reports-scheduler, index: .opendistro-reports-definitions
[2024-02-13T18:20:01,632][INFO ][o.o.j.JobSchedulerPlugin ] [01d3ab2017b1] Loaded scheduler extension: opendistro-index-management, index: .opendistro-ism-config
[2024-02-13T18:20:01,633][INFO ][o.o.j.JobSchedulerPlugin ] [01d3ab2017b1] Loaded scheduler extension: scheduler_geospatial_ip2geo_datasource, index: .scheduler-geospatial-ip2geo-datasource
[2024-02-13T18:20:01,634][INFO ][o.o.j.JobSchedulerPlugin ] [01d3ab2017b1] Loaded scheduler extension: opensearch_sap_job, index: .opensearch-sap--job
[2024-02-13T18:20:01,662][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [aggs-matrix-stats]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [analysis-common]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [geo]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [ingest-common]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [ingest-geoip]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [ingest-user-agent]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [lang-expression]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [lang-mustache]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [lang-painless]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [mapper-extras]
[2024-02-13T18:20:01,663][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [opensearch-dashboards]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [parent-join]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [percolator]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [rank-eval]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [reindex]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [repository-url]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [search-pipeline-common]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [systemd]
[2024-02-13T18:20:01,664][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded module [transport-netty4]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-alerting]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-anomaly-detection]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-asynchronous-search]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-cross-cluster-replication]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-custom-codecs]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-flow-framework]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-geospatial]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-index-management]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-job-scheduler]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-knn]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-ml]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-neural-search]
[2024-02-13T18:20:01,665][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-notifications]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-notifications-core]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-observability]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-performance-analyzer]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-reports-scheduler]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-security]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-security-analytics]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-skills]
[2024-02-13T18:20:01,666][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] loaded plugin [opensearch-sql]
[2024-02-13T18:20:01,728][INFO ][o.o.e.ExtensionsManager ] [01d3ab2017b1] ExtensionsManager initialized
[2024-02-13T18:20:01,736][INFO ][o.a.l.s.MemorySegmentIndexInputProvider] [01d3ab2017b1] Using MemorySegmentIndexInput with Java 21; to disable start with -Dorg.apache.lucene.store.MMapDirectory.enableMemorySegments=false
[2024-02-13T18:20:01,743][INFO ][o.o.e.NodeEnvironment ] [01d3ab2017b1] using [1] data paths, mounts [[/ (overlay)]], net usable_space [37.5gb], net total_space [58.3gb], types [overlay]
[2024-02-13T18:20:01,743][INFO ][o.o.e.NodeEnvironment ] [01d3ab2017b1] heap size [1gb], compressed ordinary object pointers [true]
[2024-02-13T18:20:01,780][INFO ][o.o.n.Node ] [01d3ab2017b1] node name [01d3ab2017b1], node ID [DDsYEDe8RcOp6Zn0kFWt_w], cluster name [docker-cluster], roles [ingest, remote_cluster_client, data, cluster_manager]
[2024-02-13T18:20:03,345][DEPRECATION][o.o.d.c.s.Settings ] [01d3ab2017b1] [index.store.hybrid.mmap.extensions] setting was deprecated in OpenSearch and will be removed in a future release! See the breaking changes documentation for the next major version.
[2024-02-13T18:20:03,678][INFO ][o.o.n.p.NeuralSearch ] [01d3ab2017b1] Registering hybrid query phase searcher with feature flag [plugins.neural_search.hybrid_search_disabled]
[2024-02-13T18:20:04,316][INFO ][o.o.a.b.ADCircuitBreakerService] [01d3ab2017b1] Registered memory breaker.
[2024-02-13T18:20:04,566][INFO ][o.o.m.b.MLCircuitBreakerService] [01d3ab2017b1] Registered ML memory breaker.
[2024-02-13T18:20:04,566][INFO ][o.o.m.b.MLCircuitBreakerService] [01d3ab2017b1] Registered ML disk breaker.
[2024-02-13T18:20:04,566][INFO ][o.o.m.b.MLCircuitBreakerService] [01d3ab2017b1] Registered ML native memory breaker.
[2024-02-13T18:20:04,641][INFO ][o.r.Reflections ] [01d3ab2017b1] Reflections took 32 ms to scan 1 urls, producing 22 keys and 60 values
[2024-02-13T18:20:04,705][WARN ][o.o.s.p.SQLPlugin ] [01d3ab2017b1] Master key is a required config for using create and update datasource APIs. Please set plugins.query.datasources.encryption.masterkey config in opensearch.yml in all the cluster nodes. More details can be found here: https://github.com/opensearch-project/sql/blob/main/docs/user/ppl/admin/datasources.rst#master-key-config-for-encrypting-credential-information
[2024-02-13T18:20:05,174][INFO ][o.o.t.NettyAllocator ] [01d3ab2017b1] creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=256kb, factors={opensearch.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=1mb, heap_size=1gb}]
[2024-02-13T18:20:05,230][INFO ][o.o.d.DiscoveryModule ] [01d3ab2017b1] using discovery type [single-node] and seed hosts providers [settings]
[2024-02-13T18:20:05,527][WARN ][o.o.g.DanglingIndicesState] [01d3ab2017b1] gateway.auto_import_dangling_indices is disabled, dangling indices will not be automatically detected or imported and must be managed manually
[2024-02-13T18:20:05,938][INFO ][o.o.p.h.c.PerformanceAnalyzerConfigAction] [01d3ab2017b1] PerformanceAnalyzer Enabled: false
[2024-02-13T18:20:05,963][INFO ][o.o.n.Node ] [01d3ab2017b1] initialized
[2024-02-13T18:20:05,963][INFO ][o.o.n.Node ] [01d3ab2017b1] starting ...
[2024-02-13T18:20:05,981][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [windows_logtype.json] log type
[2024-02-13T18:20:05,981][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [waf_logtype.json] log type
[2024-02-13T18:20:05,982][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [vpcflow_logtype.json] log type
[2024-02-13T18:20:05,982][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [test_windows_logtype.json] log type
[2024-02-13T18:20:05,982][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [s3_logtype.json] log type
[2024-02-13T18:20:05,983][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_web_logtype.json] log type
[2024-02-13T18:20:05,983][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_proxy_logtype.json] log type
[2024-02-13T18:20:05,983][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_macos_logtype.json] log type
[2024-02-13T18:20:05,984][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_compliance_logtype.json] log type
[2024-02-13T18:20:05,984][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_cloud_logtype.json] log type
[2024-02-13T18:20:05,984][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_apt_logtype.json] log type
[2024-02-13T18:20:05,985][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [others_application_logtype.json] log type
[2024-02-13T18:20:05,985][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [okta_logtype.json] log type
[2024-02-13T18:20:05,985][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [network_logtype.json] log type
[2024-02-13T18:20:05,986][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [netflow_logtype.json] log type
[2024-02-13T18:20:05,986][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [m365_logtype.json] log type
[2024-02-13T18:20:05,986][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [linux_logtype.json] log type
[2024-02-13T18:20:05,987][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [gworkspace_logtype.json] log type
[2024-02-13T18:20:05,987][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [github_logtype.json] log type
[2024-02-13T18:20:05,987][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [dns_logtype.json] log type
[2024-02-13T18:20:05,988][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [cloudtrail_logtype.json] log type
[2024-02-13T18:20:05,988][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [azure_logtype.json] log type
[2024-02-13T18:20:05,989][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [apache_access_logtype.json] log type
[2024-02-13T18:20:05,989][INFO ][o.o.s.l.BuiltinLogTypeLoader] [01d3ab2017b1] Loaded [ad_ldap_logtype.json] log type
[2024-02-13T18:20:06,155][INFO ][o.o.t.TransportService ] [01d3ab2017b1] publish_address {172.17.0.2:9300}, bound_addresses {0.0.0.0:9300}
[2024-02-13T18:20:06,156][INFO ][o.o.t.TransportService ] [01d3ab2017b1] Remote clusters initialized successfully.
[2024-02-13T18:20:06,270][INFO ][o.o.c.c.Coordinator ] [01d3ab2017b1] setting initial configuration to VotingConfiguration{DDsYEDe8RcOp6Zn0kFWt_w}
[2024-02-13T18:20:06,381][INFO ][o.o.c.s.MasterService ] [01d3ab2017b1] elected-as-cluster-manager ([1] nodes joined)[{01d3ab2017b1}{DDsYEDe8RcOp6Zn0kFWt_w}{GinUnOsoReSbsue9rKRKsA}{172.17.0.2}{172.17.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true} elect leader, _BECOME_CLUSTER_MANAGER_TASK_, _FINISH_ELECTION_], term: 1, version: 1, delta: cluster-manager node changed {previous [], current [{01d3ab2017b1}{DDsYEDe8RcOp6Zn0kFWt_w}{GinUnOsoReSbsue9rKRKsA}{172.17.0.2}{172.17.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true}]}
[2024-02-13T18:20:06,402][INFO ][o.o.c.c.CoordinationState] [01d3ab2017b1] cluster UUID set to [IXFA6QcCQcSDXBh_0sqFFw]
[2024-02-13T18:20:06,415][INFO ][o.o.c.s.ClusterApplierService] [01d3ab2017b1] cluster-manager node changed {previous [], current [{01d3ab2017b1}{DDsYEDe8RcOp6Zn0kFWt_w}{GinUnOsoReSbsue9rKRKsA}{172.17.0.2}{172.17.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true}]}, term: 1, version: 1, reason: Publication{term=1, version=1}
[2024-02-13T18:20:06,421][INFO ][o.o.a.c.ADClusterEventListener] [01d3ab2017b1] Cluster is not recovered yet.
[2024-02-13T18:20:06,425][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,440][INFO ][o.o.i.i.ManagedIndexCoordinator] [01d3ab2017b1] Cache cluster manager node onClusterManager time: 1707848406440
[2024-02-13T18:20:06,449][WARN ][o.o.p.c.s.h.ConfigOverridesClusterSettingHandler] [01d3ab2017b1] Config override setting update called with empty string. Ignoring.
[2024-02-13T18:20:06,455][INFO ][o.o.d.PeerFinder ] [01d3ab2017b1] setting findPeersInterval to [1s] as node commission status = [true] for local node [{01d3ab2017b1}{DDsYEDe8RcOp6Zn0kFWt_w}{GinUnOsoReSbsue9rKRKsA}{172.17.0.2}{172.17.0.2:9300}{dimr}{shard_indexing_pressure_enabled=true}]
[2024-02-13T18:20:06,458][INFO ][o.o.h.AbstractHttpServerTransport] [01d3ab2017b1] publish_address {172.17.0.2:9200}, bound_addresses {0.0.0.0:9200}
[2024-02-13T18:20:06,459][INFO ][o.o.n.Node ] [01d3ab2017b1] started
[2024-02-13T18:20:06,459][INFO ][o.o.s.OpenSearchSecurityPlugin] [01d3ab2017b1] Node started
[2024-02-13T18:20:06,460][INFO ][o.o.s.OpenSearchSecurityPlugin] [01d3ab2017b1] 0 OpenSearch Security modules loaded so far: []
[2024-02-13T18:20:06,471][INFO ][o.o.a.c.HashRing ] [01d3ab2017b1] Node added: [DDsYEDe8RcOp6Zn0kFWt_w]
[2024-02-13T18:20:06,472][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,473][INFO ][o.o.a.c.HashRing ] [01d3ab2017b1] Add data node to AD version hash ring: DDsYEDe8RcOp6Zn0kFWt_w
[2024-02-13T18:20:06,474][INFO ][o.o.a.c.HashRing ] [01d3ab2017b1] All nodes with known AD version: {DDsYEDe8RcOp6Zn0kFWt_w=ADNodeInfo{version=2.12.0, isEligibleDataNode=true}}
[2024-02-13T18:20:06,475][INFO ][o.o.a.c.HashRing ] [01d3ab2017b1] Rebuild AD hash ring for realtime AD with cooldown, nodeChangeEvents size 0
[2024-02-13T18:20:06,475][INFO ][o.o.a.c.HashRing ] [01d3ab2017b1] Build AD version hash ring successfully
[2024-02-13T18:20:06,476][INFO ][o.o.a.c.ADDataMigrator ] [01d3ab2017b1] Start migrating AD data
[2024-02-13T18:20:06,476][INFO ][o.o.a.c.ADDataMigrator ] [01d3ab2017b1] AD job index doesn't exist, no need to migrate
[2024-02-13T18:20:06,476][INFO ][o.o.a.c.ADClusterEventListener] [01d3ab2017b1] Init AD version hash ring successfully
[2024-02-13T18:20:06,487][INFO ][o.o.g.GatewayService ] [01d3ab2017b1] recovered [0] indices into cluster_state
[2024-02-13T18:20:06,501][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.opensearch-sap-log-types-config/DhvcoME6RP-weJzY-mfXLg]
[2024-02-13T18:20:06,584][INFO ][o.o.c.m.MetadataCreateIndexService] [01d3ab2017b1] [.opensearch-sap-log-types-config] creating index, cause [auto(sap-logtype api)], templates [], shards [1]/[1]
[2024-02-13T18:20:06,591][INFO ][o.o.c.r.a.AllocationService] [01d3ab2017b1] updating number_of_replicas to [0] for indices [.opensearch-sap-log-types-config]
[2024-02-13T18:20:06,624][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.opensearch-sap-log-types-config/DhvcoME6RP-weJzY-mfXLg]
[2024-02-13T18:20:06,670][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,675][DEPRECATION][o.o.d.c.m.MetadataCreateIndexService] [01d3ab2017b1] index name [.opensearch-observability] starts with a dot '.', in the next major version, index names starting with a dot are reserved for hidden indices and system indices
[2024-02-13T18:20:06,676][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.opensearch-observability/A-LmoQ4pRG-e1USMtNAgEw]
[2024-02-13T18:20:06,689][INFO ][o.o.c.m.MetadataCreateIndexService] [01d3ab2017b1] [.opensearch-observability] creating index, cause [api], templates [], shards [1]/[0]
[2024-02-13T18:20:06,708][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.opensearch-observability/A-LmoQ4pRG-e1USMtNAgEw]
[2024-02-13T18:20:06,719][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,790][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,791][INFO ][o.o.o.i.ObservabilityIndex] [01d3ab2017b1] observability:Index .opensearch-observability creation Acknowledged
[2024-02-13T18:20:06,793][INFO ][o.o.c.r.a.AllocationService] [01d3ab2017b1] Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.opensearch-sap-log-types-config][0]]]).
[2024-02-13T18:20:06,812][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,813][INFO ][o.o.s.l.LogTypeService ] [01d3ab2017b1] Loading builtin types!
[2024-02-13T18:20:06,816][INFO ][o.o.s.l.LogTypeService ] [01d3ab2017b1] Indexing [429] fieldMappingDocs from logTypes: 24
[2024-02-13T18:20:06,867][INFO ][o.o.s.l.LogTypeService ] [01d3ab2017b1] Indexing [429] fieldMappingDocs
[2024-02-13T18:20:06,903][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.opensearch-sap-log-types-config/DhvcoME6RP-weJzY-mfXLg]
[2024-02-13T18:20:06,909][INFO ][o.o.c.m.MetadataMappingService] [01d3ab2017b1] [.opensearch-sap-log-types-config/DhvcoME6RP-weJzY-mfXLg] update_mapping [_doc]
[2024-02-13T18:20:06,927][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:06,953][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.opensearch-sap-log-types-config/DhvcoME6RP-weJzY-mfXLg]
[2024-02-13T18:20:06,958][INFO ][o.o.c.m.MetadataMappingService] [01d3ab2017b1] [.opensearch-sap-log-types-config/DhvcoME6RP-weJzY-mfXLg] update_mapping [_doc]
[2024-02-13T18:20:06,972][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:07,155][INFO ][o.o.s.l.LogTypeService ] [01d3ab2017b1] Loaded [429] field mapping docs successfully!
[2024-02-13T18:20:07,170][INFO ][o.o.s.l.LogTypeService ] [01d3ab2017b1] Indexing [23] customLogTypes
[2024-02-13T18:20:07,194][INFO ][o.o.s.l.LogTypeService ] [01d3ab2017b1] Loaded [23] customLogType docs successfully!
[2024-02-13T18:20:07,194][INFO ][o.o.s.SecurityAnalyticsPlugin] [01d3ab2017b1] LogType config index successfully created and builtin log types loaded
[2024-02-13T18:20:07,466][INFO ][o.o.s.i.DetectorIndexManagementService] [01d3ab2017b1] info deleteOldIndices
[2024-02-13T18:20:07,472][INFO ][o.o.s.i.DetectorIndexManagementService] [01d3ab2017b1] No Old Correlation Indices to delete
[2024-02-13T18:20:07,562][INFO ][o.o.s.i.DetectorIndexManagementService] [01d3ab2017b1] info deleteOldIndices
[2024-02-13T18:20:07,562][INFO ][o.o.s.i.DetectorIndexManagementService] [01d3ab2017b1] info deleteOldIndices
[2024-02-13T18:20:07,563][INFO ][o.o.s.i.DetectorIndexManagementService] [01d3ab2017b1] No Old Finding Indices to delete
[2024-02-13T18:20:07,563][INFO ][o.o.s.i.DetectorIndexManagementService] [01d3ab2017b1] No Old Alert Indices to delete
[2024-02-13T18:20:16,455][INFO ][o.o.m.a.MLModelAutoReDeployer] [01d3ab2017b1] Index not found, not performing auto reloading!
[2024-02-13T18:20:16,456][INFO ][o.o.m.c.MLCommonsClusterManagerEventListener] [01d3ab2017b1] Starting ML sync up job...
[2024-02-13T18:20:26,482][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.plugins-ml-config/lCGsIrDLSg-nlxvWOtaNYQ]
[2024-02-13T18:20:26,502][INFO ][o.o.c.m.MetadataCreateIndexService] [01d3ab2017b1] [.plugins-ml-config] creating index, cause [api], templates [], shards [1]/[1]
[2024-02-13T18:20:26,504][INFO ][o.o.c.r.a.AllocationService] [01d3ab2017b1] updating number_of_replicas to [0] for indices [.plugins-ml-config]
[2024-02-13T18:20:26,540][INFO ][o.o.p.PluginsService ] [01d3ab2017b1] PluginService:onIndexModule index:[.plugins-ml-config/lCGsIrDLSg-nlxvWOtaNYQ]
[2024-02-13T18:20:26,559][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:26,582][INFO ][o.o.c.r.a.AllocationService] [01d3ab2017b1] Cluster health status changed from [YELLOW] to [GREEN] (reason: [shards started [[.plugins-ml-config][0]]]).
[2024-02-13T18:20:26,600][INFO ][o.o.a.u.d.DestinationMigrationCoordinator] [01d3ab2017b1] Detected cluster change event for destination migration
[2024-02-13T18:20:26,600][INFO ][o.o.m.e.i.MLIndicesHandler] [01d3ab2017b1] create index:.plugins-ml-config
[2024-02-13T18:20:26,630][INFO ][o.o.m.c.MLSyncUpCron ] [01d3ab2017b1] ML configuration initialized successfully➜ ~ curl http://localhost:9200
{
"name" : "01d3ab2017b1",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "IXFA6QcCQcSDXBh_0sqFFw",
"version" : {
"distribution" : "opensearch",
"number" : "2.12.0",
"build_type" : "tar",
"build_hash" : "a9c03c2d08051dc3f8e5f8c7920473e53d0d2752",
"build_date" : "2024-02-13T00:08:43.386451404Z",
"build_snapshot" : false,
"lucene_version" : "9.9.2",
"minimum_wire_compatibility_version" : "7.10.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
➜ ~ |
peterzhuamazon
requested changes
Feb 13, 2024
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
prudhvigodithi
approved these changes
Feb 13, 2024
bbarani
approved these changes
Feb 13, 2024
peterzhuamazon
approved these changes
Feb 13, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
The current docker entrypoint executes the demo security config setup script regardless of whether security plugin is enabled. Then it checks whether security plugin is enabled. I'm not sure why this design was implemented but I feel like this is wrong. This PR restructures the logic to install demo config only if security plugin is enabled.
Issues Resolved
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.