apmelasticsearch-opendistro

Failed to connect to backoff(elasticsearch 401 Unauthorized: Unauthorized)


I have recently installed opendistro elasticsearch on a dedicated host and also setting up APM server on another host.

I have the following Error response when starting up apm-server via systemctl

apm apm-server[3220]: 2021-05-14T13:42:24.221Z#011ERROR#011[publisher_pipeline_output]#011pipeline/output.go:154#011Failed to connect to backoff(elasticsearch(http://192.168.56.XXX:9200)): 401 Unauthorized: Unauthorized

I have the following 2 essential configuration in my apm-server configuration

apm-server:
  # Defines the host and port the server is listening on. Use "unix:/path/to.sock" to listen on a unix domain socket.
  host: "0.0.0.0:8200"

output.elasticsearch:
  hosts: ["elasticserver:9200"]

I have checked:

I have the following section which is set to true by default, others such as LDAP, kerberos etc are set to false.

     basic_internal_auth_domain:
        description: "Authenticate via HTTP Basic against internal users database"
        http_enabled: true
        transport_enabled: true
        order: 4
        http_authenticator:
          type: basic
          challenge: true
        authentication_backend:
          type: intern
curl -U admin:admin http://elasticserver:9200
Unauthorizedroot@apm

This does sound like I need to create an internal user with a few backend roles (with rights to apm indices) assigned to it. I'm eager to see what y'all folks think.

I look forward to your responses, much obliged.


Solution

  • For basic authentication you do need to create an internal user, hash the password using the script on the master node and then map it to the "all_access" role