Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dashboard not connecting when trying to use something other than default security #340

Closed
jonathon2nd opened this issue Nov 1, 2022 · 5 comments
Closed

Dashboard not connecting when trying to use something other than default security #340

jonathon2nd opened this issue Nov 1, 2022 · 5 comments

Comments

@jonathon2nd
Copy link

jonathon2nd commented Nov 1, 2022
edited
Loading

I opened an issue here: opensearch-project/OpenSearch-Dashboards#2712
But I think I may have opened it in the wrong repo :/

TLDR; trying to set different admin and dashboarduser passwords causes dashboard to not connect after the cluster is up and ready.

Any input would be greatly appreciated :D
@swoehrl-mw
Copy link
Collaborator

Hi @jonathon2nd
I think I see the issue: You are supplying the new/changed password for dashboards via additionalConfig. This is not only insecure (as the password is written in cleartext), it is also overwritten because the operator supplies the password via envvar.
Please create a secret with your changed credentials that dashboards should use (keys username and password) and then set dashboards.opensearchCredentialsSecret like this:

spec:
  dashboards:
    opensearchCredentialsSecret:
      name: dashboards-credentials

Can you please try if this approach solves your problem?

@jonathon2nd
Copy link
Author

That does work! I had to change it to using admin to test and see, because dashboard user has not role in the example, checked here too. No big deal, I will get familiar with this and we will write what we need for our usecase.

Thanks for letting me know, maybe that should be added somewhere to https://github.com/Opster/opensearch-k8s-operator/blob/main/docs/userguide/main.md or baked into one of the examples so that it is easier to find for the next person.

@jonathon2nd jonathon2nd mentioned this issue Nov 2, 2022
Closed
@idanl21
Copy link
Collaborator

idanl21 commented Nov 3, 2022

Hey @jonathon2nd, cam you please share here your Yaml file?

@jonathon2nd
Copy link
Author

opensearch-example.txt
I was able to use this, hash your own passwords in the node pod
[opensearch@my-cluster-masters-0 ~]$ /usr/share/opensearch/plugins/opensearch-security/tools/hash.sh

@swoehrl-mw
Copy link
Collaborator

@jonathon2nd
Good to know it worked for you.
I've made a note to add this to the docs (I've got a revamp of the usergide planned anyway).

Closing this as completed.

@swoehrl-mw swoehrl-mw mentioned this issue Dec 8, 2022
Merged
idanl21 added a commit that referenced this issue Jan 5, 2023
@idanl21
Restructure and extend userguide (#387)
f131c6d 
Over the last months we have implemented a lot of new features. This has
lead to a lot of clutter and inconsistencies in our userguide. With this
PR I aim to restructure the userguide to make it easier to read and to
also improve documentation in a few places that was unclear or outdated.

This should also address docs deficencies mentioned in several issues
(for example #340 and #350).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@swoehrl-mw @jonathon2nd @idanl21