[DOCS] Secure settings specified per node #31621
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
albertzaharovits
added
>docs
|
Pinging @elastic/es-core-infra |
lcawl
reviewed
Jun 27, 2018
| @@ -16,6 +16,10 @@ Elasticsearch. | |||
| NOTE: The elasticsearch keystore currently only provides obfuscation. In the future, | |||
| password protection will be added. | |||
|
|
|||
| These settings, just like the ones in the regular `elasticsearch.yml` config file, | |||
| need to be specified for each cluster node. These are node-specific settings, | |||
There was a problem hiding this comment.
I'd suggest maybe changing to "... need to be specified on each node in the cluster."
rjernst
reviewed
Jun 27, 2018
| @@ -16,6 +16,10 @@ Elasticsearch. | |||
| NOTE: The elasticsearch keystore currently only provides obfuscation. In the future, | |||
| password protection will be added. | |||
|
|
|||
| These settings, just like the ones in the regular `elasticsearch.yml` config file, | |||
| need to be specified for each cluster node. These are node-specific settings, | |||
| although they usually have the same value on every node. | |||
There was a problem hiding this comment.
I don't think "usually" is accurate. They must be the same on every node.
albertzaharovits
added a commit
that referenced
this pull request
Jul 1, 2018
Make it clear that secure settings have to be set on each cluster node.
albertzaharovits
added a commit
that referenced
this pull request
Jul 1, 2018
Make it clear that secure settings have to be set on each cluster node.
jasontedor
added a commit
that referenced
this pull request
Jul 1, 2018
jasontedor
added a commit
to martijnvg/elasticsearch
that referenced
this pull request
Jul 1, 2018
* elastic/ccr: (30 commits) Enable setting client path prefix to / (elastic#30119) [DOCS] Secure settings specified per node (elastic#31621) has_parent builder: exception message/param fix (elastic#31182) TEST: Randomize soft-deletes settings (elastic#31585) Mute 'Test typed keys parameter for suggesters' as we await a fix. Build test: Thread linger Fix gradle4.8 deprecation warnings (elastic#31654) Mute FileRealmTests#testAuthenticateCaching with an @AwaitsFix. Mute TransportChangePasswordActionTests#testIncorrectPasswordHashingAlgorithm with an @AwaitsFix. Build: Fix naming conventions task (elastic#31681) Introduce a Hashing Processor (elastic#31087) Do not check for object existence when deleting repository index files (elastic#31680) Remove extra check for object existence in repository-gcs read object (elastic#31661) Support multiple system store types (elastic#31650) [Test] Clean up some repository-s3 tests (elastic#31601) [Docs] Use capital letters in section headings (elastic#31678) muted tests that will be replaced by the shard follow task refactoring: elastic#31581 [DOCS] Add PQL language Plugin (elastic#31237) Merge AzureStorageService and AzureStorageServiceImpl and clean up tests (elastic#31607) TEST: Fix test task invocation (elastic#31657) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
It might not be obvious that
SecureSettingsneed to be specified per node. If there's a mistake, and a node misses a setting, then the exception should be informative in most cases. It is not informative in the case of the S3 plugin. This might cause frustration, as per: https://discuss.elastic.co/t/is-repository-s3-plugin-fixed-in-6-3/135997/3Even if this arguably does not mend the source of frustration (S3 plugin should not quietly default to using instance credentials), I think the proposed doc mention is not superfluous.