Allow node to enroll to cluster on startup #77718
Conversation
The functionality to enroll a new node to a cluster was introduced in elastic#77292 as a CLI tool. This change brings forward two additions: - It allows to trigger the enrollment functionality on startup of elasticsearch via a named argument that can be passed to the es startup script (--enrollment-token) so that the users that want to do this do not need to run two commands instead of one. - It adds a `-f, --force` flag to the standalone CLI version of this which bypasses the checks for whether there are data in the current node or whether security related features are already configured. The primary use case for this flag is enrolling new nodes in packaged installations. There we auto-configure each installation as a first node of a cluster by default because we don't have a user-friendly and generic way to allow the user decide on installation time. Thus, we want to allow users to easily reconfigure the node to enroll to an existing cluster without requiring many manual steps.
jkakavas
added
>feature
:Delivery/Build
elasticmachine
added
Team:Core/Infra
|
Pinging @elastic/es-core-infra (Team:Core/Infra) |
|
Pinging @elastic/es-delivery (Team:Delivery) |
|
@albertzaharovits anything in EnrollNodeToCluster class goes, you were not here when it was merged, happy to get your thoughts/feedback 🙏 |
Thank you for the feedback. The original plan is to add QA project(s) for the enrollment process as separate PRs once this and #77231 are merged but you are right it does make sense to test for the scripts behavior here too. I added a class It did uncover a number of issues too, so thanks for the nudge to add the tests sooner than later! This is ready for a review |
|
@elasticmachine run elasticsearch-ci/packaging-tests-windows-sample |
...lugin/security/cli/src/main/java/org/elasticsearch/xpack/security/cli/AutoConfigureNode.java
Outdated
Show resolved
Hide resolved
...lugin/security/cli/src/main/java/org/elasticsearch/xpack/security/cli/AutoConfigureNode.java
Outdated
Show resolved
Hide resolved
...lugin/security/cli/src/main/java/org/elasticsearch/xpack/security/cli/AutoConfigureNode.java
Outdated
Show resolved
Hide resolved
|
Thanks for your comments @mark-vieira , can you please clarify what you mean by
|
|
@elasticmachine run elasticsearch-ci/part-1 |
| @@ -129,3 +162,8 @@ ECHO.!KEYSTORE_PASSWORD!| %JAVA% %ES_JAVA_OPTS% -Delasticsearch ^ | |||
| endlocal | |||
| endlocal | |||
| exit /b %ERRORLEVEL% | |||
|
|
|||
There was a problem hiding this comment.
NOTE: I'm more than happy to remove this ugliness if we don't care about exiting with 0 (instead of an 1) when a user passes multiple --enrollment-token parameters
Thanks ,happy to re-work and simplify this when possible |
The functionality to enroll a new node to a cluster was
introduced in #77292 as a CLI tool. This change allows to trigger
the enrollment functionality on startup of elasticsearch via a
named argument that can be passed to the es
startup script (--enrollment-token) so that the users that want to
do this do not need to run two commands instead of one.
In a followup PR we are introducing a CLI tool version of this
functionality, that can be used to reconfigure packaged
installations.