Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove references to default admin creds #430

Closed
wants to merge 3 commits into from
Closed

Remove references to default admin creds #430

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
553325e
Remove references to default admin creds
derek-ho Dec 28, 2023
f78b064
Add comment and copy changes to j2
derek-ho Dec 28, 2023
992ac3f
add conditional check
derek-ho Jan 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/api/execute-test.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Execute the `http_logs` workload against an existing OpenSearch cluster but only
*Example 3*

```
opensearch-benchmark execute-test --workload nyc_taxis --pipeline benchmark-only --target-hosts <endpoint> --client-options "verify_certs:false,use_ssl:true,basic_auth_user:admin,basic_auth_password:admin"
opensearch-benchmark execute-test --workload nyc_taxis --pipeline benchmark-only --target-hosts <endpoint> --client-options "verify_certs:false,use_ssl:true,basic_auth_user:admin,basic_auth_password:<admin password>"
```

Execute the `nyc_taxis` workload against an existing OpenSearch cluster with the security plugin enabled.
Expand Down
8 changes: 7 additions & 1 deletion osbenchmark/resources/docker-compose.yml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ services:
- DISABLE_INSTALL_DEMO_CONFIG=true
- bootstrap.memory_lock=true
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
- "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" # starting with 2.12.0 a strong initial admin password must be set
ulimits:
memlock:
soft: -1
Expand All @@ -39,7 +40,12 @@ services:
networks:
- opensearch-net
healthcheck:
test: curl -f http://localhost:{{http_port}} -u admin:admin --insecure
{%- set version_numbers = os_version.split('.') | map('int') %}
{%- if version_numbers[0] > 2 or (version_numbers[0] == 2 and version_numbers[1] >= 12) %}
test: curl -f http://localhost:{{http_port}} -u admin:myStrongPassword123! --insecure
{%- else %}
test: curl -f http://localhost:{{http_port}} -u admin:admin --insecure
{%- endif %}
interval: 5s
timeout: 2s
retries: 10
Expand Down
1 change: 1 addition & 0 deletions samples/ccr/docker-compose-metricstore.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ services:
- cluster.initial_master_nodes=metricstore-node
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
- "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" # starting with 2.12.0 a strong initial admin password must be set
ulimits:
memlock:
soft: -1
Expand Down
6 changes: 3 additions & 3 deletions samples/ccr/start.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ printf "Waiting for clusters to get ready "
ALL_CLUSTERS_READY=false

while ! $ALL_CLUSTERS_READY; do
(curl -ks -u admin:admin https://localhost:9200 -o /dev/null && curl -ks -u admin:admin https://localhost:9201 -o /dev/null && ALL_CLUSTERS_READY=true) || (printf "." && sleep 5)
(curl -ks -u admin:myStrongPassword123! https://localhost:9200 -o /dev/null && curl -ks -u admin:admin https://localhost:9201 -o /dev/null && ALL_CLUSTERS_READY=true) || (printf "." && sleep 5)
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure where the second cluster is coming from, I think the first cluster is coming from docker-compose-metricstore, which is on the latest release. This change will fail CI until 2.12.0 docker image is released, at which point it would fix the CI.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can maintainers help out here in understanding if the second cluster needs similar changes/where those that cluster's password should be set?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not believe this script is being used anymore. @gkamat can you confirm?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@IanHoang I will remove this file then, if its not being used. @gkamat can you also confirm here?

done

echo
Expand All @@ -50,7 +50,7 @@ curl -o /dev/null -H 'Content-Type: application/json' -k -u admin:admin -X PUT h
EOF

echo "Set auto-follow pattern on follower for every index on leader"
curl -H 'Content-Type: application/json' -k -u admin:admin https://localhost:9201/_plugins/_replication/_autofollow -d @- <<-EOF
curl -H 'Content-Type: application/json' -k -u admin:myStrongPassword123! https://localhost:9201/_plugins/_replication/_autofollow -d @- <<-EOF
{
"leader_alias": "source",
"name": "all",
Expand Down Expand Up @@ -90,7 +90,7 @@ cat >ccr-client-options.json <<'EOF'
"default": {
"use_ssl":"true",
"basic_auth_user":"admin",
"basic_auth_password":"admin",
"basic_auth_password":"myStrongPassword123!",
"verify_certs":"false"
},
"follower": {
Expand Down
Loading