Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[BUG] Dashboards index name has been changed, breaks backward compatibility with existing clusters

See original GitHub issue

Describe the bug Kibana used to use .kibana* indices in ES cluster, while this behavior is altered after open search name change. Instead of original .kibana* indices, it uses .opensearch_dashboards* indices.

This behavior change causes opensearch dashboards fail to startup if security policy is enforced in the backend cluster.

To Reproduce

Start an opensearch cluster with security plugin
start OpenSearch Dashboards, it fails due to insufficient permission
check opensearch log output, find error as followed:

[2021-04-29T21:34:40,741][INFO ][c.a.o.s.p.PrivilegesEvaluator] [smoketestnode] No permissions for [indices:admin/get]
[2021-04-29T21:34:43,253][INFO ][c.a.o.s.p.PrivilegesEvaluator] [smoketestnode] No index-level perm match for User [name=kibanaserver, backend_roles=[], requestedTenant=null] Resolved [aliases=[], allIndices=[.opensearch_dashboards], types=[*], originalRequested=[.opensearch_dashboards], remoteIndices=[]] [Action [indices:admin/get]] [RolesChecked [own_index, kibana_server]]
[2021-04-29T21:34:43,256][INFO ][c.a.o.s.p.PrivilegesEvaluator] [smoketestnode] No permissions for [indices:admin/get]
[2021-04-29T21:34:45,766][INFO ][c.a.o.s.p.PrivilegesEvaluator] [smoketestnode] No index-level perm match for User [name=kibanaserver, backend_roles=[], requestedTenant=null] Resolved [aliases=[], allIndices=[.opensearch_dashboards], types=[*], originalRequested=[.opensearch_dashboards], remoteIndices=[]] [Action [indices:admin/get]] [RolesChecked [own_index, kibana_server]]

Expected behavior Dashboards should still be using .kibana* indices

OpenSearch Version 1.0.0-beta1

Dashboards Version 1.0.0-beta1

Plugins security plugin v1.0.0.0-beta1

Additional Context Please update any changes needed in security back end after this issue is resolved: https://github.com/opensearch-project/security/issues/1151

Host/Environment (please complete the following information):

OS: ubuntu:latest docker image as of the day of ticket is opened

Issue Analytics

State:
Created 2 years ago
Comments:6 (5 by maintainers)

Top GitHub Comments

1reaction

mihirsonicommented, May 24, 2021

@dblock as we have decided to restore it back, this will not be concern anymore, I am assigning this to @kavilla who is currently working on this.

0reactions

dblockcommented, May 19, 2021

We discussed undoing this change. Assigning the issue to @mihirsoni who had some strong feelings about it to resolve.

Top Results From Across the Web

Frequently Asked Questions

3.13 Are there any changes required for my existing Elasticsearch OSS clients to continue to work? While the OpenSearch API is backwards compatible,...

Schema Evolution and Compatibility

Schema compatibility checking is implemented in Schema Registry by versioning every ... An example of a backward compatible change is a removal of...

Backwards compatibility across updates - GitLab Docs

expand: a breaking change is introduced keeping the software backward-compatible. migrate: all consumers are updated to make use of the new implementation.

Upgrading Specific Versions | Consul

Service Mesh Compatibility. Prior to Consul 1.14, cluster peering or Consul connect were disabled by default. A breaking change was made in Consul...

Breaking changes in 7.0 | Elasticsearch Guide [7.17]

Note that if the limit is exceeded a error is thrown only for new indices. For existing pre-7.0 indices, a deprecation warning is...