1724341 – Access to the ES root url / from a project's pod on Openshift

Bug 1724341 - Access to the ES root url / from a project's pod on Openshift

Summary: Access to the ES root url / from a project's pod on Openshift

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Logging
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	4.1.z
Assignee:	Jeff Cantrill
QA Contact:	Anping Li
Docs Contact:
URL:
Whiteboard:
Depends On:	1710868 1722959
Blocks:
TreeView+	depends on / blocked

Reported:	2019-06-26 19:56 UTC by Jeff Cantrill
Modified:	2021-03-01 08:43 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: The permissions between 3.10(es2.x) and 3.11(es5.x) were locked down so that non-admin users were unable to access the root endpoints Consequence: Non-admin users are unable to determine the es version by accessing the root endpoint Fix: Add permissions so everyone is able to see the es version Result: Access to the root endpoint is the same as from prior releases.
Clone Of:	1722959
Environment:
Last Closed:	2019-07-04 09:01:54 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift origin-aggregated-logging pull 1682	0	None	closed	[release-4.1] Bug 1724341: Allow reading root endpoint	2020-12-04 15:30:43 UTC
Red Hat Product Errata	RHBA-2019:1635	0	None	None	None	2019-07-04 09:01:55 UTC

Comment 2 Anping Li 2019-06-28 07:15:58 UTC

Using openshift/ose-logging-elasticsearch5:v4.1.4-201906271212, the user can fetch the elasticsearch status using /.

curl -s -k -o /dev/null -w "%{http_code}"  -H 'X-Forwarded-For: 127.0.0.1' -H "Authorization: Bearer oX9TWqgQ_c4pkCt7LLCjawPhJg-63GxjnDBBqQlCiFw" https://172.30.85.251:9200/
{
  "name" : "elasticsearch-cdm-ktsu8dd1-2",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "3RROtmBsQ8Wd6_YkNsCZhQ",
  "version" : {
    "number" : "5.6.13",
    "build_hash" : "921f2bd",
    "build_date" : "2018-11-16T16:58:29.974Z",
    "build_snapshot" : false,
    "lucene_version" : "6.6.1"
  },
  "tagline" : "You Know, for Search"
}

Comment 4 errata-xmlrpc 2019-07-04 09:01:54 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:1635

Note You need to log in before you can comment on or make changes to this bug.