Bug 1724341 - Access to the ES root url / from a project's pod on Openshift
Summary: Access to the ES root url / from a project's pod on Openshift
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.1.z
Assignee: Jeff Cantrill
QA Contact: Anping Li
URL:
Whiteboard:
Depends On: 1710868 1722959
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-06-26 19:56 UTC by Jeff Cantrill
Modified: 2019-07-04 09:01 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: The permissions between 3.10(es2.x) and 3.11(es5.x) were locked down so that non-admin users were unable to access the root endpoints Consequence: Non-admin users are unable to determine the es version by accessing the root endpoint Fix: Add permissions so everyone is able to see the es version Result: Access to the root endpoint is the same as from prior releases.
Clone Of: 1722959
Environment:
Last Closed: 2019-07-04 09:01:54 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift origin-aggregated-logging pull 1682 None closed [release-4.1] Bug 1724341: Allow reading root endpoint 2020-04-21 10:37:56 UTC
Red Hat Product Errata RHBA-2019:1635 None None None 2019-07-04 09:01:55 UTC

Comment 2 Anping Li 2019-06-28 07:15:58 UTC
Using openshift/ose-logging-elasticsearch5:v4.1.4-201906271212, the user can fetch the elasticsearch status using /.

curl -s -k -o /dev/null -w "%{http_code}"  -H 'X-Forwarded-For: 127.0.0.1' -H "Authorization: Bearer oX9TWqgQ_c4pkCt7LLCjawPhJg-63GxjnDBBqQlCiFw" https://172.30.85.251:9200/
{
  "name" : "elasticsearch-cdm-ktsu8dd1-2",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "3RROtmBsQ8Wd6_YkNsCZhQ",
  "version" : {
    "number" : "5.6.13",
    "build_hash" : "921f2bd",
    "build_date" : "2018-11-16T16:58:29.974Z",
    "build_snapshot" : false,
    "lucene_version" : "6.6.1"
  },
  "tagline" : "You Know, for Search"
}

Comment 4 errata-xmlrpc 2019-07-04 09:01:54 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:1635


Note You need to log in before you can comment on or make changes to this bug.