Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OPENSEARCH INITIAL ADMIN PASSWORD does not take effect after the update #5380

Closed
nicolechec opened this issue Mar 10, 2025 · 4 comments
Closed

OPENSEARCH INITIAL ADMIN PASSWORD does not take effect after the update #5380

nicolechec opened this issue Mar 10, 2025 · 4 comments
Labels
untriaged Issues that have not yet been triaged

Comments

@nicolechec
Copy link

nicolechec commented Mar 10, 2025
edited
Loading

In version 2.18 of the official OpenSearch Docker image, the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD was not updated as expected。When the INITIAL deployment, OPENSEARCH_INITIAL_ADMIN_PASSWORD was only A. After the update, set B. Now the query env is still A

  1. installed Opensearch and modified opensearch statefulset
  2. OPENSEARCH_INITIAL_ADMIN_PASSWORD is defined through extraEnvs

Image
@github-actions github-actions bot added the untriaged Issues that have not yet been triaged label Mar 10, 2025
@peterzhuamazon
Copy link
Member

peterzhuamazon commented Mar 10, 2025
edited
Loading

If you previously have a version already installed then upgrade with OPENSEARCH_INITIAL_ADMIN_PASSWORD will only use the old password unless install from scratch with /etc/opensearch or config/ cleanup the user.

Considering directly changing the password of admin.

Thanks.

@nicolechec
Copy link
Author

@peterzhuamazon thanks。Where is the OPENSEARCH INITIAL ADMIN PASSWORD stored? Is stored in persistent storage pvc?

@peterzhuamazon
Copy link
Member

That would be a question for security team.
But to my understanding it is stored as a hash in config/opensearch-security/internal_users.yml
So if you previously create a user of admin already it will use the stored hash. Might be wrong. Thanks.

@peterzhuamazon
Copy link
Member

Close this issue as it is not related to build repo.

Please feel free to reopen this one.

Thanks.

@github-project-automation github-project-automation bot moved this from 🆕 New to ✅ Done in Engineering Effectiveness Board Mar 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
untriaged Issues that have not yet been triaged
Projects
Engineering Effectiveness Board
Status: ✅ Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@peterzhuamazon @nicolechec