Run ElasticSearch OpendistroSecurity initialization script automatically

[Schnitzel]

Elasticsearch OpenDistro needs an initialization script in order to work correctly: securityadmin_demo.sh
While we still where on SearchGuard (OpenDistro is a fork of SearchGuard) we ran it's initialization script automatically, but we removed it (c9adf08#diff-bc467604b92d502b179cd997a32d015e) because we had the situation that the script was sometimes executed again while the cluster already was initialized and this caused quite some issues.

Nonetheless it would be really cool if OpenDistro initializes itself, because this would be one less step for it to run.

Therefore I think it would be good to find a way to run securityadmin_demo.sh automatically but with a better system than we used with SearchGuard.

I believe the problem with this code:

if [[ $(curl -s -XGET -k -u "admin:$LOGSDB_ADMIN_PASSWORD" "http://localhost:9200/_searchguard") =~ "Search Guard not initialized" ]]; then

    echo "SearchGuard: Initializing..."
    ./sgadmin_demo.sh
fi

is that "Search Guard not initialized" is also returned if a new ES node comes into the cluster and did not sync the .searchguard indexes from another ES node yet, so it basically thought it is a fresh new cluster, while just later it would have received the .searchguard indexes from another node.

So I think we should make sure that:

• securityadmin_demo.sh is really only ran once
• securityadmin_demo.sh is also run only on the first node of the cluster (if we deploy via the elasticsearch-cluster type (aka a statefulset) it's always [servicename]-0, if it's elasticsearch (aka a Deploymentconfig) then it's a random pod name)

[smlx]

Lagoon uses the OpenDistro chart for Elasticsearch now.