puppet here in the log - just name of the server - do not pay attention
Elasticsearch does not start and gives error:
2022-11-07T17:53:40,154][WARN ][stderr ] [puppet] The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")
[2022-11-07T17:53:40,154][WARN ][stderr ] [puppet] The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")
[2022-11-07T17:53:40,154][WARN ][stderr ] [puppet] The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")
[2022-11-07T17:53:40,153][WARN ][stderr ] [puppet] The system environment variables are not available to Log4j due to security restrictions: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.*")
[2022-11-07T17:53:40,153][ERROR][o.e.b.ElasticsearchUncaughtExceptionHandler] [puppet] uncaught exception in thread [process reaper (pid 7127)]
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "modifyThread")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:485) ~[?:?]
at java.security.AccessController.checkPermission(AccessController.java:1068) ~[?:?]
at java.lang.SecurityManager.checkPermission(SecurityManager.java:411) ~[?:?]
at org.elasticsearch.secure_sm.SecureSM.checkThreadAccess(SecureSM.java:166) ~[?:?]
at org.elasticsearch.secure_sm.SecureSM.checkAccess(SecureSM.java:120) ~[?:?]
at java.lang.Thread.checkAccess(Thread.java:2360) ~[?:?]
at java.lang.Thread.setDaemon(Thread.java:2308) ~[?:?]
at java.lang.ProcessHandleImpl.lambda$static$0(ProcessHandleImpl.java:103) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.<init>(ThreadPoolExecutor.java:637) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:928) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor.processWorkerExit(ThreadPoolExecutor.java:1021) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1158) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) ~[?:?]
at java.lang.Thread.run(Thread.java:1589) ~[?:?]
at jdk.internal.misc.InnocuousThread.run(InnocuousThread.java:186) ~[?:?]
It is hard for us to help when users use some other / unofficial blog instead of the official docs to install the Elastic Stack with other components etc... and are unclear why the install does not work.
Why did you chose that blog / installation method? First glance it sort of looks OK but hard to say.
Not sure why you are getting that error...
Perhaps you should just look at our docs and install?
Do you have Docker on your Desktop?
Do you have access to just a plain ole CentOS Box?
Installation was done according to official Elasticsearch web page
The unofficial blog was used ONLY for creating and signing certificates. for Elasticsearch and Kibana because official page does not describe this part in some order
For installation was used CentOS7 installed on VMware
I can easily repeat ELK installation steps from official page one more time.
If you do the default installation following the docs all the certs are done for you.
Start Elasticsearch with security enabled
When installing Elasticsearch, security features are enabled and configured by default. When you install Elasticsearch, the following security configuration occurs automatically:
Authentication and authorization are enabled, and a password is generated for the elastic built-in superuser.
Certificates and keys for TLS are generated for the transport and HTTP layer, and TLS is enabled and configured with these keys and certificates.
the reason I was using the link provided was:
Docs says - run this command
/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
I did and got output
ERROR: [xpack.security.enrollment.enabled] must be set to true to create an enrollment token
I understand that I should go and enable this xpack in elasticsearch.yml
if I go and enable this feature and run it again I will get next error
ERROR: Unable to create an enrollment token. Elasticsearch node HTTP layer SSL configuration is not configured with a keystore
What I want to say I can't see in docs steps I need to go to get running stack. Even with very basic configuration I could start to play with
Actually my question is - which options should I enable in elasticsearch,yml, kibana.yml, logstash.yml to get running ELK stack. Fromn this point I could start adding certificates and play with different options
OK, I can ignore that. Now how can I check if kibana is able to connect to elasticsearch?
As i mentione previously I was not able to create kibana token. That;'s why I put xpack.security.enabled: 'false' in elasticsearch.yml
If you set xpack.security.enabled: 'false' you are going to mess up a few things...
You can generate a new kibana token ... if you want... but it you start turning off security make sure you know what you are doing.
if you simply clean up everything including the Elasticsearch Data Directories...
Install elasticsearch .. .it will create the kibana enrollment token in the terminal during setup.
Then install Kibana ... click on the url in the terminal during kibana install, enter the enrollment token that was generated during the elasticsearch install everything will work... all the configurations happens automatically
The whole process end to end takes about 5 minutes
The enrollment token is created during Elasticsearch installation, if you didn't copy the entire text that was printed in the screen I'm not sure you can recreate the enrollment token.
I think that it would be easy to create a service account for Kibana and use this service account to authentication in Elasticsearch.
To create a service account you need to make the following request to Elasticsearch.
curl -X POST "https://your-es-host:9200/_security/service/elastic/kibana/credential/token/kibanatoken?pretty" -u elastic:PASSWORD -k
Where PASSWORD is the password set for the elastic user.
No, I don't have Nginx installed
the output I provided - I got using my browser http://localhost:9200/
I read somewhere in internet - it is a way to check if elasticsearch works normally after installation. So, as you can see it works normally.
in elasticsearch.yml I enabled http.port: 9200
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.