Error when starting Elasticsearch single node

abctha1234 · March 22, 2023, 5:07am

My docker-compose.yaml

  elasticsearch:
    container_name: elasticsearch
    image: docker.elastic.co/elasticsearch/elasticsearch:8.6.2
    volumes:
      - elasticsearch_data:/usr/share/elasticsearch/data
      - certs:/usr/share/elasticsearch/config/certs
    environment:
      - discovery.type=single-node
      - ELASTIC_PASSWORD=123456
    ports:
      - 9200:9200
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "curl -s --cacert config/certs/ca/ca.crt http://localhost:9200 | grep -q 'missing authentication credentials'",
        ]
      interval: 10s
      timeout: 10s
      retries: 5

volumes:
  certs:
  elasticsearch_data:

Error when running docker compose up

elasticsearch  | Created elasticsearch keystore in /usr/share/elasticsearch/config/elasticsearch.keystore
elasticsearch  | Exception in thread "main" java.io.IOException: Unable to delete directory /usr/share/elasticsearch/config/certs.
elasticsearch  |        at org.apache.commons.io.FileUtils.deleteDirectory(FileUtils.java:1581)
elasticsearch  |        at org.apache.commons.io.FileUtils.moveDirectory(FileUtils.java:2916)
elasticsearch  |        at org.elasticsearch.xpack.security.cli.AutoConfigureNode.moveDirectory(AutoConfigureNode.java:952)
elasticsearch  |        at org.elasticsearch.xpack.security.cli.AutoConfigureNode.execute(AutoConfigureNode.java:616)
elasticsearch  |        at org.elasticsearch.server.cli.ServerCli.autoConfigureSecurity(ServerCli.java:160)
elasticsearch  |        at org.elasticsearch.server.cli.ServerCli.execute(ServerCli.java:81)
elasticsearch  |        at org.elasticsearch.common.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:54)
elasticsearch  |        at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:85)
elasticsearch  |        at org.elasticsearch.cli.Command.main(Command.java:50)
elasticsearch  |        at org.elasticsearch.launcher.CliToolLauncher.main(CliToolLauncher.java:64)
elasticsearch  |        Suppressed: java.lang.UnsupportedOperationException: Unsupported copy option
elasticsearch  |                at java.base/sun.nio.fs.UnixCopyFile$Flags.fromMoveOptions(UnixCopyFile.java:115)
elasticsearch  |                at java.base/sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:407)
elasticsearch  |                at java.base/sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:266)
elasticsearch  |                at java.base/java.nio.file.Files.move(Files.java:1430)
elasticsearch  |                at org.elasticsearch.xpack.security.cli.AutoConfigureNode.execute(AutoConfigureNode.java:634)
elasticsearch  |                ... 6 more
elasticsearch  |        Suppressed: org.apache.commons.io.FileExistsException: Destination '/usr/share/elasticsearch/config/certs' already exists
elasticsearch  |                at org.apache.commons.io.FileUtils.moveDirectory(FileUtils.java:2908)
elasticsearch  |                at org.elasticsearch.xpack.security.cli.AutoConfigureNode.moveDirectory(AutoConfigureNode.java:952)
elasticsearch  |                at org.elasticsearch.xpack.security.cli.AutoConfigureNode.execute(AutoConfigureNode.java:659)
elasticsearch  |                ... 6 more
elasticsearch exited with code 1

I removed the volume and ran docker compose up again but it didn't work.

dadoonet · March 22, 2023, 9:57am

Welcome!

Are you doing that because you want to use your own certificates?

The Elasticsearch Docker doc says that once the certificates are generated by Elasticsearch, you can retrieve them:

docker cp elasticsearch:/usr/share/elasticsearch/config/certs/http_ca.crt .

I believe that if you want to provide your own certificate, you need to put them in another dir and declare the path to the certificate using ssl.certificate (see Security settings in Elasticsearch | Elasticsearch Guide [8.11] | Elastic)?

This guide is super instructive I think: Set up basic security for the Elastic Stack plus secured HTTPS traffic | Elasticsearch Guide [8.6] | Elastic

abctha1234 · March 22, 2023, 5:17pm

I used this line of code because I thought I should persist the certificates. But now I realize that I don't have to persist it so I removed this line of code and it works!.

system · April 19, 2023, 5:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cannot setup single node elasticsearch in docker Elasticsearch	11	4314	July 16, 2019
Create Certs fails following docker tls tutorial Elasticsearch docker	3	1781	May 13, 2020
SSL error in docker container Elasticsearch elastic-stack-security , docker	1	750	December 18, 2023
Elasticsearch Crashing OOM Elastic Search docker , elastic-app-search	9	1130	March 22, 2023
Elasticsearch/Kibana "authentication_failed" Elasticsearch elastic-stack-security , docker	5	545	September 22, 2021

Error when starting Elasticsearch single node

Related topics