Service start fail after Upgrade 5.6.12 to latest

Elastic Stack Elasticsearch
1

Hi @ all, :slight_smile:

I've updated ES from 5.6.12 to the latest version and can't start the service anymore.

I've done this with the following steps:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list
apt update && apt install elasticsearch

After This I Have to set ES_PATH_CONF=/etc/elasticsearch in /etc/default/elasticsearch then dpkg finished successfully.

Now when I try to start the service with systemctl start elasticsearch I got the following error:
https://pastebin.com/q1Tzu5H6

When I try to start ES manually as elasticsearch user with sudo -i -u elasticsearch /usr/share/elasticsearch/bin/elasticsearch I get the following error:
https://pastebin.com/CawfYLWG

I use ES with Graylog.

Here all Files:
/etc/default/elasticsearch
https://pastebin.com/zZ9tfGX3

/usr/lib/systemd/system/elasticsearch.service
https://pastebin.com/4Qft9d8Y

/etc/elasticsearch/elasticsearch.yml
https://pastebin.com/dhYtWXZJ

Now I'm stuck and need some help :slightly_smiling_face:

Greetings

Ronny

2

Hi,

I think I have solved my initial issue with setting path.data: and path.logs: to /var/lib/elasticsearch. There is the old Elasticsearch 5.6.12 data stored. I've found the path it with echo $ES_HOME.

Now i get another error that i cant solve anymore.
https://pastebin.com/u03aNFUC

There is an error but but i cant find a solution for this.

Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/etc/graylog/server/ssl/cacerts.jks" "read")

But I don't know how to solve it.

I tried the following without success

  • chmod 777
  • chown root:root
  • chown elasticsearch:elasticsearch

Greetings :confused:

3

For security reasons, Elasticsearch will only read config files from within its config directory. Is /etc/graylog/server/ssl/ a subdirectory of the Elasticsearch config directory?

4

Hi,

thanks for reply. :slight_smile:

/etc/graylog/server/ssl/ is the graylog ssl directory.

The Elasticsearch config is ES_PATH_CONF=/etc/elasticsearch

Befor I upgraded Elasticsearch from 5.6.12 to 6.6 this config works without any problems.

How could i solve this?

5

Just a workaround but it help for the moment.

I just removed-Djavax.net.ssl.trustStore=/etc/graylog/server/ssl/cacerts.jks in /etc/defaults/elasticsearch

Now Elsticsearch starts normaly.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.