Skipping security auto configuration

Hi all

I have begun my journey in elasticsearch and I have installed on my PC (Win 10) elasticsearch version 8.13. As part of my practice, I am trying to create 2 additional new nodes.

I have performed the following steps:

  1. copy and past the "elasticsearch-8.13.0" folder x2
  2. renamed it node-2/3
  3. change the "elasticsearch.yml" file to be node-2/3
  4. open new CMD
  5. run the following command: elasticsearch-create-enrollment-token.bat -s node"
  6. run the following command: elasticsearch.bat --enrollment-token [past the produced token]

and got the following error:
Skipping security auto configuration because it appears that the node is not starting up for the first time. The node might already be part of a cluster and this auto setup utility is designed to configure Security for new clusters only., with exit code 80

I have saw that there are similar post but I failed to run the command that this posts suggested:

  1. "'apt' is not recognized as an internal or external command,
    operable program or batch file."
    2.'rpm' is not recognized as an internal or external command,
    operable program or batch file.

Could you please guide me on how to solve this error?
Thanks

Welcome!

Skipping security auto configuration because it appears that the node is not starting up for the first time.

This mean that you started already the node. And as you copied/pasted the elasticsearch-8.13.0 you might have started it before doing that.
So I'd remove first the data dirs from the 2 other folders.

That might help.

BTW use 8.13.2 instead of 8.13.0.

following your instructions I deleted the folder but have the same error

What is the path.data for each node?

main node: C:\Users\AviW\Desktop\Elasticsearch\elasticsearch-8.13.0\bin

sec node: C:\Users\AviW\Desktop\Elasticsearch\node-2\bin

Sorry I didn't notice u asked for the data path

main node : C:\Users\AviW\Desktop\Elasticsearch\elasticsearch-8.13.0\data

sec and third don't have since I deleted the "data" folder

Is that in the elasticsearch.yml file?
What does it look like for each node?

main node:
---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster:

#cluster.name: my-application

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

#node.name: node-1

Add custom attributes to the node:

#node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

#path.data: /path/to/data

Path to log files:

#path.logs: /path/to/logs

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

#bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available

on the system and that the owner of the process is allowed to use this

limit.

Elasticsearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

By default Elasticsearch is only accessible on localhost. Set a different

address here to expose this node on the network:

#network.host: 192.168.0.1

By default Elasticsearch listens for HTTP traffic on the first free port it

finds starting at 9200. Set a specific HTTP port here:

#http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:

The default list of hosts is ["127.0.0.1", "[::1]"]

#discovery.seed_hosts: ["host1", "host2"]

Bootstrap the cluster using an initial set of master-eligible nodes:

#cluster.initial_master_nodes: ["node-1", "node-2"]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Various -----------------------------------

Allow wildcard deletion of indices:

#action.destructive_requires_name: false

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------

The following settings, TLS certificates, and keys have been automatically

generated to configure Elasticsearch security features on 23-04-2024 13:36:43

--------------------------------------------------------------------------------

Enable security features

xpack.security.enabled: true

xpack.security.enrollment.enabled: true

Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents

xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12

Enable encryption and mutual authentication between cluster nodes

xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12

Create a new cluster with the current node only

Additional nodes can still join the cluster later

cluster.initial_master_nodes: ["AVIW-PC"]

Allow HTTP API connections from anywhere

Connections are encrypted and require user authentication

http.host: 0.0.0.0

Allow other nodes to join the cluster from anywhere

Connections are encrypted and mutually authenticated

#transport.host: 0.0.0.0

#----------------------- END SECURITY AUTO CONFIGURATION -------------------------

Second node:

Use a descriptive name for your cluster:

#cluster.name: my-application

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

node.name: node-2

Add custom attributes to the node:

#node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

#path.data: /path/to/data

Path to log files:

#path.logs: /path/to/logs

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

#bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available

on the system and that the owner of the process is allowed to use this

limit.

Elasticsearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

By default Elasticsearch is only accessible on localhost. Set a different

address here to expose this node on the network:

#network.host: 192.168.0.1

By default Elasticsearch listens for HTTP traffic on the first free port it

finds starting at 9200. Set a specific HTTP port here:

#http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:

The default list of hosts is ["127.0.0.1", "[::1]"]

#discovery.seed_hosts: ["host1", "host2"]

Bootstrap the cluster using an initial set of master-eligible nodes:

#cluster.initial_master_nodes: ["node-1", "node-2"]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Various -----------------------------------

Allow wildcard deletion of indices:

#action.destructive_requires_name: false

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------

The following settings, TLS certificates, and keys have been automatically

generated to configure Elasticsearch security features on 23-04-2024 13:36:43

--------------------------------------------------------------------------------

Enable security features

xpack.security.enabled: true

xpack.security.enrollment.enabled: true

Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents

xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12

Enable encryption and mutual authentication between cluster nodes

xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12

Create a new cluster with the current node only

Additional nodes can still join the cluster later

cluster.initial_master_nodes: ["AVIW-PC"]

Allow HTTP API connections from anywhere

Connections are encrypted and require user authentication

http.host: 0.0.0.0

Allow other nodes to join the cluster from anywhere

Connections are encrypted and mutually authenticated

#transport.host: 0.0.0.0

The enrollment token process is intended to be run on a fresh install, not a copy of an existing install.

Because you copied from an existing node, you already have security settings in elasticsearch.yml so the enrollment process is refusing to overwrite those.

How to do it properly (using windows)

Thanks