Unable to setup Elasticsearch python instance on https

Edinpain · July 29, 2022, 8:26pm

Sweet lord it's been a long day. Ubuntu newb, ~0 zero knowledge in cryptography certificates. Creating a flask project and want to follow this tutorial to use elastic to index my postgres + sqlalchemy database.

Python: 3.1+
Ubuntu: 22.04 LTS
Elastic: 8.3.3

When I failed to setup instance with pip3 install elastisearch I embarked on a mission to install elastic on Ubuntu. After some sweat, managed to get json response via curl. So service is running. However elastic service is nowhere to be found in service --status-all
What is up with that?!

I don't even know if installing along this tutorial was necessary when using python...

I failed to generate .pem file using certutils. I managed to generate .zip with .crt and .key inside. However documentation on website suggests using .pem: ca_certs="/path/to/certs.pem" HOW?

ssl_assert_fingerprint in documenation is like ~50 chrs long. my fingerprint is like 2000 chars long and is in file.

This documentation has nothing on https connection. This one does, but when I use:

es = Elasticsearch(['https://elastic:<password>@localhost:9200'])
es.ping() returns False.

however on browser when I goto https://localhost:9200 go pass chrome security warnings and enter login: elastic and password issued at elastic setup I do get json response back.

People, HELP.

Edinpain · July 30, 2022, 6:46am

After more hours on this. I found this stackoverflow, and followed setting permissions for my user (not "root", not "elastic").

when I run:
/usr/share/elasticsearch/bin/elasticsearch

bunch of logging takes place and last lines before ending (not exiting though) are:

[2022-07-30T09:03:54,729][INFO ][o.e.i.g.DatabaseNodeService] [<myuser>] successfully loaded geoip database file [GeoLite2-Country.mmdb]
[2022-07-30T09:03:54,811][INFO ][o.e.i.g.DatabaseNodeService] [<myuser>] successfully loaded geoip database file [GeoLite2-ASN.mmdb]
[2022-07-30T09:03:55,944][INFO ][o.e.i.g.DatabaseNodeService] [<myuser>] successfully loaded geoip database file [GeoLite2-City.mmdb]

I assume I launched elastic?

when I go to browser and go to https://127.0.0.1:9200 I tied logging in with two times (failed), then finally with elastic user and provided pass on installation.

This gets added in terminal
[2022-07-30T09:06:20,118][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport [<myuser>] http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/127.0.0.1:9200, remoteAddress=/127.0.0.1:44032}

Launching service with:
systemctl start elasticsearch.service
gives:

Job for elasticsearch.service failed because the control process exited with error code. See "systemctl status elasticsearch.service" and "journalctl -xeu elasticsearch.service" for details.

systemctl status elasticsearch.service
gives error:

liep. 30 09:17:22 <myuser> systemd-entrypoint[20435]: /usr/share/elasticsearch/bin/elasticsearch-env: line 78: /etc/default/elasticsearch: Permission denied>

ls -l viewing from gives:
-rw-rw---- 1 <myuser> <myuser> 688 liep. 30 09:17 /etc/default/elasticsearch

Since /etc/default/elasticsearch is a config file from what I can see and it has a read and write permissions, what's wrong?

warkolm · August 2, 2022, 1:59am

Welcome to our community!

Generally you would install Elasticsearch via the apt/deb method, as you linked, then install the python client and interact with Elasticsearch there.

Yes, that looks right.

Regarding your other issues following this, how did you install Elasticsearch exactly?

Edinpain · August 2, 2022, 7:22am

Hey, thanks for engaging. Through deb package. Adding GPG keys, url to apt package index, etc. Obviously messed up at some point.

Another observation: I can't login to elasticsearch user using
su elasticsearch with provided password on installation.

Just a reminder, I changed ownership to myself, referred in my question as <myuser> from user elasticsearch.

warkolm · August 2, 2022, 8:10am

What are you trying to do what that user?

Edinpain · August 2, 2022, 8:23am

Nothing, just providing additional info about my setup. Main issue (edit: at least what I perceive to be the main issue):

<myuser>@<myuser>:~$ sudo systemctl start elasticsearch
[sudo] password for <myuser>: 
Job for elasticsearch.service failed because the control process exited with error code.
See "systemctl status elasticsearch.service" and "journalctl -xeu elasticsearch.service" for details.

Although I did not setup service journal, I tracked down the problematic permissions line in reply above.
liep. 30 09:17:22 <myuser> systemd-entrypoint[20435]: /usr/share/elasticsearch/bin/elasticsearch-env: line 78: /etc/default/elasticsearch: Permission denied>

But for and group, both read and write permissions are present.
-rw-rw---- 1 <myuser> <myuser> 688 liep. 30 09:17 /etc/default/elasticsearch

stephenb · August 2, 2022, 1:32pm

Changing user / groups on the elastic installed files is not best practice and can lead to issues much like your experiencing.

Curious why you You did this in the first place... What are you trying to accomplish?

Elasticsearch is designed to run in a specific user and group when it's installed.

Edinpain · August 2, 2022, 5:05pm

You are right. Changed back ownership to elasticsearch and service starts.

My conclusion: probably missed configuration part at first, changed rights (just trying stackoverflow solutions), then finished up config and missed the last part of giving rights back to elasticsearch user.

Thanks!

system · August 30, 2022, 5:06pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.