Although not a direct programming language question, this is an issue I have setting up my local development environment so it's closely related, and something I believe other software engineers will run into. So here goes, rather than installing Elasticsearch on my development machine (repeatedly for multiple nodes), I am trying - unsuccessfully - to create a reusable Docker environment.
I have an Elasticsearch cluster defined in Docker, using a Docker network. Essentially this https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html, but for the sake of completeness I run:
docker network create elastic
docker run --name es01 --net elastic -p 9200:9200 -it docker.elastic.co/elasticsearch/elasticsearch:8.9.0
Everything comes up fine, so I add the second node:
docker run -e ES_JAVA_OPTS="-Xms1g -Xmx1g" -e ENROLLMENT_TOKEN="<token>" --name es02 -p 9201:9200 --net elastic -it docker.elastic.co/elasticsearch/elasticsearch:8.9.0
This comes up fine as well and I see the second node running in the cluster by using GET /_cluster/health.
So now I control-c to get out of interactive mode and restart the container using docker start es02 and it doesn't start. docker ps only shows es01. Running it interactively again (-i), I see:
ERROR: Skipping security auto configuration because it appears that the node is not starting up for the first time. The node might already be part of a cluster and this auto setup utility is designed to configure Security for new clusters only.
This is the crux of my problem. I thought perhaps it's still picking up the ENROLLMENT_TOKEN environment variable and that's causing it some consternation thinking it needed to enroll, so I committed the container and created a new container without that -e switch. Same error.
For grins and giggles I tried to create the container without xpack security, adding -e "xpack.security.enabled=false":
ERROR: Skipping security auto configuration because it appears that security is already configured.
Presumably because the elasticsearch.yml includes true by default. Anyway, has anyone run into this? Recognize the issue? Any ideas are welcomed!
P.S. I see the same behavior on Windows, Mac, and Ubuntu (Vagrant box).
The solution I was able to cobble together is a little hacky, but it will get the job done.
Create or start your first/primary node as noted in the original post.
Generate an enrollment token docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
Start a second stand-alone container docker run -p 9201:9200 -p 9301:9300 -d --name es02 --ip 172.18.0.5 -e ES_JAVA_OPTS="-Xms1g -Xmx1g" --net elastic -it docker.elastic.co/elasticsearch/elasticsearch:8.9.0
Log into the new es02 container you just created docker exec -it es02 /bin/bash
Delete the configuration, passwords, and data:
rm config/elasticsearch.yml
rm config/elasticsearch.keystore
rm -rf data/*
Re-add the configuration file with just the cluster name, then start the node with the enrollment token you created earlier:
echo "cluster.name: \"docker-cluster\"" > config/elasticsearch.yml
bin/elasticsearch --enrollment-token <enrollment token>
Let the setup happen - you'll see a lot of JSON flying across the screen. When it stops, control-c and exit
docker stop es02
docker start es02
You can now start and stop the second node normally.