Broken Elastic

Run ElasticSearch 5 as Root

A couple of days ago ElasticSearch 5 became GA. Boasting lots of enhancements and new features, I was particularly interested in the Ingest Nodes functionality, specifically in the Ingest Attachment plugin.

Playing with new toys is always fun, and with the readily availability of containerization technology such as Docker, it is a lot easier and safer than it used to be.

So I logged on to my home server, downloaded ElasticSearch 5.0.0, created a simple Dockerfile, booted up my new container image, and… failed miserably.

The root of all evil

Looking at the log file, I spotted the error “can not run elasticsearch as root“. Hmm… That is very sensible advise, and certainly advise I wholeheartedly subscribe to… for production environments. But I’m not running ElasticSearch in a production environment. I just want to play around with ElasticSearch in the comfort of my container, well hidden from the evils that beset the world.

Alas, ElasticSearch 5.0.0 doesn’t consider running as root a mere warning. It considers it an eternal sin and will quit on you. And whereas in the past you could still get away with living in sin (remember the es.insecure.allow.root parameter?), since a particular commit made in 5.0.0-alpha4, you’re out of luck.

At this point, if you were using proprietary software you would most likely end up whining on Twitter and Facebook about the injustice of it all. How evil organizations are out of touch with their user base. Surely, if I want others to decide for me what I can and can not do, I’d buy Apple and Microsoft products!

But as luck would have it, ElasticSearch is Open Source. And Open Source means Freedom. Don’t like something? Change it!

Build your own ElasticSearch

As it turns out, building ElasticSearch is incredibly easy. The instructions below assume you have a Java SDK installed on your machine.

1. Clone the 5.0.0 branch to a local directory.

$ cd ~/Projects
$ git clone -b v5.0.2 https://github.com/elastic/elasticsearch.git

2. Edit the Bootstrap.java file.

$ cd elasticsearch
$ vi core/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java

3. Find the block with the statement “can not run elasticsearch as root”, and comment it out, e.g.:

//if (Natives.definitelyRunningAsRoot()) {
//  throw new RuntimeException("can not run elasticsearch as root");
//}

4. Make sure you have Gradle 2.13 installed (ElasticSearch is very picky about this).

$ mkdir ~/tmp
$ cd ~/tmp
$ wget https://services.gradle.org/distributions/gradle-2.13-all.zip
$ unzip gradle-2.13-all.zip
$ export GRADLE_HOME=~/tmp/gradle-2.13
$ export PATH=${GRADLE_HOME}/bin:${PATH}

5. Finally, start the build process. On my machine it took about 3 minutes.

$ cd ~/Projects/elasticsearch
$ gradle assemble

You will find the result of the build process under the distribution directory. For example, a handy .tar file to generate a Docker image can be found here:

$ find distribution -iname "*tar.gz" -print

distribution/tar/build/distributions/elasticsearch-5.0.2-SNAPSHOT.tar.gz