Cleanup w/o certs

README.md

@@ -12,8 +12,8 @@ ddev-enterprise-search is the un-official implementation of Elastic Enterprise S
 
 Enterprise Search is an additional Elastic service that adds APIs and UIs to those already provided by Elasticsearch and Kibana.
 
-Currently sitting at version 8.12.0, part of the implementation as a service for DDEV includes Elastic Search and Kibana containers.
-This means that to use this service, existing Elastic and Kibana servies needs to be uninstalled in your project.
+Currently sitting at version 8.12.0, part of the implementation as a service for DDEV includes Kibana container.
+This means that to use this service, existing Kibana service needs to be uninstalled in your project and should install the supported Elastic Search from DDEV.
 
 From your DDEV project, install this by running `ddev get ssmarco/ddev-enterprise-search` then `ddev restart`.
 This will take up to 30 minutes or so due when downloading the required docker containers (Elastic Search, Kibana and Enterprise Search).
@@ -26,6 +26,7 @@ This will take up to 30 minutes or so due when downloading the required docker c
 1. In the DDEV project directory launch the command:
 
 ```
+ddev get ddev/ddev-elasticsearch
 ddev get ssmarco/ddev-enterprise-search
 ```
 

docker-compose.enterprise-search.yaml

@@ -23,47 +23,13 @@ services:
         restart: "no"
         command: >
             bash -c '
-                # if [ ! -f /usr/share/elasticsearch/config/certs/ca.zip ]; then
-                #     echo "Creating CA";
-                #     bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
-                #     unzip config/certs/ca.zip -d config/certs;
-                # fi;
-
-                # if [ ! -f /usr/share/elasticsearch/config/certs/certs.zip ]; then
-                #     echo "Creating certs";
-                #     echo -ne \
-                #       "instances:\n"\
-                #       "  - name: elasticsearch\n"\
-                #       "    dns:\n"\
-                #       "      - elasticsearch\n"\
-                #       "      - localhost\n"\
-                #       "    ip:\n"\
-                #       "      - 127.0.0.1\n"\
-                #     > config/certs/instances.yml;
-                #
-                #     bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
-                #     unzip config/certs/certs.zip -d config/certs;
-                # fi;
-
-                echo "Setting file permissions"
-                #chown -R root:root config/certs;
-                #find . -type d -exec chmod 755 \{\} \;;
-                #find . -type f -exec chmod 644 \{\} \;;
-
-                echo "Listing certificates"
-                #ls -la config/certs/ca/ca.crt
-                #ls -la config/certs/elasticsearch/elasticsearch.crt
-
                 echo "Waiting for Elasticsearch availability";
-                #until curl -s --cacert config/certs/ca/ca.crt -u elastic:elastic https://elasticsearch:9200; do sleep 5 && date; done;
                 until curl -s -u elastic:elastic http://elasticsearch:9200; do sleep 5 && date; done;
 
                 echo "Setting kibana_system password";
-                #until curl -s -X POST --cacert config/certs/ca/ca.crt -u elastic:elastic -H "Content-Type: application/json" https://elasticsearch:9200/_security/user/kibana_system/_password -d "{\"password\":\"elastic\"}" | grep -q "^{}"; do sleep 5 && date ; done;
                 until curl -s -X POST -u elastic:elastic -H "Content-Type: application/json" http://elasticsearch:9200/_security/user/kibana_system/_password -d "{\"password\":\"elastic\"}" | grep -q "^{}"; do sleep 5 && date ; done;
 
                 echo "Testing kibana_system user";
-                #until curl -s --cacert config/certs/ca/ca.crt -u kibana_system:elastic https://elasticsearch:9200; do sleep 5 && date; done;
                 until curl -s -u kibana_system:elastic http://elasticsearch:9200; do sleep 5 && date; done;
 
                 echo "Exit in 5 minutes"
@@ -75,33 +41,23 @@ services:
     elasticsearch:
         depends_on:
             - elastic-config
-        # Name of container using standard ddev convention
-        container_name: ddev-${DDEV_SITENAME}-elasticsearch
-        hostname: ${DDEV_SITENAME}-elasticsearch
-        image: docker.elastic.co/elasticsearch/elasticsearch:8.12.0
+        image: elasticsearch:8.12.0
         volumes:
-            - ".:/mnt/ddev_config"
             - ./enterprise-search/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
             - elastic-certs:/usr/share/elasticsearch/config/certs
-            - elastic-data:/usr/share/elasticsearch/data
-        # These labels ensure this service is discoverable by ddev.
-        labels:
-            com.ddev.site-name: ${DDEV_SITENAME}
-            com.ddev.approot: $DDEV_APPROOT
+            - elasticsearch:/usr/share/elasticsearch/data
         environment:
-            - ELASTIC_PASSWORD=elastic
+            - cluster.name=docker-cluster
+            - discovery.type=single-node
+            - bootstrap.memory_lock=true
             - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
             - VIRTUAL_HOST=$DDEV_HOSTNAME
             - HTTP_EXPOSE=9200:9200
             - HTTPS_EXPOSE=9201:9200
-            - cluster.name=docker-cluster
-            - discovery.type=single-node
-            - bootstrap.memory_lock=true
-        mem_limit: 1073741824
-        ulimits:
-            memlock:
-                soft: -1
-                hard: -1
+            - ELASTIC_PASSWORD=elastic
+            - KIBANA_PASSWORD=elastic
+        healthcheck:
+            disable: true
 
     kibana:
         depends_on:
@@ -141,7 +97,6 @@ services:
 
     enterprisesearch:
         depends_on:
-            #- kibana
             - elasticsearch
         container_name: ddev-${DDEV_SITENAME}-enterprisesearch
         hostname: ${DDEV_SITENAME}-enterprisesearch
@@ -160,14 +115,6 @@ services:
             - SERVERNAME=enterprisesearch
             - ELASTIC_PASSWORD=elastic
             - KIBANA_PASSWORD=elastic
-            - secret_management.encryption_keys=[thequickbrownfoxjumpsoverthelazydog1cozylummoxgivessmartsquidwho]
-            - allow_es_settings_modification=true
-            - elasticsearch.host=https://elasticsearch:9200
-            - elasticsearch.username=elastic
-            - elasticsearch.password=elastic
-            - elasticsearch.ssl.enabled=true
-            - elasticsearch.ssl.certificate_authority=/usr/share/enterprise-search/config/certs/ca/ca.crt
-            - kibana.external_url=http://kibana:5601
         mem_limit: 1073741824
         healthcheck:
             test:

enterprise-search/config.yml

@@ -15,4 +15,3 @@ ent_search.listen_port: 3002
 
 secret_management.encryption_keys:
   [thequickbrownfoxjumpsoverthelazydog1cozylummoxgivessmartsquidwho]
-# elasticsearch.ssl.certificate_authority: /usr/share/enterprise-search/config/certs/ca/ca.crt

enterprise-search/elasticsearch.yml

@@ -8,28 +8,20 @@
 cluster.name: "docker-cluster"
 node.name: elasticsearch
 discovery.type: "single-node"
+bootstrap.memory_lock: true
 
 # https://www.elastic.co/guide/en/elasticsearch/reference/current/important-settings.html#network.host
 network.host: 0.0.0.0
 http.host: 0.0.0.0
 transport.host: 0.0.0.0
 http.port: 9200
+
 # Disable security features
 # https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html#general-security-settings
-
 xpack.security.enabled: true
 xpack.security.enrollment.enabled: true
 xpack.security.authc.api_key.enabled: true
 xpack.security.autoconfiguration.enabled: true
-bootstrap.memory_lock: true
 xpack.security.http.ssl.enabled: false
-# xpack.security.http.ssl.key: certs/elasticsearch/elasticsearch.key
-# xpack.security.http.ssl.certificate: certs/elasticsearch/elasticsearch.crt
-# xpack.security.http.ssl.certificate_authorities: certs/ca/ca.crt
-# xpack.security.http.ssl.verification_mode: certificate
 xpack.security.transport.ssl.enabled: false
-# xpack.security.transport.ssl.key: certs/elasticsearch/elasticsearch.key
-# xpack.security.transport.ssl.certificate: certs/elasticsearch/elasticsearch.crt
-# xpack.security.transport.ssl.certificate_authorities: certs/ca/ca.crt
-# xpack.security.transport.ssl.verification_mode: certificate
 xpack.license.self_generated.type: basic

enterprise-search/kibana.yml

@@ -19,11 +19,6 @@ elasticsearch.hosts: ["http://elasticsearch:9200"]
 enterpriseSearch.host: "http://enterprisesearch:3002"
 server.publicBaseUrl: "http://elasticsearch:9200"
 
-# Enables you to specify a path to the PEM file for the certificate
-# authority for your Elasticsearch instance.
-#elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/config/certs/ca/ca.crt"]
-#enterpriseSearch.ssl.certificateAuthorities: ["/usr/share/kibana/config/certs/ca/ca.crt"]
-
 # To disregard the validity of SSL certificates, change this setting's value to 'none'.
 elasticsearch.ssl.verificationMode: none
 enterpriseSearch.ssl.verificationMode: none