Installing Workplace Searchedit
The Workplace Search offering is currently available as beta software, in the form of a self-managed deployable binary. It can be downloaded free for experimentation and evaluation.
Workplace Search beta feedback is always welcome and appreciated. Don’t hesitate to send us an email!
Supported platforms:edit
- Linux: x86_64 only
- MacOS X: 10.13 - 10.1x (64-bit only)
- Windows: Not supported
Minimum hardware:edit
- ~4GB of free RAM or 6GB if Elasticsearch is running on the same machine.
- 2GB for App Server.
- 2GB for Worker.
- 50Mb for Filebeat and other processes.
- 5GB of disk space available.
Dependencies:edit
- Java 8 or Java 11.
- Platinum-licensed (or Trial) Elasticsearch 7.6.x.
If you do not have access to a Platinum license, a trial license is automatically applied for you upon the first succesful boot. Trial licenses are valid for 30 days.
Running Workplace Searchedit
First, you’ll need to get Elasticsearch up and running with security features:
Step 1. Download Elasticsearch 7.6.x and navigate to the newly unpacked directory.
Step 2. Locate the config/elasticsearch.yml configuration file and edit the following setting to enable Elasticsearch’s Security features:
xpack.security.enabled: true
Step 3. Start Elasticsearch:
$ bin/elasticsearch
Step 4. Open a new terminal window, and navigate to the Elasticsearch directory. From here, we must generate a random password for the elastic user, which will be used by Workplace Search to securely communicate with the underlying Elasticsearch cluster:
$ bin/elasticsearch-setup-passwords auto
Locate the password for the elastic user as output in the console and keep it handy: we will need it in a few moments.
You may also manually generate passwords using the elasticsearch-setup-passwords command.
We must now configure Workplace Search:
Step 5. Download Workplace Search 7.6.x and navigate to the newly unpacked directory.
Step 6. Locate the config/enterprise-search.yml file and edit the following settings using the recently generated password:
ent_search.auth.source: standard elasticsearch.username: elastic elasticsearch.password: [ELASTIC_USER_PASSWORD]
Step 7. Add the following configuration to the`config/enterprise-search.yml` file. It allows Enterprise Search to create to appropriate indices for the target Elasticsearch cluster:
allow_es_settings_modification: true
allow_es_settings_modification: true can be used safely if the cluster is used for Enterprise Search only. An alternative option is to set auto_create_index at the cluster level. See Elasticsearch Cluster Settings for more information.
Step 8. You must also set at least one encryption key in the same config/enterprise-search.yml configuration file (256-bit key recommended), as an array:
secret_management.encryption_keys: [{encryption_key1}, {encryption_key2}, {...}]
For more information on encryption keys for Enterprise Search, refer to the Encryption Keys guide.
Step 9. Run the boot command and provide a default user password to start Workplace Search. The default password will also be used to log in to the Workplace Search administrative experience:
$ ENT_SEARCH_DEFAULT_PASSWORD=passwordexample bin/enterprise-search
Should you choose not to provide a default password, a random passphrase will be generated for you on the first boot sequence, and will be output in the console
Step 10. Head to http://localhost:3002. You will be presented with a one-time deployment status report. If the Elasticsearch cluster is not already running with a Platinum license applied, a trial license is automatically applied for you and will be valid for 30 days.
With the enterprise_search user in hand and the password provided at boot time, proceed to the next step to log in.
Voilà! You’re up and running, and ready to take on your Workplace Search project. Read the Getting started guide for more information on setting up Elastic Workplace Search as an administrator.
Elasticsearch Cluster Settingsedit
Workplace Search makes alterations to the auto_create_index persistent and transient settings within Elasticsearch when using allow_es_settings_modification: true. Avoid making changes to those settings as it may result in unintended consequences.
An alternative approach involves setting the auto_create_index configuration in elasticsearch.yml for the target Elasticsearch cluster:
action.auto_create_index: ".ent-search-*-logs-*,-.ent-search-*,-test-.ent-search-*,+*"
Using this alternative approach allows you to maintain all Elasticsearch-specific settings at the cluster level.
Password Reset Tipsedit
Run the binary with an attached --reset-auth command:
- Standard Auth: Resets login and generates new random password.
- elasticsearch-native and elasticsearch-saml: Removes the current role mappings. All users are granted the owner role.