TrueNAS Open Storage Logo
TrueNAS.com Products Enterprise Support Community Support Truenas Security Get TrueNAS Enterprise Download TrueNAS Community Edition About TrueNAS Careers
TrueNAS Open Storage Logo
F-Series
F-Series

All-Flash NVMe Performance.

H-Series
H-Series

Big business performance. Entry level pricing.

Mini Series
Mini Series

Home Labs, Small Office & SMB Applications.

M-Series
M-Series

All-Flash or Hybrid Enterprise Performance.

R-Series
R-Series

Single Controller Storage Appliances.

TrueNAS Enterprise Icon
TrueNAS Enterprise

Mission Critical Storage. 24×7 Enterprise Support.

TrueCommand Icon
TrueCommand

Manage Your TrueNAS Fleet All From One Place.

Use Cases

Analytics Backup & Archival Cloud Data Mobility File Sharing
iX-Storj Media & Entertainment Surveillance Veeam Backup Virtualization

Industry

Audio Broadcasting Gaming Healthcare Manufacturing Media & Entertainment
Automotive Education Government MSP Research & AI

Support

Enterprise Support

For customers with active support contracts.

Community Support

For peer-to-peer, open-source support.

Resources

Case Studies Documentation Apps TrueNAS Security FAQ ZFS Overview
TrueNAS Blog Solution Guides Datasheets Software Status Videos TrueCommand Cloud
TrueNAS Community Edition Community Forum Discord TrueNAS GitHub TrueNAS Merch Store
About TrueNAS Awards Careers Contact Us Our Clients Reviews
Contact Icon
Contact an Enterprise Specialist

Speak with an enterprise storage specialist to find the right solutions for your business needs.

TrueNAS Enterprise Icon
TrueNAS Enterprise

Enterprise-grade storage appliances designed for business and mission-critical environments.

TrueNAS Community Edition Icon
Download TrueNAS Community Edition

Test Drive TrueNAS in Your Environment.

  1. Documentation Hub
  2. /
  3. TrueNAS Apps
  4. /
  5. Stable Apps
  6. /
  7. Elastic Search
Edit page
TrueNAS AppsTrueNAS Apps: Tutorials
Application maintenance is independent from TrueNAS version release cycles.
App versions, features, options, and installation behavior at time of access might vary from documented tutorials and UI reference.

Elastic Search

  17 minute read.

Elastic Search is the distributed, RESTful search and analytics engine at the heart of the Elastic Stack. The TrueNAS Elastic Search app allows you to configure and deploy a single Elasticsearch node. You can install multiple instances to deploy additional nodes, however you must configure a Custom App with the Install via YAML option to deploy a multi-node cluster.

This tutorial covers installing the TrueNAS Elastic Search app to deploy a node. It does not detail management of the node or integrating it with other containers. Elastic provides a basic primer, What is Elasticsearch, with further information about the app and its place within the Elastic Stack.

Before You Begin

Prepare TrueNAS before installing the app by:

  • Set a pool for applications to use if not already assigned.

    You can use either an existing pool or create a new one. TrueNAS creates the ix-apps (hidden) dataset in the pool set as the application pool. This dataset is internally managed, so you cannot use this as the parent when you create required application datasets.

    After setting the pool, the Installed Applications screen displays Apps Service Running on the top screen banner.

  • Locate the run-as user for the app.

    Take note of the run-as user for the app, shown on the app information screen in the Run As Context widget and in the Application Metadata widget on the Installed applications screen after the app fully deploys. The run-as user(s) get added to the ACL permissions for each dataset used as a host path storage volume.

  • Create datasets for the storage volumes for the app.

    Do not create encrypted datasets for apps if not required! Using an encrypted dataset can result in undesired behaviors after upgrading TrueNAS when pools and datasets are locked. When datasets for the containers are locked, the container does not mount, and the apps do not start. To resolve issues, unlock the dataset(s) by entering the passphrase/key to allow datasets to mount and apps to start.

    Go to Datasets and select the pool or dataset where you want to place the dataset(s) for the app. For example, /tank/apps/appName.

Create a storage dataset for Elastic Search Data Storage with a name such as data). Select apps as the Dataset Preset for this dataset. You can modify the dataset ACLs at the time of creation, or modify them later when adding them in the app.

Creating Datasets for Apps

When creating datasets for apps follow these steps:

  1. Go to Datasets, select the location for the parent dataset if organizing required datasets under a parent dataset, then click Add Dataset. For example, select the root dataset of the pool, and click Add Dataset to create a new parent called apps or appName*, where appName is the name of the app.

    Do not create the app datasets under the ix-applications or ix-apps dataset.

  2. Enter the name of the dataset, then select Apps as the Dataset Preset. Creating the parent dataset with the preset set to Generic causes permissions issues when you try to create the datasets the app requires with the preset set to Apps.

  3. Click Save. Return to dataset creation when prompted rather than configuring ACL permissions.

    You can set up permissions (ACLs) for a dataset after adding it by selecting Go to ACL Manager to open the Edit ACL screen, or wait and use the app Install wizard ACL settings to add permissions. You can also edit permissions after installing the app using either method.

  4. Select the parent dataset and then click Create Dataset to open the Add Dataset screen again.

  5. Enter the name of a dataset required for the app, such as config, select Apps as the Dataset Preset, and then click Save. When prompted, return to creating datasets rather than setting up ACL permissions.

  6. Repeat for remaining datasets required for the app.

  • Create a self-signed certificate for the app (if required).

Adding a certificate is optional but if you want to use a certificate for this application, either create a new self-signed CA and certificate or import an existing CA and create the certificate for Elastic Search. A certificate is not required to deploy the application.

Installing the Application

This basic procedure covers the required Elastic Search app settings. For optional settings, see Understanding App Installation Wizard Settings.

You can have multiple deployments of the same app (for example, two or more from the stable or enterprise trains, or a combination of the stable and enterprise trains).

Naming Multiple App Deployments

Each deployment of the same app requires a unique name. App names can include numbers, dashes, or underscores (for example, syncthing2, syncthing-test, syncthing_1, minio2, etc.).

Use a consistent file-naming convention to avoid conflict situations where data does not or cannot synchronize because of file name conflicts. Path and file names in apps are case-sensitive. For example, a file named MyData.txt is not the same as the mydata.txt file in Syncthing.

Go to Apps, click on Discover Apps, and locate the app widget by either scrolling down to it or begin typing the name into the search field. For example, to locate the MinIO app widget, begin typing minIO into the search field to show app widgets matching the search input.

If this is the first application installed, TrueNAS displays a dialog about configuring apps.

Configuring Apps Dialog

Click Confirm then Agree to close the dialog and open the application details screen.

If not the first time installing apps the dialog does not show, click on the widget to open the app information screen.

Click Install to open the app installation wizard.

Application configuration settings are grouped into several sections, each explained below in Understanding App Installation Wizard Settings. To find specific fields begin typing in the Search Input Fields search field to show the section or field, scroll down to a particular section, or click on the section heading in the list of sections on the upper-right of the wizard screen.

Install Elastic Search Screen
Figure 5: Install Elastic Search Screen

Accept the default value or enter a name in Application Name field. In most cases use the default name, but if adding a second deployment of the application you must change this name.

Accept the default version number in Version. When a new version becomes available, the application shows an update badge and the Application Info widget on the Installed applications screen shows the Update button.

Enter the Elastic Search Configuration settings.

Enter a password to use for the built-in elastic user. Passwords must be at least six characters long.

Accept the default or enter a value in Heap Size. Elastic documentation recommends setting the heap size to no more than 50% of the total memory visible to the container.

Accept the default value in Node Name.

The TrueNAS app is configured with all the required environment variables, but if you want to further customize the container, click Add to the right of Additional Environment Variables for each to enter the variable(s) and values(s).

Accept the default values in Network Configuration. See Network Configuration for more details.

Do not select Host Network.

Add your Storage Configuration settings.

Set Host Path (Path that already exists on the system) in Type for Elastic Search Data Storage. Select Enable ACL, and then enter or browse to and select the data dataset created above to populate the Host Path field.

Add Elastic Search Data Storage
Figure 6: Add Elastic Search Data Storage

Click Add to the right of ACL Entries for each user or group entry you want to add. Enter the user and group ID 1000 and give each FULL_CONTROL Access.

Select Force Flag.

Repeat the storage steps above each additional storage volume. See Storage Configuration Settings below for more information.

Accept the defaults in Resources Configuration.

Click Install. A progress dialog displays before switching to the Installed applications screen. The Installed screen displays with the elastic-search app in the Deploying state. Status changes to Running when ready to use.

Click Web UI on the Application Info widget to open the Elastic Search web portal screen, which displays information about the configured node. This is the equivalent of running a curl check on the app port.

Elastic Search Web Portal
Figure 7: Elastic Search Web Portal

Understanding App Installation Wizard Settings

The following section provides more detailed explanations of the settings in each section of the Install Elastic Search installation wizard.

Application Name Settings

Accept the default value or enter a name in Application Name field. In most cases use the default name, but if adding a second deployment of the application you must change this name.

Accept the default version number in Version. When a new version becomes available, the application shows an update badge and the Application Info widget on the Installed applications screen shows the Update button.

Elastic Search Configuration Settings

Elastic Search configuration settings include setting up credentials, naming the node, and setting the heap size, networking configuration, storage configuration, configuring labels and setting resource limits for the container.

If you have an existing Elastic Search account, add the credentials for that account in the Admin User and Admin Password fields. If you do not have an existing account, enter the name and password you want to use to create the Elastic Search login credentials.

Adding Environment Variables

The app wizard is configured with all settings required to deploy the container, but you can add additional settings if you want to further customize the app in TrueNAS.

Click Add to the right of Environmental Variables to show a set of fields to configure the application with additional variables.

You can add environment variables to the app configuration after deploying it. Click Edit on the Application Info widget for the app found on the Installed Application screen to open the edit screen.

Refer to Elastic Search documentation for more information on environment variables.

Enter variables using Elastic Search with Docker syntax.

  1. Change the setting name to uppercase
  2. Prefix it with ES_SETTING_
  3. Escape any underscores (_) by duplicating them
  4. Convert all periods (.) to underscores (_)

For example, to set bootstrap.memory_lock=true, enter ES_SETTING_BOOTSTRAP_MEMORY__LOCK for Name and true for Value.

Network Configuration

The default web port for Elastic Search is 30003.

We do not recommend selecting Host Network unless required for the specific application or workload. When required or strongly recommended for an application, TrueNAS typically enables host networking by default.

When host networking is disabled, specific ports from the container are exposed on the local network and mapped to a host port. This is the default Docker networking behavior. This approach provides better isolation, flexibility in port assignments, and improved security compared to enabling host networking.

Select Host Network to bypass port mapping, granting the container direct access network interfaces on the host. This can improve performance, especially in deployments with many users, and simplify network configuration, but compromises isolation and introduces the risk of port conflicts, limiting the ability to run multiple instances of the same app. For most deployments, default port mapping is more secure and versatile.

All TrueNAS apps are assigned default port numbers. Accept the default port numbers, but if changing port number assignments, enter a number within the range 1-65535, however, 0-1024 might require the application to have elevated privileges. Before changing default ports, refer to the TrueNAS default port list for a list of assigned and available port numbers.

To use a certificate, best practice is to create the self-signed certificate before you begin using the app installation wizard. If you did not create a certificate before starting the installation wizard you can select the default TrueNAS certificate and edit the app to change the certificate after deploying the application.

Select the certificate created in TrueNAS for the app from the Certificate dropdown list.

Storage Configuration

TrueNAS provides two options for storage volumes: ixVolumes and host paths.

Setting the Storage Volume Type

To allow TrueNAS to create the storage volume, leave Type set to ixVolume (Dataset created automatically by the system). This adds a storage volume for the application nested in the hidden ix-apps dataset, located on the pool selected as the apps pool. Using ixVolume is intended for a test deployment of an app but not for a full app deployment, as data does not persist for these volumes after deleting the app where a dataset does. Datasets make recovering, transferring, and accessing app configuration, user, or other data possible where ixVolumes do not.

To use an existing dataset, which is the recommended option, set Type to Host Path (Path that already exists on the system).

If the install wizard shows a Mount Path, either accept the default value or enter the correct mount path. For example, if the dataset name is data, enter /data as the mount path.

To create a dataset while in the app installation wizard, with Type set to the host path option, go to the Host Path field, click into the pool or a dataset in the pool to activate the Create Dataset option. Click on Create Dataset to open the dialog. Enter the name for the dataset, then click Create. TrueNAS creates the dataset in the location selected.

Select Enable ACL to define ACL permissions and to populate the Host Path field by either entering or browsing to and selecting the location of the dataset. Populating the Host Path with the dataset location and then selecting Enable ACL clears the values, so we recommend selecting Enable ACL before entering the host path.

Repeat the above for each required dataset.

Elastic Search needs one dataset for host path storage volume configuration, with a name such as data, to use as the Elastic Search Data Storage volume. Create this dataset before beginning the app installation wizard, as described in Before You Begin.

If needed, you can add extra storage volumes at the time of installation or edit the application after it deploys. Stop the app before editing settings.

Configuring Additional Storage Volumes

If you choose to configure additional storage volumes, click Add to the right of Additional Storage to show the Type field with three options:

  • HostPath (Path that already exists on the system)
  • ixVolume (Dataset created automatically by the system)
  • SMB/CIFS Share (Mounts a volume to a SMB share)

The host path option requires an existing dataset on the system. The SMB/CIFS share option shows settings for configuring an SMB share as a storage option.

Setting Dataset ACL Permissions

You can configure ACL permissions for the required dataset in the Install Elastic Search wizard, or from the Datasets screen any time after adding the datasets.

Select Enable ACL to show the ACL and ACE Entries options. Configure ACE entries for each UID and/or GID you recorded from the Run As Context widget in Before You Begin.

Configuring ACE Entries

Enter or browse to select the dataset and populate Host Path.

Next, click Add to the right of ACL Entries to show the permissions settings. Set ID Type to Entry is for a USER or Entry is for a GROUP. If you configured a group in TrueNAS that you want to give access to instead of a single user, set the ID to the group option and enter the GID for that group.

Enter the UID and/or GID as one of the following:

  • The default app user:
    • 568 for apps in all trains if the app can run as any non-root user.
    • 999 for all postgres storage volumes.
    • 0 if running as root.
    • 473 for MinIO app in the stable train.
  • The run-as-user UID set as a default for the app. The run-as user shows on the app details screen in the Run As Content widget, and on the Installed application screen after the app deploys. You can refer to the tutorial for the app, or look in the questions.yaml file found in the GitHub repository for the application to find this UID/GID.
  • The user ID for the new or existing TrueNAS user added to serve as the administrator for the app.

If the app shows User and Group Configuration settings, the default UID shows on the screen. If not, choose the run-as user ID found in the Run As Content widget.

Use the default user ID 999 for all postgres storage volumes, not the run-as user.

If you created a new TrueNAS user to serve as the app administration user, add an entry record and enter the UID for this user in addition to the run-as user ID.

When adding the ACL entry for the run-as user, default user, and/or optional TrueNAS app administrator user, and postgres user ID, set the Access permissions level to FULL CONTROL.

Select Force Flag to apply the ACL even if the path has existing data. This allows you to update the app when an update is available.

Adding ACL Permissions from the Datasets Screen First select the dataset row, and scroll down to the Permissions widget, and then click Edit to open the Edit ACL screen. Change the @owner and @group values from root to the administrative user for your TrueNAS system, and click apply for each. Next, add an ACL entry for the run-as user. For Elastic Search, the run-as user is 1000. Add a user entry for this user. Save the ACL before leaving the screen.

Mounting an SMB Share Storage Volume

TrueNAS Additional Storage options include the ability to mount an SMB share inside the container pod.

Configuring Additional Storage Volumes

If you choose to configure additional storage volumes, click Add to the right of Additional Storage to show the Type field with three options:

  • HostPath (Path that already exists on the system)
  • ixVolume (Dataset created automatically by the system)
  • SMB/CIFS Share (Mounts a volume to a SMB share)

The host path option requires an existing dataset on the system. The SMB/CIFS share option shows settings for configuring an SMB share as a storage option.

Set Type an SMB/CIFS Share (Mounts a volume to a SMB share) to add an SMB share storage volume.

Select Read Only to make the storage volume read only.

Enter the path inside the container to mount the storage for the share volume in Mount Path.

Enter the server address for the SMB share in Server, the path to mount the SMB share in Path, and the share authentication user credentials in User and Password. (Optional) enter the share domain name in domain.

Permissions are currently limited to the permissions of the user that mounted the share.

Use the SMB option for data synchronization between a share and the app if the option shows on the screen. A present, only the Syncthing app includes this option.

Labels Configuration

The Labels Configuration settings allow users to configure Docker object labels to add metadata to containers. Docker object labels attach key-value metadata to various Docker objects, such as containers, images, volumes, and networks. Labels are useful for organization, automation, and providing additional context for Docker resources. They can store information such as environment details, ownership, service role, or custom tags for automation tools.

Click Add to display a set of label configuration fields.

Use Key to define the identifier that categorizes and filters resources, for example com.example.owner. Use Value to enter the associated data for the container, for example team-a.

Select the target container from the Containers dropdown list to apply the label(s). Apps with multiple containers list each container as an option on the dropdown.

Click Add again to configure additional labels.

Tips for Labels:

  • Docker recommends using reverse-DNS notation to prevent conflicts with other objects.
  • Use a consistent naming convention for labels applied across all containers, for example, com.example.owner=team-a, com.example.owner=team-b, com.example.env=production, com.example.env=testing.
  • Use in groupings, for example, when applying configuration changes where labels define or group related database resources (com.example.role=db).
  • Use reverse-DNS notation to prevent conflicts with other objects, as recommended by Docker.
  • Use a consistent naming convention for labels applied across all containers, for example, com.example.owner=team-a, com.example.owner=team-b, com.example.env=production, com.example.env=testing.
  • Use in groupings, for example, when applying configuration changes where labels define or group related database resources (com.example.role=db).
  • Combine labels for more granular control, for example, using com.example.env=prod and com.example.tier=frontend to distinguish frontend from backend services in production environments.

Resources Configuration

Resources Configuration Settings
Figure 12: Resources Configuration Settings

Accept the default values in Resources Configuration or enter new CPU and memory values. By default, this application is limited to use no more than 2 CPU cores and 4096 megabytes available memory. The application might use considerably less system resources.

To customize the CPU and memory allocated to the container the app uses, enter new CPU values as a plain integer value (letter suffix is not required). The default is 4096.

Accept the default value (4 Gb) allocated memory or enter a new limit in bytes. Enter a plain integer without the measurement suffix, for example, 129 not 129M or 123MiB.

Related Content

Apps
Getting Started
UI Reference
Solutions

Have more questions?

For further discussion or assistance, see these resources:

Found content that needs an update?  You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).