All geek questions in one place

Docker Elasticsearch plugin with request

We are trying to run the Elasticsearch node in a Docker container. We use the Search Guard plugin for security. However, during the installation process, the plugin requires us to run the script. This script required ElasticSearch to be available on server 9300 when it was launched. Is there a best practice for deferred scenarios? We tried to sleep before execution, and the RUN and CMD Dockerfile commands.

Here is the result:

elasticsearch    | Search Guard Admin v5
elasticsearch    | Will connect to localhost:9300
elasticsearch    | ERR: Seems there is no elasticsearch running on 
localhost:9300 - Will exit

Dockerfile:

FROM docker.elastic.co/elasticsearch/elasticsearch:5.3.0

USER root

RUN apk update \
    && apk upgrade \
    && apk add nano

USER root

# Add the ElasticSeach config
ADD elasticsearch.yml /usr/share/elasticsearch/config/
RUN chown elasticsearch:elasticsearch /usr/share/elasticsearch/config/elasticsearch.yml

# Add the truststore
ADD keys/truststore.jks /usr/share/elasticsearch/config/
RUN chown elasticsearch:elasticsearch /usr/share/elasticsearch/config/truststore.jks

# Create the node certs
ADD gen-cert/ /usr/share/elasticsearch/gen-cert/
WORKDIR /usr/share/elasticsearch/gen-cert
RUN ./gen_node_cert.sh 0 ######### #########
RUN cp node-keystore.jks /usr/share/elasticsearch/config/

# Prep for boot!
WORKDIR /usr/share/elasticsearch/
USER elasticsearch

RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install -b com.floragunn:search-guard-5:5.3.0-11
RUN chmod +x -R /usr/share/elasticsearch/plugins/search-guard-5/tools/

# Run the security script on start
CMD sleep 10 && /usr/share/elasticsearch/plugins/search-guard-5/tools/sgadmin.sh \
        -cd /usr/share/elasticsearch/plugins/search-guard-5/sgconfig/ \
        -cn SHU \
        -ks /usr/share/elasticsearch/config/node-keystore.jks \
        -kspass Chupacabra \
        -ts /usr/share/elasticsearch/config/truststore.jks \
        -tspass Chupacabra \
        -nhnv
+4
source share
1 answer

We were able to get this job. We just needed to add a script to the CMD command at the end of our Docker file so that it would run after running the ElasticSearch script.

, , Elastic image (ElasticSearch Docker GitHub) .

CMD [ "/bin/ bash", "bin/es-docker", "search-guard/run-sgadmin.sh" ]

+5

Source: https://habr.com/ru/post/1674108/

More articles:


All Articles