Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Docker Elasticsearch Plugin with Request

Tags:

docker

dockerfile

elasticsearch

We are attempting to run an Elasticsearch node in a Docker container. We are using the Search Guard plugin for security. However, during the install process, the plugin requires that we run a script. This script required that ElasticSearch be reachable on port 9300 when it runs. Is there a best practice for delayed scripts? We have tried sleeping before execution and the RUN and CMD Dockerfile commands.

Here is the output:

elasticsearch    | Search Guard Admin v5
elasticsearch    | Will connect to localhost:9300
elasticsearch    | ERR: Seems there is no elasticsearch running on 
localhost:9300 - Will exit

Dockerfile:

FROM docker.elastic.co/elasticsearch/elasticsearch:5.3.0

USER root

RUN apk update \
    && apk upgrade \
    && apk add nano

USER root

# Add the ElasticSeach config
ADD elasticsearch.yml /usr/share/elasticsearch/config/
RUN chown elasticsearch:elasticsearch /usr/share/elasticsearch/config/elasticsearch.yml

# Add the truststore
ADD keys/truststore.jks /usr/share/elasticsearch/config/
RUN chown elasticsearch:elasticsearch /usr/share/elasticsearch/config/truststore.jks

# Create the node certs
ADD gen-cert/ /usr/share/elasticsearch/gen-cert/
WORKDIR /usr/share/elasticsearch/gen-cert
RUN ./gen_node_cert.sh 0 ######### #########
RUN cp node-keystore.jks /usr/share/elasticsearch/config/

# Prep for boot!
WORKDIR /usr/share/elasticsearch/
USER elasticsearch

RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install -b com.floragunn:search-guard-5:5.3.0-11
RUN chmod +x -R /usr/share/elasticsearch/plugins/search-guard-5/tools/

# Run the security script on start
CMD sleep 10 && /usr/share/elasticsearch/plugins/search-guard-5/tools/sgadmin.sh \
        -cd /usr/share/elasticsearch/plugins/search-guard-5/sgconfig/ \
        -cn SHU \
        -ks /usr/share/elasticsearch/config/node-keystore.jks \
        -kspass Chupacabra \
        -ts /usr/share/elasticsearch/config/truststore.jks \
        -tspass Chupacabra \
        -nhnv
like image 499
nbrink Avatar asked Apr 05 '17 15:04

nbrink

1 Answers

We were able to get this working. We just had to add the script to the CMD command at the end of our Dockerfile so it ran after the ElasticSearch startup script.

It looks like you can only have one command per file so we had to look at the base Elastic image (ElasticSearch Docker GitHub) and add to it.

CMD ["/bin/bash", "bin/es-docker", "search-guard/run-sgadmin.sh"]

like image 109
nbrink Avatar answered Sep 28 '22 06:09

nbrink
Sign in to Comment

Related questions

what's difference between simple_query_string and query_string?
Elasticsearch: count returning wrong value
Showing unmatched word in elasticsearch results
ElasticSearch & Mongo
Elasticsearch foselastica repository and groupBy
Elasticsearch upgrade 2.3.1 Nest client Raw String
how to find the nearest / closest number using Query DSL in elasticsearch
Search ElasticSearch field contained in a value
ElasticSearch HTTP client vs Transport client
Elasticsearch Bindexception cannot assign requested address
elasticsearch update mapping conflict exception
Elasticsearch array value count aggregation
Elasticsearch: Order by date field (descending): gauss or field_value_factor?
Getting error in Elasticsearch while creating index using postman
No handler for type [text] declared on field [title] (python elasticsearch
Searchkick - trailing special characters
How to create an ElasticSearch Type and make it searchable inside the Index
Updating existing documents in ElasticSearch (ES) while using rollover API
Performance of Terms Query with many elements
Elasticsearch "More Like This" API vs. more_like_this query

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!