4
我們正試圖在Docker容器中運行Elasticsearch節點。我們正在使用Search Guard插件來提高安全性。但是,在安裝過程中,插件要求我們運行腳本。該腳本要求ElasticSearch在運行時可以在端口9300上訪問。是否有延遲腳本的最佳做法?我們已經嘗試在執行之前進行睡眠以及RUN和CMD Dockerfile命令。具有請求的Docker Elasticsearch插件
這裏是輸出:
elasticsearch | Search Guard Admin v5
elasticsearch | Will connect to localhost:9300
elasticsearch | ERR: Seems there is no elasticsearch running on
localhost:9300 - Will exit
Dockerfile:
FROM docker.elastic.co/elasticsearch/elasticsearch:5.3.0
USER root
RUN apk update \
&& apk upgrade \
&& apk add nano
USER root
# Add the ElasticSeach config
ADD elasticsearch.yml /usr/share/elasticsearch/config/
RUN chown elasticsearch:elasticsearch /usr/share/elasticsearch/config/elasticsearch.yml
# Add the truststore
ADD keys/truststore.jks /usr/share/elasticsearch/config/
RUN chown elasticsearch:elasticsearch /usr/share/elasticsearch/config/truststore.jks
# Create the node certs
ADD gen-cert/ /usr/share/elasticsearch/gen-cert/
WORKDIR /usr/share/elasticsearch/gen-cert
RUN ./gen_node_cert.sh 0 ######### #########
RUN cp node-keystore.jks /usr/share/elasticsearch/config/
# Prep for boot!
WORKDIR /usr/share/elasticsearch/
USER elasticsearch
RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install -b com.floragunn:search-guard-5:5.3.0-11
RUN chmod +x -R /usr/share/elasticsearch/plugins/search-guard-5/tools/
# Run the security script on start
CMD sleep 10 && /usr/share/elasticsearch/plugins/search-guard-5/tools/sgadmin.sh \
-cd /usr/share/elasticsearch/plugins/search-guard-5/sgconfig/ \
-cn SHU \
-ks /usr/share/elasticsearch/config/node-keystore.jks \
-kspass Chupacabra \
-ts /usr/share/elasticsearch/config/truststore.jks \
-tspass Chupacabra \
-nhnv
你也可以看看這裏https://github.com/deviantony /泊塢窗 - 麋鹿/樹/ searchguard –