I am using docker-compose.yml file to start the opensearch and opensearch-dashboard containers. In this docker compose file I am using only single node (without cluster) for opensearch. I am getting following error message.
opensearch-node1 | [2022-03-23T14:37:03,730][INFO ][o.o.b.BootstrapChecks ] [opensearch-node1] bound or publishing to a non-loopback address, enforcing bootstrap checks
opensearch-node1 | ERROR: [1] bootstrap checks failed
opensearch-node1 | [1]: memory locking requested for opensearch process but memory is not locked
opensearch-node1 | ERROR: OpenSearch did not exit normally - check the logs at /usr/share/opensearch/logs/opensearch-cluster.log
Kindly find the docker-compose.yml file as follows.
version: '3'
services:
opensearch-node1:
image: opensearchproject/opensearch:1.3.0
container_name: opensearch-node1
environment:
- cluster.name=opensearch-cluster
- node.name=opensearch-node1
- action.auto_create_index:true
- compatibility.override_main_response_version:true
- discovery.seed_hosts=opensearch-node1
- cluster.initial_master_nodes=opensearch-node1
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
- "DISABLE_SECURITY_PLUGIN=true" # disables security plugin entirely in OpenSearch by setting plugins.security.disabled: true in opensearch.yml
volumes:
- opensearch-data1:/usr/share/opensearch/data
ports:
- 9200:9200
networks:
- opensearch-net
opensearch-dashboards:
image: opensearchproject/opensearch-dashboards:1.3.0
container_name: opensearch-dashboards
ports:
- 0.0.0.0:5601:5601
expose:
- "5601"
environment:
- 'OPENSEARCH_HOSTS=["https://opensearch-node1:9200"]'
networks:
- opensearch-net
volumes:
opensearch-data1:
networks:
opensearch-net:
Kindly suggest/assist on how to create a docker-compose.yml file without cluster or single node for opensearch.
Also testing stuff on my side.
Don’t recall this error myself, but here is what we successfully work with.
Gathered from internet, but lost the original post, sorry i can’t kudo
We have a custom certificate, and AD integration hence we enabled sercurity
version: '3'
services:
opensearch-ldap-node1:
image: opensearchproject/opensearch:1.3.0
container_name: opensearch-ldap-node1
environment:
- cluster.name=opensearch-ldap-cluster
- node.name=opensearch-ldap-node1
- discovery.seed_hosts=opensearch-ldap-node1
- cluster.initial_master_nodes=opensearch-ldap-node1
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
- "DISABLE_INSTALL_DEMO_CONFIG=true" # disable demo config see https://opensearch.org/docs/latest/opensearch/install/docker-security/
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
hard: 65536
volumes:
- opensearch-ldap-data1:/usr/share/opensearch/data
- ./config.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/config.yml
- ./opensearch.yml:/usr/share/opensearch/config/opensearch.yml
- ./internal_users.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/internal_users.yml
- ./roles_mapping.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/roles_mapping.yml
- ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem
- ./certs/node1.pem:/usr/share/opensearch/config/node1.pem
- ./certs/node1-key.pem:/usr/share/opensearch/config/node1-key.pem
- ./certs/admin.pem:/usr/share/opensearch/config/admin.pem
- ./certs/admin-key.pem:/usr/share/opensearch/config/admin-key.pem
ports:
- 9292:9200
- 9696:9600 # required for Performance Analyzer
dns:
- 8.8.8.8
dns_search:
- mydomain.org
networks:
- opensearch-ldap-net
opensearch-ldap-dashboards:
image: opensearchproject/opensearch-dashboards:1.3.0
container_name: opensearch-ldap-dashboards
volumes:
- ./dashboards-config:/usr/share/opensearch-dashboards/config
ports:
- 5656:5601
dns:
- 8.8.8.8
expose:
- "5656"
environment:
OPENSEARCH_HOSTS: '["https://opensearch-ldap-node1:9200"]' # must be a string with no spaces when specified as an environment variable
networks:
- opensearch-ldap-net
volumes:
opensearch-ldap-data1:
networks:
opensearch-ldap-net:
I have tried use the above docker-compose.yml and modified according to my need. However, still getting below error message.
opensearch-dashboards | {"type":"log","@timestamp":"2022-03-25T12:47:30Z","tags":["error","opensearch","data"],"pid":1,"message":"[ConnectionError]: Client network socket disconnected before secure TLS connection was established"}
Here is a docker-compose.yml.
version: '3'
services:
opensearch-node1:
image: opensearchproject/opensearch:1.3.0
container_name: opensearch-node1
environment:
- cluster.name=opensearch-cluster
- node.name=opensearch-node1
- discovery.seed_hosts=opensearch-node1
- cluster.initial_master_nodes=opensearch-node1
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
- "DISABLE_INSTALL_DEMO_CONFIG=true" # disable demo config see https://opensearch.org/docs/latest/opensearch/install/docker-security/
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
hard: 65536
volumes:
- opensearch-data1:/usr/share/opensearch/data
ports:
- 9292:9200
- 9696:9600 # required for Performance Analyzer
networks:
- opensearch-net
opensearch-dashboards:
image: opensearchproject/opensearch-dashboards:1.3.0
container_name: opensearch-dashboards
ports:
- 0.0.0.0:5601:5601
expose:
- "5601"
environment:
OPENSEARCH_HOSTS: '["https://opensearch-node1:9200"]' # must be a string with no spaces when specified as an environment variable
networks:
- opensearch-net
volumes:
opensearch-data1:
networks:
opensearch-net:
I tried with http but no luck. Getting following error message.
I tried with discovery.type= single-node that is also not working.
opensearch-node1 | [2022-03-26T11:51:37,853][WARN ][o.o.c.c.ClusterFormationFailureHelper] [opensearch-node1] master not discovered or elected yet, an election requires a node with id [Kv9ZRsGBR82SydhD8Vjvig], have discovered [{opensearch-node1}{2tur4uhHS0mysuMfqvS4iA}{fS23s-ORSC6Vb2xbEGXp4w}{ipaddress}{Ipaddress:9300}{dimr}{shard_indexing_pressure_enabled=true}] which is not a quorum; discovery will continue using [] from hosts providers and [{opensearch-node1}{2tur4uhHS0mysuMfqvS4iA}{fS23s-ORSC6Vb2xbEGXp4w}{IPAddress}{IP addres:9300}{dimr}{shard_indexing_pressure_enabled=true}] from last-known cluster state; node term 2, last-accepted version 41 in term 2
services:
opensearch-node1:
image: opensearchproject/opensearch:2.3.0
container_name: opensearch-node1
environment:
- cluster.name=opensearch-cluster
- node.name=opensearch-node1
- discovery.type=single-node
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
hard: 65536
volumes:
- opensearch-data1:/usr/share/opensearch/data
ports:
- 9200:9200
- 9600:9600 # required for Performance Analyzer
networks:
- opensearch-net
opensearch-dashboards:
image: opensearchproject/opensearch-dashboards:2.3.0
container_name: opensearch-dashboards
ports:
- 5601:5601
expose:
- "5601"
environment:
OPENSEARCH_HOSTS: '["https://opensearch-node1:9200"]'
networks:
- opensearch-net
volumes:
opensearch-data1:
networks:
opensearch-net: