Opensearch single node without cluster using docker-compose

Hello Team,

I am using docker-compose.yml file to start the opensearch and opensearch-dashboard containers. In this docker compose file I am using only single node (without cluster) for opensearch. I am getting following error message.

opensearch-node1         | [2022-03-23T14:37:03,730][INFO ][o.o.b.BootstrapChecks    ] [opensearch-node1] bound or publishing to a non-loopback address, enforcing bootstrap checks
opensearch-node1         | ERROR: [1] bootstrap checks failed
opensearch-node1         | [1]: memory locking requested for opensearch process but memory is not locked
opensearch-node1         | ERROR: OpenSearch did not exit normally - check the logs at /usr/share/opensearch/logs/opensearch-cluster.log

Kindly find the docker-compose.yml file as follows.

version: '3'
services:
  opensearch-node1:
    image: opensearchproject/opensearch:1.3.0
    container_name: opensearch-node1
    environment:
      - cluster.name=opensearch-cluster
      - node.name=opensearch-node1
      - action.auto_create_index:true
      - compatibility.override_main_response_version:true
      - discovery.seed_hosts=opensearch-node1
      - cluster.initial_master_nodes=opensearch-node1
      - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
      - "DISABLE_SECURITY_PLUGIN=true" # disables security plugin entirely in OpenSearch by setting plugins.security.disabled: true in opensearch.yml
    volumes:
      - opensearch-data1:/usr/share/opensearch/data
    ports:
      - 9200:9200
    networks:
      - opensearch-net

  opensearch-dashboards:
    image: opensearchproject/opensearch-dashboards:1.3.0
    container_name: opensearch-dashboards
    ports:
      - 0.0.0.0:5601:5601
    expose:
      - "5601"
    environment:
      - 'OPENSEARCH_HOSTS=["https://opensearch-node1:9200"]'
    networks:
      - opensearch-net

volumes:
  opensearch-data1:

networks:
  opensearch-net:

Kindly suggest/assist on how to create a docker-compose.yml file without cluster or single node for opensearch.

Thank you in advance!
Sabil.

Hi,

Also testing stuff on my side.
Don’t recall this error myself, but here is what we successfully work with.
Gathered from internet, but lost the original post, sorry i can’t kudo

We have a custom certificate, and AD integration hence we enabled sercurity

version: '3'
services:

  opensearch-ldap-node1:
    image: opensearchproject/opensearch:1.3.0
    container_name: opensearch-ldap-node1
    environment:
      - cluster.name=opensearch-ldap-cluster
      - node.name=opensearch-ldap-node1
      - discovery.seed_hosts=opensearch-ldap-node1
      - cluster.initial_master_nodes=opensearch-ldap-node1
      - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
      - "DISABLE_INSTALL_DEMO_CONFIG=true" # disable demo config see https://opensearch.org/docs/latest/opensearch/install/docker-security/
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
        hard: 65536
    volumes:
      - opensearch-ldap-data1:/usr/share/opensearch/data
      - ./config.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/config.yml
      - ./opensearch.yml:/usr/share/opensearch/config/opensearch.yml
      - ./internal_users.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/internal_users.yml
      - ./roles_mapping.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/roles_mapping.yml
      - ./certs/root-ca.pem:/usr/share/opensearch/config/root-ca.pem
      - ./certs/node1.pem:/usr/share/opensearch/config/node1.pem
      - ./certs/node1-key.pem:/usr/share/opensearch/config/node1-key.pem
      - ./certs/admin.pem:/usr/share/opensearch/config/admin.pem
      - ./certs/admin-key.pem:/usr/share/opensearch/config/admin-key.pem
    ports:
      - 9292:9200
      - 9696:9600 # required for Performance Analyzer
    dns:
      - 8.8.8.8
    dns_search:
      - mydomain.org
    networks:
      - opensearch-ldap-net
  opensearch-ldap-dashboards:
    image: opensearchproject/opensearch-dashboards:1.3.0
    container_name: opensearch-ldap-dashboards
    volumes:
      - ./dashboards-config:/usr/share/opensearch-dashboards/config
    ports:
      - 5656:5601
    dns:
      - 8.8.8.8
    expose:
      - "5656"
    environment:
      OPENSEARCH_HOSTS: '["https://opensearch-ldap-node1:9200"]' # must be a string with no spaces when specified as an environment variable
    networks:
      - opensearch-ldap-net


volumes:
  opensearch-ldap-data1:

networks:
  opensearch-ldap-net:

Thank you @madiot for your response.

I have tried use the above docker-compose.yml and modified according to my need. However, still getting below error message.

opensearch-dashboards    | {"type":"log","@timestamp":"2022-03-25T12:47:30Z","tags":["error","opensearch","data"],"pid":1,"message":"[ConnectionError]: Client network socket disconnected before secure TLS connection was established"}

Here is a docker-compose.yml.

version: '3'
services:

  opensearch-node1:
    image: opensearchproject/opensearch:1.3.0
    container_name: opensearch-node1
    environment:
      - cluster.name=opensearch-cluster
      - node.name=opensearch-node1
      - discovery.seed_hosts=opensearch-node1
      - cluster.initial_master_nodes=opensearch-node1
      - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
      - "DISABLE_INSTALL_DEMO_CONFIG=true" # disable demo config see https://opensearch.org/docs/latest/opensearch/install/docker-security/
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
        hard: 65536
    volumes:
      - opensearch-data1:/usr/share/opensearch/data
    ports:
      - 9292:9200
      - 9696:9600 # required for Performance Analyzer
    networks:
      - opensearch-net
  opensearch-dashboards:
    image: opensearchproject/opensearch-dashboards:1.3.0
    container_name: opensearch-dashboards
    ports:
      - 0.0.0.0:5601:5601
    expose:
      - "5601"
    environment:
      OPENSEARCH_HOSTS: '["https://opensearch-node1:9200"]' # must be a string with no spaces when specified as an environment variable
    networks:
      - opensearch-net


volumes:
  opensearch-data1:

networks:
  opensearch-net:

Any more suggestion, would be highly appreciable.

Thanks.

shouldn’t your URL for OPENSEARCH_HOSTS contain only URL using HTTP protocole instead of HTTPS

Thank you @madiot for your response.

I tried with http but no luck. Getting following error message.

I tried with discovery.type= single-node that is also not working.

opensearch-node1         | [2022-03-26T11:51:37,853][WARN ][o.o.c.c.ClusterFormationFailureHelper] [opensearch-node1] master not discovered or elected yet, an election requires a node with id [Kv9ZRsGBR82SydhD8Vjvig], have discovered [{opensearch-node1}{2tur4uhHS0mysuMfqvS4iA}{fS23s-ORSC6Vb2xbEGXp4w}{ipaddress}{Ipaddress:9300}{dimr}{shard_indexing_pressure_enabled=true}] which is not a quorum; discovery will continue using [] from hosts providers and [{opensearch-node1}{2tur4uhHS0mysuMfqvS4iA}{fS23s-ORSC6Vb2xbEGXp4w}{IPAddress}{IP addres:9300}{dimr}{shard_indexing_pressure_enabled=true}] from last-known cluster state; node term 2, last-accepted version 41 in term 2

Any suggestion would be highly appreciable…