Hi,
I am testing few things with respect to below query which I already raised
Apart for the one above, I observed that we get Permission Denied error, Operation not permitted in certain cases
one such case would be if I
docker exec -it /bin/bash
cat /usr/share/opensearch/plugins/opensearch-security/securityconfig/config.yml
it results in "Permission Denied "error. Even if I try to do chmod it gives me Operation not Permitted error
I dont remember that was the case earlier. anyone have any guess if I am doing anything wrong
I am trying to see if config.yml is updated as per my requirement after the application is spun up, but it does not allow so.
Any permission that I am missing? or should I run the docker-compose in some elevated mode.
I am trying with opensearch 1.3.1 version. and I have run the docker-compose after sudo su
To be precise, I am getting below error when I run docker-compose up command
Exception in thread “main” SettingsException[Failed to load settings from /usr/share/opensearch/config/opensearch.yml]; nested: AccessDeniedException[/usr/share/opensearch/config/opensearch.yml];
I am pushing external files(internal_users, roles, config yaml files) to this location via volume mount.
@pablo ,
here is the sample one. the files are under the user folder and I am running them after sudo su. The linux flavor is RHEL 8
version: ‘3’
services: https://testvmserver.net:
image: <our_artifactory>/opensearchproject/opensearch:1.3.1
container_name: https://testvmserver.net
environment:
- cluster.name=opensearch-cluster
- node.name=https://testvmserver.net
- discovery.seed_hosts=https://testvmserver.net
- cluster.initial_master_nodes=https://testvmserver.net
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- “OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m” # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
hard: 65536
volumes:
- opensearch-data1:/usr/share/opensearch/data
- ./opensearch.yml:/usr/share/opensearch/config/opensearch.yml
- ./config.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/config.yml
- ./roles.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/roles.yml
- ./internal_users.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/internal_users.yml
- ./roles_mapping.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/roles_mapping.yml
opensearch-dashboards:
image: <our_artifactory>/opensearchproject/opensearch-dashboards:1.3.1
container_name: opensearch-dashboards
ports:
- 5601:5601
expose:
- “5601”
environment:
OPENSEARCH_HOSTS: ‘[“https://testvmserver.net:9200”]’ # must be a string with no spaces when specified as an environment variable
volumes:
- ./opensearch_dashboards.yml:/usr/share/opensearch-dashboards/config/opensearch_dashboards.yml
- /etc/pki/tls/certs/ca-bundle.crt:/usr/share/opensearch-dashboards/config/root-ca.pem
networks:
- opensearch-net