colben/docker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
colben
2022-04-18 11:21:20 +08:00
commit 45a7af638f
210 changed files with 8997 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

157
elasticsearch7/ADD/ccmd Executable file
View File

@@ -0,0 +1,157 @@
#!/bin/bash
##################################################
# Docker #
# -- privileged #
# Mount dir #
# - /opt/es/config #
# - /opt/es/data #
# - /opt/es/logs #
# - /opt/es/offline-plugins #
# - /opt/es/plugins #
# ENV #
# - _CONF_* #
# - ES_JAVA_OPTS #
# - ELASTIC_PASSWORD #
# - APM_SYSTEM_PASSWORD #
# - KIBANA_SYSTEM_PASSWORD #
# - LOGSTASH_SYSTEM_PASSWORD #
# - BEATS_SYSTEM_PASSWORD #
# - REMOTE_MONITORING_USER_PASSWORD #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
BOOTSTRAP=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**privileted**
**/opt/es/{config,data,logs,offline-plugins,plugins} mounted from host**
**elastic passwords in production**
'
}
function RestoreConf {
if [ -z "$(ls config/)" ]; then
Print Restore default config files and quit ...
tar zxf config.tgz
exit
fi
}
function ModifyConf {
local kv=
local conf='config/elasticsearch.yml'
Print Modify $conf ...
while read kv; do
[ -z "$kv" ] && break
sed -i "/^${kv%%=*}: /d" $conf
echo "${kv/=/: }" >> $conf
done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')"
Print Remove path.data and path.log in $conf ...
sed -i -e '/^path\.data/d' -e '/^path\.logs/d' $conf
if grep -q '^cluster\.initial_master_nodes' $conf; then
[ -z "$(ls data/)" -a -n "${ELASTIC_PASSWORD:-}" ] && BOOTSTRAP=1 && return 0
Print Remove cluster.initial_master_nodes in $conf ...
sed -i '/^cluster\.initial_master_nodes/d' $conf
fi
}
function InstallPlugin {
for f in $(ls -d offline-plugins/*.zip 2>/dev/null); do
Print Install plugins from offline file: $f ...
./bin/elasticsearch-plugin install file://$f
mv $f $f.installed
done
}
function ChangeOwner {
Print Change file owner ...
chown -R es.es config/ data/ logs/ plugins/
}
function ChangeSysConf {
Print Change system conf ...
echo 262144 > /proc/sys/vm/max_map_count || Print Not specified "--privileged".
}
function SetupPassword {
local count=0
while Print Try to setup passwords of buildin users ...; do
sleep 15
if /opt/es/bin/elasticsearch-setup-passwords interactive &> logs/setup.out <<< "y
$ELASTIC_PASSWORD
$ELASTIC_PASSWORD
${APM_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${APM_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${KIBANA_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${KIBANA_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${LOGSTASH_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${LOGSTASH_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${BEATS_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${BEATS_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${REMOTE_MONITORING_USER_PASSWORD:-$ELASTIC_PASSWORD}
${REMOTE_MONITORING_USER_PASSWORD:-$ELASTIC_PASSWORD}
"; then
grep -q '^Changed password for user ' logs/setup.out \
&& Print Succeeded to setup passwords of buildin users. \
&& return 0
else
Print Failed to execute elasticsearch-setup-passwords!
fi
[ 4 -le $((++count)) ] && Print Failed to setup passwords of buildin users! && exit
done
}
function StartProc {
Print Start elasticsearch ...
su - es -c "
export ES_JAVA_OPTS='${ES_JAVA_OPTS:-}'
/opt/es/bin/elasticsearch -Epath.data=/opt/es/data -Epath.logs=/opt/es/logs
" &> /dev/null &
PIDS="$PIDS $!"
[ -n "$BOOTSTRAP" ] && SetupPassword
}
function Main {
local pid=
cd /opt/es
Usage
RestoreConf
ModifyConf
InstallPlugin
ChangeOwner
ChangeSysConf
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

18
elasticsearch7/Demo/MultiRoles/README.md Normal file
View File

@@ -0,0 +1,18 @@
# 部署多角色 es 集群
- 部署集群,有两个 master 节点和三个 data 节点
- 每个节点的 127.0.1.x 用于 http 请求
- 每个节点的 127.0.3.x 用于节点间通信
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

229
elasticsearch7/Demo/MultiRoles/docker-compose.yml Normal file
View File

@@ -0,0 +1,229 @@
version: "3.7"
services:
es-master1:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-master1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-master1
_CONF_node.roles: '[master]'
_CONF_http.host: 127.0.1.1
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.1
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_cluster.initial_master_nodes: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-master1/config
target: /opt/es/config
- type: bind
source: ./es-master1/data
target: /opt/es/data
- type: bind
source: ./es-master1/logs
target: /opt/es/logs
- type: bind
source: ./es-master1/plugins
target: /opt/es/plugins
- type: bind
source: ./es-master1/offline-plugins
target: /opt/es/offline-plugins
es-master2:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-master2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-master2
_CONF_node.roles: '[master]'
_CONF_http.host: 127.0.1.2
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.2
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-master2/config
target: /opt/es/config
- type: bind
source: ./es-master2/data
target: /opt/es/data
- type: bind
source: ./es-master2/logs
target: /opt/es/logs
- type: bind
source: ./es-master2/plugins
target: /opt/es/plugins
- type: bind
source: ./es-master2/offline-plugins
target: /opt/es/offline-plugins
es-data1:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-data1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-data1
_CONF_node.roles: '[data]'
_CONF_http.host: 127.0.1.3
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.3
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-data1/config
target: /opt/es/config
- type: bind
source: ./es-data1/data
target: /opt/es/data
- type: bind
source: ./es-data1/logs
target: /opt/es/logs
- type: bind
source: ./es-data1/plugins
target: /opt/es/plugins
- type: bind
source: ./es-data1/offline-plugins
target: /opt/es/offline-plugins
es-data2:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-data2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-data2
_CONF_node.roles: '[data]'
_CONF_http.host: 127.0.1.4
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.4
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-data2/config
target: /opt/es/config
- type: bind
source: ./es-data2/data
target: /opt/es/data
- type: bind
source: ./es-data2/logs
target: /opt/es/logs
- type: bind
source: ./es-data2/plugins
target: /opt/es/plugins
- type: bind
source: ./es-data2/offline-plugins
target: /opt/es/offline-plugins
es-data3:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-data3
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-data3
_CONF_node.roles: '[data]'
_CONF_http.host: 127.0.1.5
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.5
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-data3/config
target: /opt/es/config
- type: bind
source: ./es-data3/data
target: /opt/es/data
- type: bind
source: ./es-data3/logs
target: /opt/es/logs
- type: bind
source: ./es-data3/plugins
target: /opt/es/plugins
- type: bind
source: ./es-data3/offline-plugins
target: /opt/es/offline-plugins

15
elasticsearch7/Demo/SingleNode/README.md Normal file
View File

@@ -0,0 +1,15 @@
# 部署单节点 es
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

35
elasticsearch7/Demo/SingleNode/docker-compose.yml Normal file
View File

@@ -0,0 +1,35 @@
version: "3.7"
services:
es:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
_CONF_network.host: 127.0.0.1
_CONF_http.port: 9200
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.0.1]'
_CONF_discovery.type: single-node
_CONF_xpack.security.enabled: "true"
network_mode: host
volumes:
- type: bind
source: ./es/config
target: /opt/es/config
- type: bind
source: ./es/data
target: /opt/es/data
- type: bind
source: ./es/logs
target: /opt/es/logs
- type: bind
source: ./es/plugins
target: /opt/es/plugins
- type: bind
source: ./es/offline-plugins
target: /opt/es/offline-plugins

18
elasticsearch7/Demo/ThreeNodes/README.md Normal file
View File

@@ -0,0 +1,18 @@
# 部署三节点 es 集群
- 部署集群,有三个节点,每个节点有三个 ip
- 每个节点的 127.0.1.x 和 127.0.2.x 用于 http 请求
- 每个节点的 127.0.3.x 用于节点间通信
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

136
elasticsearch7/Demo/ThreeNodes/docker-compose.yml Normal file
View File

@@ -0,0 +1,136 @@
version: "3.7"
services:
es1:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es1
_CONF_http.host: '[127.0.1.1,127.0.2.1]'
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.1
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_cluster.initial_master_nodes: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 3
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 3
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es1/config
target: /opt/es/config
- type: bind
source: ./es1/data
target: /opt/es/data
- type: bind
source: ./es1/logs
target: /opt/es/logs
- type: bind
source: ./es1/plugins
target: /opt/es/plugins
- type: bind
source: ./es1/offline-plugins
target: /opt/es/offline-plugins
es2:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es2
_CONF_http.host: '[127.0.1.2,127.0.2.2]'
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.2
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 3
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 3
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es2/config
target: /opt/es/config
- type: bind
source: ./es2/data
target: /opt/es/data
- type: bind
source: ./es2/logs
target: /opt/es/logs
- type: bind
source: ./es2/plugins
target: /opt/es/plugins
- type: bind
source: ./es2/offline-plugins
target: /opt/es/offline-plugins
es3:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es3
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es3
_CONF_http.host: '[127.0.1.3,127.0.2.3]'
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.3
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 3
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 3
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es3/config
target: /opt/es/config
- type: bind
source: ./es3/data
target: /opt/es/data
- type: bind
source: ./es3/logs
target: /opt/es/logs
- type: bind
source: ./es3/plugins
target: /opt/es/plugins
- type: bind
source: ./es3/offline-plugins
target: /opt/es/offline-plugins

7
elasticsearch7/Dockerfile Normal file
View File

@@ -0,0 +1,7 @@
ARG ARCH
FROM harbor.colben.cn/general/photon$ARCH
MAINTAINER Colben colbenlee@gmail.com
RUN useradd -s /bin/bash -Um -u 1011 es
ADD --chown=es /ADD/ /opt/
CMD ["/opt/ccmd"]

29
elasticsearch7/README.md Normal file
View File

@@ -0,0 +1,29 @@
# 构建 elasticsearch7 镜像
## 导入文件
- [下载 elasticsearch-$VERSION.tar.gz](https://www.elastic.co/cn/downloads/elasticsearch)
## 定制
- 创建日志目录和插件目录
- 使用 es 自带的 jdk 包
- 修改 jdk 安全策略
- 在启动参数中指定数据目录和日志目录,覆盖配置文件
- docker 参数: --privileged
## 外挂目录和文件
- /opt/es/config: es 配置目录
- /opt/es/data: es 数据目录
- /opt/es/logs: es 日志目录
- /opt/es/plugins: es 插件目录
- /opt/es/offline-plugins: es 离线插件目录,把离线插件文件(xxxx.zip)放在该目录下,重启容器后可以自动安装
## 引入环境变量
- ES_JAVA_OPTS: jdk 配置
- ELASTIC_PASSWORD: elastic 用户的密码
- \_CONF\_\*: es 配置
## 案例
- [Demo/SingleNode/](Demo/SingleNode/)部署单节点
- [Demo/MultiNodes/](Demo/MultiNodes/)部署三节点 es 集群
- [Demo/MultiRoles/](Demo/MultiRoles/)部署多角色 es 集群

122
elasticsearch7/elasticsearch.sh Executable file
View File

@@ -0,0 +1,122 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION="7.${1#7.}"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:$VERSION"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing es $VERSION ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/elasticsearch-$VERSION-linux${ARCH:--x86_64}.tar.gz -C .
mv elasticsearch-$VERSION es
cd es
sed -i '/^}/ipermission java.net.SocketPermission "*:*","accept,connect,resolve";' jdk/conf/security/java.policy
mkdir data offline-plugins
unset JAVA_HOME
./bin/elasticsearch-certutil ca -s \
--days 3650 \
--pass 'Pass_1234' \
<<< "$(echo)"
./bin/elasticsearch-certutil cert -s \
--ca elastic-stack-ca.p12 \
--ca-pass 'Pass_1234' \
--days 3650 \
--pass 'Pass_1234' \
<<< "$(echo)"
mv *.p12 config/
./bin/elasticsearch-keystore create -s
./bin/elasticsearch-keystore add -s \
xpack.security.transport.ssl.keystore.secure_password \
<<< 'Pass_1234'
./bin/elasticsearch-keystore add -s \
xpack.security.transport.ssl.truststore.secure_password \
<<< 'Pass_1234'
sed -i \
-e '/^#http\.port: /i#http.host: []' \
-e '/^#http\.port: /a#transport.host: []' \
-e '/^#http\.port: /a#transport.port: 9300' \
-e '/^#discovery\.seed_hosts: /a#discovery.type: single-node' \
config/elasticsearch.yml
echo '#
# ---------------------------------- Security ----------------------------------
#
#xpack.security.enabled: true
#xpack.security.transport.ssl.enabled: true
#xpack.security.transport.ssl.verification_mode: certificate
#xpack.security.transport.ssl.client_authentication: required
#xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
#xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
#
# ---------------------------------- Gateway -----------------------------------
#
#gateway.expected_master_nodes: 3
#gateway.expected_data_nodes: 3
#gateway.recover_after_master_nodes: 3
#gateway.recover_after_data_nodes: 3
#
# ---------------------------------- Custom ------------------------------------
#
' >> config/elasticsearch.yml
tar zcf config.tgz config
rm -rf config/*
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main