#!/bin/bash ################################################## # Docker # # -- privileged # # Mount dir # # - /opt/es/config # # - /opt/es/data # # - /opt/es/logs # # - /opt/es/offline-plugins # # - /opt/es/plugins # # ENV # # - _CONF_* # # - ES_JAVA_OPTS # # - ELASTIC_PASSWORD # # - APM_SYSTEM_PASSWORD # # - KIBANA_SYSTEM_PASSWORD # # - LOGSTASH_SYSTEM_PASSWORD # # - BEATS_SYSTEM_PASSWORD # # - REMOTE_MONITORING_USER_PASSWORD # ################################################## set -euo pipefail export LANG=en_US.UTF-8 trap Quit EXIT PIDS= GOT_SIGTERM= BOOTSTRAP= function Print { local file=/dev/null [ '-f' = "$1" ] && file=$2 && shift && shift date +"[%F %T] $*" | tee -a $file } function Quit { while :; do pkill -f java && Print killing java ... || break sleep 1 done Print Container stopped. test -n "$GOT_SIGTERM" } function Usage { Print 'This container should run with **root user** **privileted** **/opt/es/{config,data,logs,offline-plugins,plugins} mounted from host** **elastic passwords in production** ' } function RestoreConf { if [ -z "$(ls config/)" ]; then Print Restoring default config files and quit ... tar zxf config.tgz exit fi } function ModifyConf { local kv= local conf='config/elasticsearch.yml' Print Modifying $conf ... while read kv; do [ -z "$kv" ] && break sed -i "/^${kv%%=*}: /d" $conf echo "${kv/=/: }" >> $conf done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')" Print Removing path.data and path.log in $conf ... sed -i -e '/^path\.data/d' -e '/^path\.logs/d' $conf if grep -q '^cluster\.initial_master_nodes' $conf; then [ -z "$(ls data/)" -a -n "${ELASTIC_PASSWORD:-}" ] && BOOTSTRAP=1 && return 0 Print Removing cluster.initial_master_nodes in $conf ... sed -i '/^cluster\.initial_master_nodes/d' $conf fi } function InstallPlugin { for f in $(ls -d offline-plugins/*.zip 2>/dev/null); do Print Installing plugins from offline file: $f ... ./bin/elasticsearch-plugin install file://$f mv $f $f.installed done } function ChangeOwner { Print Changing file owner ... chown -R es:es config/ data/ logs/ plugins/ } function ChangeSysConf { Print Changing system conf ... echo 262144 > /proc/sys/vm/max_map_count || Print Not specified "--privileged". } function SetupPassword { local count=0 while Print Try to setup passwords of buildin users ...; do sleep 15 if /opt/es/bin/elasticsearch-setup-passwords interactive &> logs/setup.out <<< "y $ELASTIC_PASSWORD $ELASTIC_PASSWORD ${APM_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${APM_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${KIBANA_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${KIBANA_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${LOGSTASH_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${LOGSTASH_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${BEATS_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${BEATS_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD} ${REMOTE_MONITORING_USER_PASSWORD:-$ELASTIC_PASSWORD} ${REMOTE_MONITORING_USER_PASSWORD:-$ELASTIC_PASSWORD} "; then grep -q '^Changed password for user ' logs/setup.out \ && Print Succeeded to setup passwords of buildin users. \ && return 0 else Print Failed to execute elasticsearch-setup-passwords! fi [ 4 -le $((++count)) ] && Print Failed to setup passwords of buildin users! && exit done } function StartProc { Print Starting elasticsearch ... su - es -c " export ES_JAVA_OPTS='${ES_JAVA_OPTS:-}' /opt/es/bin/elasticsearch -Epath.data=/opt/es/data -Epath.logs=/opt/es/logs " &> /dev/null & PIDS="$PIDS $!" Print Elasticsearch started. [ -z "$BOOTSTRAP" ] || SetupPassword } function Main { local pid= cd /opt/es Usage RestoreConf ModifyConf InstallPlugin ChangeOwner ChangeSysConf StartProc trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM while [ -z "$GOT_SIGTERM" ] && sleep 2; do for pid in $PIDS; do [ ! -e /proc/$pid ] && Print Unexpected error! && exit done done } # Start here Main