UNCLASSIFIED

Commit f241c78f authored by Al Fontaine's avatar Al Fontaine
Browse files

Merge branch 'development' into 'master'

master: v8.1.2

See merge request !81
parents bfd3c3d2 7f07b903
Pipeline #825034 passed with stages
in 31 minutes and 23 seconds
......@@ -4,15 +4,15 @@
# Beginning of multi stage Dockerfile
################################################################################
################################################################################
# Build stage 0 `builder`:
# Extract Elasticsearch artifact
################################################################################
ARG BASE_REGISTRY=registry1.dso.mil
ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
ARG BASE_TAG=8.5
################################################################################
# Build stage 1 `builder`:
# Extract Elasticsearch artifact
################################################################################
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} AS builder
# `tini` is a tiny but valid init for containers. This is used to cleanly
......@@ -23,7 +23,7 @@ RUN chmod 0555 /bin/tini
RUN mkdir /usr/share/elasticsearch
WORKDIR /usr/share/elasticsearch
COPY elasticsearch-7.17.1-linux-x86_64.tar.gz /tmp/elasticsearch.tar.gz
COPY elasticsearch-8.1.2-linux-x86_64.tar.gz /tmp/elasticsearch.tar.gz
RUN tar -zxf /tmp/elasticsearch.tar.gz --strip-components=1
......@@ -52,9 +52,9 @@ RUN sed -i -e 's/ES_DISTRIBUTION_TYPE=tar/ES_DISTRIBUTION_TYPE=docker/' bin/elas
find config -type f -exec chmod 0664 {} +
################################################################################
# Build stage 1 (the actual Elasticsearch image):
# Build stage 2 (the actual Elasticsearch image):
#
# Copy elasticsearch from stage 0
# Copy elasticsearch from stage 1
# Add entrypoint
################################################################################
......@@ -67,7 +67,6 @@ RUN yum update --setopt=tsflags=nodocs -y && \
RUN groupadd -g 1000 elasticsearch && \
adduser -u 1000 -g 1000 -G 0 -d /usr/share/elasticsearch elasticsearch && \
chmod 0755 /usr/share/elasticsearch && \
chown -R 0:0 /usr/share/elasticsearch
ENV ELASTIC_CONTAINER true
......@@ -105,14 +104,14 @@ EXPOSE 9200 9300
RUN mkdir /licenses && cp LICENSE.txt /licenses/LICENSE
COPY LICENSE /licenses/LICENSE.addendum
USER elasticsearch:root
# Our actual entrypoint is `tini`, a minimal but functional init program. It
# calls the entrypoint we provide, while correctly forwarding signals.
ENTRYPOINT ["/bin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
# Dummy overridable parameter parsed by entrypoint
CMD ["eswrapper"]
USER elasticsearch:root
HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD curl -I -f --max-time 5 http://localhost:9200 || exit 1
################################################################################
......
......@@ -29,9 +29,9 @@ visiting [Elastic Community](https://www.elastic.co/community).
This software is governed by the [Elastic
License](https://github.com/elastic/elasticsearch/blob/7.17/licenses/ELASTIC-LICENSE-2.0.txt),
License](https://github.com/elastic/elasticsearch/blob/8.1/licenses/ELASTIC-LICENSE-2.0.txt),
and includes the full set of [free
features](https://www.elastic.co/subscriptions).
View the detailed release notes
[here](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/es-release-notes.html).
[here](https://www.elastic.co/guide/en/elasticsearch/reference/8.1/es-release-notes.html).
......@@ -11,7 +11,7 @@ labels:
org.opencontainers.image.title: elasticsearch
org.opencontainers.image.url: https://github.com/elastic/elasticsearch
org.opencontainers.image.vendor: Elastic
org.opencontainers.image.version: 7.17.1
org.opencontainers.image.version: 8.1.2
maintainers:
- email: rory.hunter@elastic.co
name: Rory Hunter
......@@ -26,16 +26,16 @@ maintainers:
username: yalabe.dukuly
name: elastic/elasticsearch/elasticsearch
resources:
- filename: elasticsearch-7.17.1-linux-x86_64.tar.gz
url: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.1-linux-x86_64.tar.gz
- filename: elasticsearch-8.1.2-linux-x86_64.tar.gz
url: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.2-linux-x86_64.tar.gz
validation:
type: sha512
value: fe2ec941e98713dc9a9c4e54c411d9b63be066ec2b1ca5ec2873d70dabbde7463bc46b8785d2a82e8fcc007d340b47a2964be1637033609ffdc96756e73c6413
value: 710ec2b7f99de0232d7d99fbb79cbe1d829b33dc5be5a01a8d8831e1f486819615bffb02c4f080399082c0316cd27d9deb09a6233457a25c7d80ddbc80e2d352
- filename: tini
url: https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64
validation:
type: sha256
value: 93dcc18adc78c65a028a84799ecf8ad40c936fdfc5f2a57b1acda5a8117fa82c
tags:
- 7.17.1
- 8.1.2
- latest
......@@ -57,15 +57,15 @@ if [[ -f bin/elasticsearch-users ]]; then
fi
fi
if [[ -n "$ES_LOG_STYLE" ]]; then
case "$ES_LOG_STYLE" in
console)
# This is the default. Nothing to do.
;;
file)
# Overwrite the default config with the stack config
mv /usr/share/elasticsearch/config/log4j2.file.properties /usr/share/elasticsearch/config/log4j2.properties
# Overwrite the default config with the stack config. Do this as a
# copy, not a move, in case the container is restarted.
cp -f /usr/share/elasticsearch/config/log4j2.file.properties /usr/share/elasticsearch/config/log4j2.properties
;;
*)
echo "ERROR: ES_LOG_STYLE set to [$ES_LOG_STYLE]. Expected [console] or [file]" >&2
......@@ -73,6 +73,12 @@ if [[ -n "$ES_LOG_STYLE" ]]; then
esac
fi
if [[ -n "$ENROLLMENT_TOKEN" ]]; then
POSITIONAL_PARAMETERS="--enrollment-token $ENROLLMENT_TOKEN"
else
POSITIONAL_PARAMETERS=""
fi
# Signal forwarding and child reaping is handled by `tini`, which is the
# actual entrypoint of the container
exec /usr/share/elasticsearch/bin/elasticsearch <<<"$KEYSTORE_PASSWORD"
exec /usr/share/elasticsearch/bin/elasticsearch $POSITIONAL_PARAMETERS <<<"$KEYSTORE_PASSWORD"
#!/usr/bin/env bash
set -Eeuo pipefail
# Update "cacerts" bundle to use Ubuntu's CA certificates (and make sure it
# stays up-to-date with changes to Ubuntu's store)
trust extract \
--overwrite \
--format=java-cacerts \
--filter=ca-anchors \
--purpose=server-auth \
/usr/share/elasticsearch/jdk/lib/security/cacerts
......@@ -3,8 +3,8 @@ status = error
######## Server JSON ############################
appender.rolling.type = Console
appender.rolling.name = rolling
appender.rolling.layout.type = ESJsonLayout
appender.rolling.layout.type_name = server
appender.rolling.layout.type = ECSJsonLayout
appender.rolling.layout.dataset = elasticsearch.server
################################################
......@@ -16,16 +16,15 @@ rootLogger.appenderRef.rolling.ref = rolling
######## Deprecation JSON #######################
appender.deprecation_rolling.type = Console
appender.deprecation_rolling.name = deprecation_rolling
appender.deprecation_rolling.layout.type = ESJsonLayout
appender.deprecation_rolling.layout.type_name = deprecation.elasticsearch
appender.deprecation_rolling.layout.esmessagefields=x-opaque-id,key,category,elasticsearch.elastic_product_origin
appender.deprecation_rolling.layout.type = ECSJsonLayout
# Intentionally follows a different pattern to above
appender.deprecation_rolling.layout.dataset = deprecation.elasticsearch
appender.deprecation_rolling.filter.rate_limit.type = RateLimitingFilter
appender.header_warning.type = HeaderWarningAppender
appender.header_warning.name = header_warning
#################################################
#################################################
logger.deprecation.name = org.elasticsearch.deprecation
logger.deprecation.level = WARN
logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling
......@@ -35,9 +34,8 @@ logger.deprecation.additivity = false
######## Search slowlog JSON ####################
appender.index_search_slowlog_rolling.type = Console
appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling
appender.index_search_slowlog_rolling.layout.type = ESJsonLayout
appender.index_search_slowlog_rolling.layout.type_name = index_search_slowlog
appender.index_search_slowlog_rolling.layout.esmessagefields=message,took,took_millis,total_hits,types,stats,search_type,total_shards,source,id
appender.index_search_slowlog_rolling.layout.type = ECSJsonLayout
appender.index_search_slowlog_rolling.layout.dataset = elasticsearch.index_search_slowlog
#################################################
......@@ -50,11 +48,8 @@ logger.index_search_slowlog_rolling.additivity = false
######## Indexing slowlog JSON ##################
appender.index_indexing_slowlog_rolling.type = Console
appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling
appender.index_indexing_slowlog_rolling.layout.type = ESJsonLayout
appender.index_indexing_slowlog_rolling.layout.type_name = index_indexing_slowlog
appender.index_indexing_slowlog_rolling.layout.esmessagefields=message,took,took_millis,doc_type,id,routing,source
#################################################
appender.index_indexing_slowlog_rolling.layout.type = ECSJsonLayout
appender.index_indexing_slowlog_rolling.layout.dataset = elasticsearch.index_indexing_slowlog
#################################################
......@@ -63,12 +58,29 @@ logger.index_indexing_slowlog.level = trace
logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling
logger.index_indexing_slowlog.additivity = false
logger.com_amazonaws.name = com.amazonaws
logger.com_amazonaws.level = warn
logger.com_amazonaws_jmx_SdkMBeanRegistrySupport.name = com.amazonaws.jmx.SdkMBeanRegistrySupport
logger.com_amazonaws_jmx_SdkMBeanRegistrySupport.level = error
logger.com_amazonaws_metrics_AwsSdkMetrics.name = com.amazonaws.metrics.AwsSdkMetrics
logger.com_amazonaws_metrics_AwsSdkMetrics.level = error
logger.com_amazonaws_auth_profile_internal_BasicProfileConfigFileLoader.name = com.amazonaws.auth.profile.internal.BasicProfileConfigFileLoader
logger.com_amazonaws_auth_profile_internal_BasicProfileConfigFileLoader.level = error
logger.com_amazonaws_services_s3_internal_UseArnRegionResolver.name = com.amazonaws.services.s3.internal.UseArnRegionResolver
logger.com_amazonaws_services_s3_internal_UseArnRegionResolver.level = error
appender.audit_rolling.type = Console
appender.audit_rolling.name = audit_rolling
appender.audit_rolling.layout.type = PatternLayout
appender.audit_rolling.layout.pattern = {\
"type":"audit", \
"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss,SSSZ}"\
%varsNotEmpty{, "cluster.name":"%enc{%map{cluster.name}}{JSON}"}\
%varsNotEmpty{, "cluster.uuid":"%enc{%map{cluster.uuid}}{JSON}"}\
%varsNotEmpty{, "node.name":"%enc{%map{node.name}}{JSON}"}\
%varsNotEmpty{, "node.id":"%enc{%map{node.id}}{JSON}"}\
%varsNotEmpty{, "host.name":"%enc{%map{host.name}}{JSON}"}\
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment