Created
August 6, 2018 14:43
-
-
Save jungbin-kim/8a3c925e7283dd3e572d9571eec16f5b to your computer and use it in GitHub Desktop.
ubuntu 14.04 에 elasticsearch 5.x version 설치하는 Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM mcpayment/ubuntu1404-java8 | |
MAINTAINER mail@jungbin.kim | |
# repository index 업데이트 | |
RUN apt-get -y -qq update | |
RUN wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - | |
# Installing from the APT repository | |
RUN apt-get -y -qq install apt-transport-https | |
RUN echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-5.x.list | |
RUN apt-get -y -qq update && \ | |
apt-get -y -qq install elasticsearch | |
# Install x-pack & Set super user(as admin) | |
WORKDIR /usr/share/elasticsearch | |
RUN bin/elasticsearch-plugin install x-pack --batch && \ | |
bin/x-pack/users useradd admin_user -p testPassword -r superuser | |
# config 파일 소스 | |
COPY elasticsearch.yml /etc/elasticsearch/ | |
COPY roles.yml /etc/elasticsearch/x-pack/ | |
# 나중에 내부 테스트를 위함 | |
# curl 설치 | |
RUN apt-get -y -qq install curl | |
# vi option 추가 | |
RUN echo "set autoindent \nset number \nset bs=2 \nset nocp" >> ~/.exrc | |
# 도커 컨테이너가 실행되었을 때 요청을 기다리고 있는(Listen) 포트를 지정 | |
EXPOSE 9200 | |
# 도커 컨테이너가 실행되었을 때 실행되는 명령어를 정의 | |
CMD service elasticsearch start && bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Set the bind address to a specific IP (IPv4 or IPv6): | |
# 192.168.1.10 과 같은 ip에 접근하기 위함 | |
network.host: 0.0.0.0 | |
# create an anoynomous user to allow interaction without auth | |
xpack.security.authc: | |
# 임의의 유저(유저 이름 anonymous)에 viewer라는 role을 줌. | |
# (x-pack/roles.yml에서 viewer는 read만 가능하게 설정) | |
# https://www.elastic.co/guide/en/elasticsearch/reference/5.6/security-settings.html#anonymous-access-settings | |
anonymous: | |
username: anonymous | |
roles: viewer | |
# Disable default user 'elastic' | |
# https://www.elastic.co/guide/en/elasticsearch/reference/5.6/security-settings.html#password-security-settings | |
accept_default_password: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The default roles file is empty as the preferred method of defining roles is | |
# through the API/UI. File based roles are useful in error scenarios when the | |
# API based roles may not be available. | |
viewer: | |
run_as: [ 'anonymous' ] # 적용될 유저 이름 여기서는 인증 받지 않은 임의의 유저 | |
cluster: [ "monitor" ] # 적용될 cluster들 | |
indices: | |
- names: [ '*' ] # 허용 index를 패턴을 포함하여 정의 한다. | |
privileges: [ 'read' ] # 권한은 read만 부여한다. | |
query: '{"match_all": {}}' # 권한으로 열어줄 문서 목록을 쿼리로 정의한다. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment