Merge pull request #1179 from mozilla/update_es_docker_containers

Update Elasticsearch6 docker container

docker/compose/elasticsearch/Dockerfile

@@ -2,29 +2,24 @@ FROM centos:7
 
 LABEL maintainer="mozdef@mozilla.com"
 
-ENV ES_VERSION 5.6.14
+ENV ES_VERSION 6.6.2
 ENV ES_JAVA_VERSION 1.8.0
 
+
 RUN \
-  useradd -ms /bin/bash -d /opt/mozdef -m mozdef && \
   yum install -y java-$ES_JAVA_VERSION && \
   mkdir -p /opt/mozdef/envs && \
-  curl -s -L https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ES_VERSION.tar.gz  | tar -C /opt/mozdef -xz && \
+  curl -s -L https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ES_VERSION.rpm -o elasticsearch.rpm && \
-  mv /opt/mozdef/elasticsearch-$ES_VERSION /opt/mozdef/envs/elasticsearch && \
+  rpm -i elasticsearch.rpm && \
-  chown -R mozdef:mozdef /opt/mozdef && \
-  mkdir /var/log/elasticsearch && \
-  chown -R mozdef:mozdef /var/log/elasticsearch && \
-  mkdir /var/lib/elasticsearch && \
-  chown -R mozdef:mozdef /var/lib/elasticsearch && \
   yum clean all
 
-COPY docker/compose/elasticsearch/files/elasticsearch.yml /opt/mozdef/envs/elasticsearch/config/
+USER elasticsearch
-COPY docker/compose/elasticsearch/files/jvm.options /opt/mozdef/envs/elasticsearch/config/
 
-WORKDIR /opt/mozdef/envs/elasticsearch
+COPY docker/compose/elasticsearch/files/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml
+COPY docker/compose/elasticsearch/files/jvm.options /etc/elasticsearch/jvm.options
 
 VOLUME /var/lib/elasticsearch
 
-EXPOSE 9200
+WORKDIR /usr/share/elasticsearch
 
-USER mozdef
+EXPOSE 9200

docker/compose/elasticsearch/files/elasticsearch.yml

@@ -1,98 +1,16 @@
-# ======================== Elasticsearch Configuration =========================
-#
-# NOTE: Elasticsearch comes with reasonable defaults for most settings.
-#       Before you set out to tweak and tune the configuration, make sure you
-#       understand what are you trying to accomplish and the consequences.
-#
-# The primary way of configuring a node is via this file. This template lists
-# the most important settings you may want to configure for a production cluster.
-#
-# Please consult the documentation for further information on configuration options:
-# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
-#
-# ---------------------------------- Cluster -----------------------------------
-#
-# Use a descriptive name for your cluster:
-#
-#cluster.name: my-application
-#
-# ------------------------------------ Node ------------------------------------
-#
-# Use a descriptive name for the node:
-#
-#node.name: node-1
-#
-# Add custom attributes to the node:
-#
-#node.attr.rack: r1
-#
-# ----------------------------------- Paths ------------------------------------
-#
-# Path to directory where to store the data (separate multiple locations by comma):
-#
-#path.data: /path/to/data
-#
-# Path to log files:
-#
-#path.logs: /path/to/logs
-#
-# ----------------------------------- Memory -----------------------------------
-#
-# Lock the memory on startup:
-#
-#bootstrap.memory_lock: true
-#
-# Make sure that the heap size is set to about half the memory available
-# on the system and that the owner of the process is allowed to use this
-# limit.
-#
-# Elasticsearch performs poorly when the system is swapping the memory.
-#
-# ---------------------------------- Network -----------------------------------
-#
-# Set the bind address to a specific IP (IPv4 or IPv6):
-#
-#network.host: 192.168.0.1
-#
-# Set a custom port for HTTP:
-#
-#http.port: 9200
-#
-# For more information, consult the network module documentation.
-#
-# --------------------------------- Discovery ----------------------------------
-#
-# Pass an initial list of hosts to perform discovery when new node is started:
-# The default list of hosts is ["127.0.0.1", "[::1]"]
-#
-#discovery.zen.ping.unicast.hosts: ["host1", "host2"]
-#
-# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
-#
-#discovery.zen.minimum_master_nodes: 3
-#
-# For more information, consult the zen discovery module documentation.
-#
-# ---------------------------------- Gateway -----------------------------------
-#
-# Block initial recovery after a full cluster restart until N nodes are started:
-#
-#gateway.recover_after_nodes: 3
-#
-# For more information, consult the gateway module documentation.
-#
-# ---------------------------------- Various -----------------------------------
-#
-# Require explicit names when deleting indices:
-#
-#action.destructive_requires_name: true
-
-
-# Mozdef Custom Settings #
 path.logs: /var/log/elasticsearch
 path.data: /var/lib/elasticsearch
 http.host: 0.0.0.0
 discovery.type: single-node
 action.destructive_requires_name: true
-action.auto_create_index: false
+
-# Mozdef Custom Settings #
+# Disable auto creation unless these indexes
+action.auto_create_index:  .watches,.triggered_watches,.watcher-history-*
+
+# Add these to prevent requiring a user/pass and termination of ES when looking for "ingest" assignments.
+# The watcher directive allows for the deletion of failed watcher indices as they sometimes get created with glitches.
+xpack.security.enabled: false
+xpack.monitoring.exporters.my_local:
+  type: local
+  use_ingest: false
+xpack.watcher.index.rest.direct_access: true