如何在docker中以root用户身份运行Elasticsearch 5.2.1

时间:2017-04-19 08:16:42

标签: elasticsearch docker

我正在开发一个使用elasticsearch的Django项目.Django版本是1.9.2,python版本是2.7。我在Docker容器中部署项目,该容器通常以root用户身份运行进程。映像已成功构建,除弹性搜索外,一切正常。我得到了

root@05641a637072:~/arches# elasticsearch-5.2.1/bin/elasticsearch
[2017-04-19T07:37:13,347][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
        at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:125) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:112) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.cli.SettingCommand.execute(SettingCommand.java:54) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:122) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.cli.Command.main(Command.java:88) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:89) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:82) ~[elasticsearch-5.2.1.jar:5.2.1]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
        at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:105) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:203) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) ~[elasticsearch-5.2.1.jar:5.2.1]
        at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:121) ~[elasticsearch-5.2.1.jar:5.2.1]
        ... 6 more
尝试启动ElasticSearch时出现

错误,并且似乎没有办法绕过它。 ElasticSearch无法以root身份运行的原因是什么?在docker容器内部,事物被隔离,根进程被认为是安全的。

1 个答案:

答案 0 :(得分:0)

不建议以root身份运行elasticsearch。对于临时解决方案,您可以通过在下面的行中启用属性 es.insecure.allow.root 来运行。

bin/elasticsearch -Des.insecure.allow.root=true