docker + elasticsearch:创建日志文件时拒绝访问

时间:2017-05-04 11:37:09

标签: linux elasticsearch docker centos

我试图在docker容器中运行elasticsearch(5.3.0),如下所示:

docker run 
--network=host 
--publish 9203:9200 
--publish 9300:9300 
--env ES_JAVA_OPTS="-Xms4g -Xmx4g" 
--env "bootstrap.memory_lock=true" 
--cap-add=IPC_LOCK 
--ulimit memlock=-1:-1 --ulimit nofile=65536:65536 
--volume /etc/elasticsearch/ip-spotlight.elasticsearch.RR6.yml:/usr/share/elasticsearch/config/elasticsearch.yml 
--volume /usr/ip-spotlight/elasticsearch/RR6:/usr/share/elasticsearch/data 
--volume /var/log/elasticsearch:/usr/share/elasticsearch/logs 
--label app="ip-spotlight" 
--label service="elasticsearch" 
--label func="RR6" 
--name "ip-spotlight.elasticsearch.RR6" 
docker.elastic.co/elasticsearch/elasticsearch:5.3.2

禁用SElinux(为了完全确定):

# getenforce
Disabled

为了完全确定/var/log/elasticsearch的权限:

# ls -salt /var/log/elasticsearch/
total 8
4 drwxrwxrwx.  2 elasticsearch elasticsearch 4096 May  4 15:12 .

# cat /etc/*release*
CentOS Linux release 7.3.1611 (Core) 
Derived from Red Hat Enterprise Linux 7.3 (Source)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.3.1611 (Core) 
CentOS Linux release 7.3.1611 (Core) 
cpe:/o:centos:centos:7

显示的错误消息是:

2017-05-04 13:10:24,621 main ERROR Unable to create file /var/log/elasticsearch/ip-spotlight.elasticsearch.RR6_access.log java.io.IOException: No such file or directory

编辑:手动添加日志文件

# touch /var/log/elasticsearch/ip-spotlight.elasticsearch.RR6_access.log
# chmod 777 /var/log/elasticsearch/ip-spotlight.elasticsearch.RR6_access.log
# docker run --network=host --publish 9203:9200 --publish 9300:9300 --env ES_JAVA_OPTS="-Xms4g -Xmx4g" --env "bootstrap.memory_lock=true" --cap-add=IPC_LOCK --ulimit memlock=-1:-1 --ulimit nofile=65536:65536 --volume /etc/elasticsearch/ip-spotlight.elasticsearch.RR6.yml:/usr/share/elasticsearch/config/elasticsearch.yml --volume /usr/ip-spotlight/elasticsearch/RR6:/usr/share/elasticsearch/data --volume /var/log/elasticsearch:/usr/share/elasticsearch/logs --label app="ip-spotlight" --label service="elasticsearch" --label func="RR6" --name "ip-spotlight.elasticsearch.RR6" docker.elastic.co/elasticsearch/elasticsearch:5.3.2
2017-05-04 13:10:24,621 main ERROR Unable to create file /var/log/elasticsearch/ip-spotlight.elasticsearch.RR6_access.log java.io.IOException: No such file or directory
编辑:官方文件说The container runs Elasticsearch as user elasticsearch using uid:gid 1000:1000. Bind mounted host directories and files, such as custom_elasticsearch.yml above, need to be accessible by this user. 但在服务器上,安装了elasticsearch作为服务,我看到了:

$ id elasticsearch
uid=990(elasticsearch) gid=988(elasticsearch) groups=988(elasticsearch)

请注意,我在所有相关文件和目录中都chmod 777。你能告诉我如何解决这个问题吗?

1 个答案:

答案 0 :(得分:0)

当您执行docker run命令时,您提供的名称为ip-spotlight.elasticsearch.RR6,该名称不在/ var / log / xxx目录下,请确保您具有可访问或有效的日志文件,您可以用于此。

相关问题
最新问题