-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
Copy pathrun-elasticsearch.sh
executable file
·135 lines (122 loc) · 4.9 KB
/
run-elasticsearch.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/usr/bin/env bash
#
# Launch one or more Elasticsearch nodes via the Docker image,
# to form a cluster suitable for running the REST API tests.
#
# Export the STACK_VERSION variable, eg. '8.0.0-SNAPSHOT'.
# Export the TEST_SUITE variable, eg. 'free' or 'platinum' defaults to 'free'.
# Export the NUMBER_OF_NODES variable to start more than 1 node
# Version 1.4.0
# - Initial version of the run-elasticsearch.sh script
# - Deleting the volume should not dependent on the container still running
# - Fixed `ES_JAVA_OPTS` config
# - Moved to STACK_VERSION and TEST_VERSION
# - Refactored into functions and imports
# - Support NUMBER_OF_NODES
# - Added 5 retries on docker pull for fixing transient network errors
# - Added flags to make local CCR configurations work
# - Added action.destructive_requires_name=false as the default will be true in v8
# - Added ingest.geoip.downloader.enabled=false as it causes false positives in testing
# Version 1.2.0
# - Added action.destructive_requires_name=false as the default will be true in v8
# Version 1.4.0
# - Added ingest.geoip.downloader.enabled=false as it causes false positives in testing
# Version 1.5.0
# - Moved ELASTIC_PASSWORD to the base arguments for "Security On by default"
script_path=$(dirname $(realpath -s $0))
source $script_path/functions/imports.sh
set -euo pipefail
echo -e "\033[34;1mINFO:\033[0m Take down node if called twice with the same arguments (DETACH=true) or on seperate terminals \033[0m"
cleanup_node $es_node_name
master_node_name=${es_node_name}
cluster_name=${moniker}${suffix}
BUILDKITE=${BUILDKITE-false}
# Set vm.max_map_count kernel setting to 262144 if we're in CI
if [[ "$BUILDKITE" == "true" ]]; then
sudo sysctl -w vm.max_map_count=262144
fi
declare -a volumes
environment=($(cat <<-END
--env ELASTIC_PASSWORD=$elastic_password
--env node.name=$es_node_name
--env cluster.name=$cluster_name
--env cluster.initial_master_nodes=$master_node_name
--env discovery.seed_hosts=$master_node_name
--env cluster.routing.allocation.disk.threshold_enabled=false
--env bootstrap.memory_lock=true
--env node.attr.testattr=test
--env path.repo=/tmp
--env repositories.url.allowed_urls=http://snapshot.test*
--env ingest.geoip.downloader.enabled=false
--env cluster.deprecation_indexing.enabled=false
END
))
if [[ "$TEST_SUITE" == "platinum" ]]; then
environment+=($(cat <<-END
--env xpack.license.self_generated.type=trial
--env xpack.security.enabled=true
--env xpack.security.http.ssl.enabled=true
--env xpack.security.http.ssl.verification_mode=certificate
--env xpack.security.http.ssl.key=certs/testnode.key
--env xpack.security.http.ssl.certificate=certs/testnode.crt
--env xpack.security.http.ssl.certificate_authorities=certs/ca.crt
--env xpack.security.transport.ssl.enabled=true
--env xpack.security.transport.ssl.key=certs/testnode.key
--env xpack.security.transport.ssl.certificate=certs/testnode.crt
--env xpack.security.transport.ssl.certificate_authorities=certs/ca.crt
END
))
volumes+=($(cat <<-END
--volume $ssl_cert:/usr/share/elasticsearch/config/certs/testnode.crt
--volume $ssl_key:/usr/share/elasticsearch/config/certs/testnode.key
--volume $ssl_ca:/usr/share/elasticsearch/config/certs/ca.crt
END
))
fi
cert_validation_flags=""
if [[ "$TEST_SUITE" == "platinum" ]]; then
cert_validation_flags="--insecure --cacert /usr/share/elasticsearch/config/certs/ca.crt --resolve ${es_node_name}:443:127.0.0.1"
fi
NUMBER_OF_NODES=${NUMBER_OF_NODES-1}
http_port=9200
for (( i=0; i<$NUMBER_OF_NODES; i++, http_port++ )); do
node_name=${es_node_name}$i
node_url=${external_elasticsearch_url/9200/${http_port}}$i
if [[ "$i" == "0" ]]; then node_name=$es_node_name; fi
environment+=($(cat <<-END
--env node.name=$node_name
END
))
echo "$i: $http_port $node_url "
volume_name=${node_name}-${suffix}-data
volumes+=($(cat <<-END
--volume $volume_name:/usr/share/elasticsearch/data${i}
END
))
echo "--- :elasticsearch: Running container"
# make sure we detach for all but the last node if DETACH=false (default) so all nodes are started
local_detach="true"
if [[ "$i" == "$((NUMBER_OF_NODES-1))" ]]; then local_detach=$DETACH; fi
echo -e "\033[34;1mINFO:\033[0m Starting container $node_name \033[0m"
set -x
docker run \
--name "$node_name" \
--network "$network_name" \
--env "ES_JAVA_OPTS=-Xms1g -Xmx1g" \
"${environment[@]}" \
"${volumes[@]}" \
--publish "$http_port":9200 \
--ulimit nofile=65536:65536 \
--ulimit memlock=-1:-1 \
--detach="$local_detach" \
--health-cmd="curl $cert_validation_flags --fail $elasticsearch_url/_cluster/health || exit 1" \
--health-interval=2s \
--health-retries=20 \
--health-timeout=2s \
--rm \
docker.elastic.co/elasticsearch/"$elasticsearch_container";
set +x
if wait_for_container "$es_node_name" "$network_name"; then
echo -e "\033[32;1mSUCCESS:\033[0m Running on: $node_url\033[0m"
fi
done