Docker image: docker.elastic.co/elasticsearch/elasticsearch:6.0.0
Operating system: (docker info and docker inspect of a running container) https://gist.github.com/xrl/0f84c5f44d201b518ae52baafc00a513
My kubernetes statefulset: https://gist.github.com/xrl/0f84c5f44d201b518ae52baafc00a513#file-es-deployment-yml
Bug Description
I want to use the -Ebootstrap.memory_lock=true flag to get memory lock but my boot shows:
root $ docker-entrypoint.sh bin/elasticsearch -Ecluster.name=logs -Enode.master=true -Enode.data=true -Ebootstrap.memory_lock=true -Ediscovery.zen.minimum_master_nodes=1
[2017-11-22T01:17:35,816][WARN ][o.e.b.JNANatives ] Unable to lock JVM Memory: error=12, reason=Cannot allocate memory
[2017-11-22T01:17:35,817][WARN ][o.e.b.JNANatives ] This can result in part of the JVM being swapped out.
[2017-11-22T01:17:35,817][WARN ][o.e.b.JNANatives ] Increase RLIMIT_MEMLOCK, soft limit: 65536, hard limit: 65536
[2017-11-22T01:17:35,817][WARN ][o.e.b.JNANatives ] These can be adjusted by modifying /etc/security/limits.conf, for example:
# allow user 'elasticsearch' mlockall
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited
[[[ SNIP ]]]
ERROR: [1] bootstrap checks failed
[1]: memory locking requested for elasticsearch process but memory is not locked
The container does have the security.conf setup:
[root@es-logs-0 elasticsearch]# cat /etc/security/limits.conf | grep elastic
elasticsearch - nofile 65536
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited
elasticsearch soft nproc 16385
elasticsearch hard nproc 16385
I have a ES 5.6 cluster running with memory_lock turned on, and I have confirmed with the cluster it has the lock. What has changed between the docker library ES 5.6 and the elastic official ES 6 images?