I am trying to build the Docker image with search guard 36.0.0 on elasticsearch 7.1.1. The Dockerfile looks like this:
# https://github.com/elastic/elasticsearch-docker
FROM docker.elastic.co/elasticsearch/elasticsearch:7.1.1
COPY bin/ bin/
# COPY config/sg/ config/sg/
COPY config/elasticsearch.yml /usr/share/elasticsearch/config/elasticsearch.yml
COPY config/sg/CN=elasticsearch-0.elasticsearch-keystore.jks config/sg/CN=elasticsearch-0.elasticsearch-keystore.jks
COPY config/sg/truststore.jks config/sg/truststore.jks
# Search Guard plugin
RUN elasticsearch-plugin install --batch com.floragunn:search-guard-7:7.1.1-36.0.0 \
&& chmod +x plugins/search-guard-7/tools/*.sh \
&& chown -R elasticsearch config/sg/ \
&& chmod -R go= config/sg/
# sgadmin and other third-party tools require a valid Java home
ENV JAVA_HOME /usr/share/elasticsearch/jdk
EXPOSE 9200 9300
COPY config/sg/CN=sgadmin-keystore.jks plugins/search-guard-7/tools
COPY config/sg/truststore.jks plugins/search-guard-7/tools
COPY config/sg/CN=elasticsearch-0.elasticsearch-keystore.jks plugins/search-guard-7/tools
RUN chmod 755 plugins/search-guard-7/tools/sgadmin.sh \
&& plugins/search-guard-7/tools/sgadmin.sh \
-ts plugins/search-guard-7/tools/truststore.jks \
-tspass eb78abdeb3126eb91afb \
-ks plugins/search-guard-7/tools/CN=sgadmin-keystore.jks \
-kspass 6d889f0039997d6dbdb3 \
-nhnv \
-icl \
-cd plugins/search-guard-7/sgconfig/
it always give me this error when It tries to initialize the search guard
ERR: Seems there is no Elasticsearch running on localhost:9300 - Will exit
I have tried to sleep 10 seconds before the initialization step, I still got the same error.
However, the image is built without the initialization step, and I can ssh into the running container to initialize the search guard.
But I really want to include this step into the Dockerfile. Have no clue how to fix this.