Podman containers wont start after creating podman-compose

Mike_Kirby · January 5, 2024, 6:38pm

Hello Elastic Guru's. I am back with a new and exciting question.

I am in a new project, where I am running a Podman/Docker configuration for my Elastic SIEM. I have the Kibana and Logstash installed and their containers are running so that is good. Where I am now at an impasse deals with the Elasticsearch component.

I have built an Elastic Pod, and created 3 containers inside it that are running Elasticsearch-7.14.1. (it is the version running in our production environment and I am getting as close to that as I can)

I have created a podman-compose.yml as well as a docker-compose.yml file using the information found at the following internet location:

Docker reference

I have left out the ES-JAVA_OPTS line in the compose.yml file. And as Podman and Docker are very similar and Docker was the easier of the two to set up in my environment as it is disconnected from the internet, if followed it word-for-word, with the exception of the container names. My containers are named es1,es2 and es3 leaving out the "0"

The podman-compose.yml file was created in the /var/opt directory and I have tried to use that location for the podman-compose up command as well as just straight up using the podman-compose up. The command fails with the error

Blockquote

podman-compose not found.

Blockquote

I can give any other information requestd, but please if you know of anything that I could be missing or help out in any way, it would be greatly appreciated.

Thank you.

Mike_Kirby · January 8, 2024, 1:32pm

Updating this. I did not install Docker Desktop. Will this be the limiting feature of my 3 Elastic Server container install?

Mike_Kirby · January 10, 2024, 2:55pm

Hello all Elastic SIEM Guru's out here. I am keeping this thread alive hoping that as I keep adding to this a light will come on, either with me or with the hive.

In my docker-compose.yml I have the following configuration for each of my 3 Elasticsearch containers.

version: 1.0
services:
      es1:
      image: docker.elastic.co/elasticsearch/elasticsearch:7.14.1
      container_name: es1
      environment:
           -node.name=es1
          - cluster.name=es-docker-cluster
          -  discovery.seed_hosts=es2,es3
          - cluster.initial_master_nodes=es1,es2,es3
          - booster.memory_lock=true
       ulimits:
           memlock:
                soft: -1
                hard: -1
       volumes:
                - data01:/usr/share/elasticsearch/data
        ports:
                -9200:9200
         networks: 
                - elastic

My question from this is the following:

Does the image line need to be able to connect to a website titled dokcer.elastic.co in order to function? If so, as I am working this in a network that does not have internet access, would I then direct the image: line to a location on the Elasticsearch server with the installation files?

Thank you for your help, it is always appreciated to have a fresh set of eyes on this.

system · February 7, 2024, 2:56pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.