-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
148 lines (143 loc) · 7.32 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# For Elasticsearch to store its indexes, we usually need to increase the host machine's mmap count: https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html
# If `sysctl vm.max_map_count` is < 262144, then `sysctl -w vm.max_map_count=262144` and set vm.max_map_count in /etc/sysctl.conf to the same value # elasticsearch(lx) had 16777215
version: '2'
services:
phy-elasticsearch-live:
# container configuration https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
container_name: phy-elasticsearch-live
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.6
environment:
- "cluster.name=isaac-phy-content"
- "network.host=${LOCAL_PHY_ELASTICSEARCH_IP}"
- "discovery.seed_hosts=${REMOTE_PHY_ELASTICSEARCH_IP},${LOCAL_PHY_ELASTICSEARCH_VOTER_IP},${REMOTE_PHY_ELASTICSEARCH_VOTER_IP}" # other master-eligible nodes
- "ES_JAVA_OPTS=-Xms6g -Xmx6g"
- "bootstrap.memory_lock=true" # part of disabling swap
- "node.name=${HOSTNAME}-phy-node"
# ! When starting a brand new Elasticsearch cluster for the first time, un-comment for cluster bootstrap VV
# - "cluster.initial_master_nodes=${HOSTNAME}-phy-node"
- "http.max_content_length=512mb"
- ingest.geoip.downloader.enabled=false
- xpack.security.enabled=true
- ELASTIC_PASSWORD=${PHY_ELASTIC_PASSWORD}
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=certs/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=certs/elastic-certificates.p12
- xpack.security.http.ssl.enabled=false
ulimits:
memlock: -1 # part of disabling swap
nproc: -1 # doc suggestion: at least 4,096 our docker default is unlimited
nofile: 1048576 # doc suggestion: at least 65,536
volumes:
- phy-elasticsearch-content:/usr/share/elasticsearch/data
- /local/data/elasticsearch/certificates:/usr/share/elasticsearch/config/certs
networks:
default:
ipv4_address: "${LOCAL_PHY_ELASTICSEARCH_IP}"
restart: unless-stopped
phy-elasticsearch-voter-live:
# container configuration https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
container_name: phy-elasticsearch-voter-live
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.6
environment:
- "cluster.name=isaac-phy-content"
- "network.host=${LOCAL_PHY_ELASTICSEARCH_VOTER_IP}"
- "discovery.seed_hosts=${LOCAL_PHY_ELASTICSEARCH_IP},${REMOTE_PHY_ELASTICSEARCH_IP},${REMOTE_PHY_ELASTICSEARCH_VOTER_IP}" # other master-eligible nodes
- "ES_JAVA_OPTS=-Xms1g -Xmx1g"
- "bootstrap.memory_lock=true" # part of disabling swap
- "node.name=${HOSTNAME}-phy-voter-node"
- "node.roles=master,voting_only"
- xpack.security.enabled=true
- ELASTIC_PASSWORD=${PHY_ELASTIC_PASSWORD}
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=certs/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=certs/elastic-certificates.p12
- xpack.security.http.ssl.enabled=false
ulimits:
memlock: -1 # part of disabling swap
nproc: 4096 # doc suggestion: at least 4,096
nofile: 65536 # doc suggestion: at least 65,536
volumes:
- /local/data/elasticsearch/certificates:/usr/share/elasticsearch/config/certs
networks:
default:
ipv4_address: "${LOCAL_PHY_ELASTICSEARCH_VOTER_IP}"
restart: unless-stopped
ada-elasticsearch-live:
# container configuration https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
container_name: ada-elasticsearch-live
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.6
environment:
- "cluster.name=isaac-ada-content"
- "network.host=${LOCAL_ADA_ELASTICSEARCH_IP}"
- "discovery.seed_hosts=${REMOTE_ADA_ELASTICSEARCH_IP},${LOCAL_ADA_ELASTICSEARCH_VOTER_IP},${REMOTE_ADA_ELASTICSEARCH_VOTER_IP}" # other master-eligible nodes
- "ES_JAVA_OPTS=-Xms6g -Xmx6g"
- "bootstrap.memory_lock=true" # part of disabling swap
- "node.name=${HOSTNAME}-ada-node"
# ! When starting a brand new Elasticsearch cluster for the first time, un-comment for cluster bootstrap VV
# - "cluster.initial_master_nodes=${HOSTNAME}-ada-node"
- "http.max_content_length=512mb"
- ingest.geoip.downloader.enabled=false
- xpack.security.enabled=true
- ELASTIC_PASSWORD=${ADA_ELASTIC_PASSWORD}
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=certs/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=certs/elastic-certificates.p12
- xpack.security.http.ssl.enabled=false
ulimits:
memlock: -1 # part of disabling swap
nproc: -1 # doc suggestion: at least 4,096 our docker default is unlimited
nofile: 1048576 # doc suggestion: at least 65,536
volumes:
- ada-elasticsearch-content:/usr/share/elasticsearch/data
- /local/data/elasticsearch/certificates:/usr/share/elasticsearch/config/certs
networks:
default:
ipv4_address: "${LOCAL_ADA_ELASTICSEARCH_IP}"
restart: unless-stopped
ada-elasticsearch-voter-live:
# container configuration https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html
container_name: ada-elasticsearch-voter-live
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.6
environment:
- "cluster.name=isaac-ada-content"
- "network.host=${LOCAL_ADA_ELASTICSEARCH_VOTER_IP}"
- "discovery.seed_hosts=${LOCAL_ADA_ELASTICSEARCH_IP},${REMOTE_ADA_ELASTICSEARCH_IP},${REMOTE_ADA_ELASTICSEARCH_VOTER_IP}" # other master-eligible nodes
- "ES_JAVA_OPTS=-Xms1g -Xmx1g"
- "bootstrap.memory_lock=true" # part of disabling swap
- "node.name=${HOSTNAME}-ada-voter-node"
- "node.roles=master,voting_only"
- xpack.security.enabled=true
- ELASTIC_PASSWORD=${ADA_ELASTIC_PASSWORD}
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.client_authentication=required
- xpack.security.transport.ssl.keystore.path=certs/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=certs/elastic-certificates.p12
- xpack.security.http.ssl.enabled=false
ulimits:
memlock: -1 # part of disabling swap
nproc: 4096 # doc suggestion: at least 4,096
nofile: 65536 # doc suggestion: at least 65,536
volumes:
- /local/data/elasticsearch/certificates:/usr/share/elasticsearch/config/certs
networks:
default:
ipv4_address: "${LOCAL_ADA_ELASTICSEARCH_VOTER_IP}"
restart: unless-stopped
volumes:
phy-elasticsearch-content:
external:
name: phy-elasticsearch-content
ada-elasticsearch-content:
external:
name: ada-elasticsearch-content
networks:
default:
external:
name: isaac