diff --git a/elk/arm/elasticsearch/Dockerfile b/elk/arm/elasticsearch/Dockerfile new file mode 100644 index 0000000..2500032 --- /dev/null +++ b/elk/arm/elasticsearch/Dockerfile @@ -0,0 +1,42 @@ +# +# Dockerfile for elasticsearch-arm +# + +FROM easypi/alpine-arm:edge +MAINTAINER EasyPi Software Foundation + +ENV ELASTICSEARCH_VERSION 5.0.0 +ENV ELASTICSEARCH_URL https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ELASTICSEARCH_VERSION.tar.gz + +ENV GOSU_VERSION 1.10 +ENV GOSU_URL https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-armhf + +WORKDIR /opt/elasticsearch + +RUN set -xe \ + && apk add --no-cache ca-certificates \ + bash \ + curl \ + openjdk8-jre \ + tar \ + && curl -sSL $ELASTICSEARCH_URL | tar xz --strip 1 \ + && curl -sSL $GOSU_URL > /usr/local/bin/gosu \ + && chmod +x /usr/local/bin/gosu \ + && gosu nobody true \ + && apk del curl tar + +RUN set -xe \ + && addgroup -g 1000 elasticsearch \ + && adduser -D -H -h /opt/elasticsearch -u 1000 -G elasticsearch elasticsearch \ + && mkdir -p data logs config/scripts \ + && chown -R elasticsearch:elasticsearch data logs config + +COPY config ./config +COPY docker-entrypoint.sh /entrypoint.sh + +VOLUME /opt/elasticsearch/data + +EXPOSE 9200 9300 + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["elasticsearch"] diff --git a/elk/arm/elasticsearch/README.md b/elk/arm/elasticsearch/README.md new file mode 100644 index 0000000..5e25d93 --- /dev/null +++ b/elk/arm/elasticsearch/README.md @@ -0,0 +1,18 @@ +elasticsearch +============= + +WARNING: IT DOES NOT WORK ON RASPBERRY PI! + +``` +$ sudo vi /etc/dphys-swapfile +- CONF_SWAPSIZE=100 ++ CONF_SWAPSIZE=2048 + +$ sudo systemctl restart dphys-swapfile.service + +$ docker-compose up -d + +$ docker-compose logs -f +elasticsearch_1 | Error occurred during initialization of VM +elasticsearch_1 | Could not reserve enough space for 2097152KB object heap +``` diff --git a/elk/arm/elasticsearch/config/elasticsearch.yml b/elk/arm/elasticsearch/config/elasticsearch.yml new file mode 100644 index 0000000..dbb5fde --- /dev/null +++ b/elk/arm/elasticsearch/config/elasticsearch.yml @@ -0,0 +1,5 @@ +network.host: 0.0.0.0 +path.data: /opt/elasticsearch/data +path.logs: /opt/elasticsearch/logs +discovery.zen.minimum_master_nodes: 1 +bootstrap.mlockall: false diff --git a/elk/arm/elasticsearch/config/jvm.options b/elk/arm/elasticsearch/config/jvm.options new file mode 100644 index 0000000..e5b64ac --- /dev/null +++ b/elk/arm/elasticsearch/config/jvm.options @@ -0,0 +1,100 @@ +## JVM configuration + +################################################################ +## IMPORTANT: JVM heap size +################################################################ +## +## You should always set the min and max JVM heap +## size to the same value. For example, to set +## the heap to 4 GB, set: +## +## -Xms4g +## -Xmx4g +## +## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html +## for more information +## +################################################################ + +# Xms represents the initial size of total heap space +# Xmx represents the maximum size of total heap space + +-Xms512m +-Xmx512m + +################################################################ +## Expert settings +################################################################ +## +## All settings below this section are considered +## expert settings. Don't tamper with them unless +## you understand what you are doing +## +################################################################ + +## GC configuration +-XX:+UseConcMarkSweepGC +-XX:CMSInitiatingOccupancyFraction=75 +-XX:+UseCMSInitiatingOccupancyOnly + +## optimizations + +# disable calls to System#gc +-XX:+DisableExplicitGC + +# pre-touch memory pages used by the JVM during initialization +-XX:+AlwaysPreTouch + +## basic + +# force the server VM +-server + +# set to headless, just in case +-Djava.awt.headless=true + +# ensure UTF-8 encoding by default (e.g. filenames) +-Dfile.encoding=UTF-8 + +# use our provided JNA always versus the system one +-Djna.nosys=true + +# flags to keep Netty from being unsafe +-Dio.netty.noUnsafe=true +-Dio.netty.noKeySetOptimization=true + +# log4j 2 +-Dlog4j.shutdownHookEnabled=false +-Dlog4j2.disable.jmx=true +-Dlog4j.skipJansi=true + +## heap dumps + +# generate a heap dump when an allocation from the Java heap fails +# heap dumps are created in the working directory of the JVM +-XX:+HeapDumpOnOutOfMemoryError + +# specify an alternative path for heap dumps +# ensure the directory exists and has sufficient space +#-XX:HeapDumpPath=${heap.dump.path} + +## GC logging + +#-XX:+PrintGCDetails +#-XX:+PrintGCTimeStamps +#-XX:+PrintGCDateStamps +#-XX:+PrintClassHistogram +#-XX:+PrintTenuringDistribution +#-XX:+PrintGCApplicationStoppedTime + +# log GC status to a file with time stamps +# ensure the directory exists +#-Xloggc:${loggc} + +# Elasticsearch 5.0.0 will throw an exception on unquoted field names in JSON. +# If documents were already indexed with unquoted fields in a previous version +# of Elasticsearch, some operations may throw errors. +# +# WARNING: This option will be removed in Elasticsearch 6.0.0 and is provided +# only for migration purposes. +#-Delasticsearch.json.allow_unquoted_field_names=true diff --git a/elk/arm/elasticsearch/config/log4j2.properties b/elk/arm/elasticsearch/config/log4j2.properties new file mode 100644 index 0000000..46877d0 --- /dev/null +++ b/elk/arm/elasticsearch/config/log4j2.properties @@ -0,0 +1,9 @@ +status = error + +appender.console.type = Console +appender.console.name = console +appender.console.layout.type = PatternLayout +appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n + +rootLogger.level = info +rootLogger.appenderRef.console.ref = console diff --git a/elk/arm/elasticsearch/docker-compose.yml b/elk/arm/elasticsearch/docker-compose.yml new file mode 100644 index 0000000..01c2458 --- /dev/null +++ b/elk/arm/elasticsearch/docker-compose.yml @@ -0,0 +1,9 @@ +elasticsearch: + image: easypi/elasticsearch-arm + ports: + - '9200:9200' + - '9300:9300' + volumes: + - ./data:/opt/elasticsearch/data + - ./config:/opt/elasticsearch/config + restart: always diff --git a/elk/arm/elasticsearch/docker-entrypoint.sh b/elk/arm/elasticsearch/docker-entrypoint.sh new file mode 100755 index 0000000..019ebc3 --- /dev/null +++ b/elk/arm/elasticsearch/docker-entrypoint.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e + +export PATH=/opt/elasticsearch/bin:$PATH + +# Add elasticsearch as command if needed +if [ "${1:0:1}" = '-' ]; then + set -- elasticsearch "$@" +fi + +# Drop root privileges if we are running elasticsearch +# allow the container to be started with `--user` +if [ "$1" = 'elasticsearch' -a "$(id -u)" = '0' ]; then + # Change the ownership of /opt/elasticsearch/data to elasticsearch + chown -R elasticsearch:elasticsearch /opt/elasticsearch/data + + set -- gosu elasticsearch "$@" + #exec gosu elasticsearch "$BASH_SOURCE" "$@" +fi + +# As argument is not related to elasticsearch, +# then assume that user wants to run his own process, +# for example a `bash` shell to explore this image +exec "$@" diff --git a/hans/README.md b/hans/README.md index 519c530..8fb6b70 100644 --- a/hans/README.md +++ b/hans/README.md @@ -61,6 +61,10 @@ $ ip route change default via 10.1.2.1 # Change Default Route (Method B) $ ip route add 0.0.0.0/1 dev tun0 $ ip route add 128.0.0.0/1 dev tun0 + +# Enable IP Forwarding +$ sysctl -w net.ipv4.ip_forward=1 +$ iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o tun0 -j MASQUERADE ``` [1]: http://code.gerade.org/hans/