Docker deploys es services (including ansj, analysis-ik, analysis-pinyin Chinese word breakers)

1. Create a folder

mkdir es
cd es
mkdir dockerfile #镜像构建目录
mkdir shell 构建镜像、运行容器相关脚本
mkdir volumes 挂载文件所在目录，一般包括日志、配置、持久化数据

2. Prepare the three tokenizers needed to build the image
analysis-ik-7.4.2.zip
analysis-pinyin-7.4.2.zip
elasticsearch-analysis-ansj-7.4.2.0-release.zip

3. Create a Dockerfile

cd  dockerfile
vim Dokcerfile

Add the following content

FROM elasticsearch:7.4.2

#author
MAINTAINER mfw

ENV ES_PLUGINS_PATH /usr/share/elasticsearch/plugins
ENV ES_PLUGINS_IK_PATH /usr/share/elasticsearch/plugins/ik
ENV ES_PLUGINS_PINYIN_PATH /usr/share/elasticsearch/plugins/pinyin
ENV ES_PLUGINS_ANSJ_PATH /usr/share/elasticsearch/plugins/ansj

COPY analysis-ik-7.4.2.zip  /home/
COPY analysis-pinyin-7.4.2.zip  /home/
COPY elasticsearch-analysis-ansj-7.4.2.0-release.zip  /home/
RUN yum -y install unzip  && mkdir -p $ES_PLUGINS_PATH && mkdir -p $ES_PLUGINS_IK_PATH && mv /home/analysis-ik-7.4.2.zip $ES_PLUGINS_IK_PATH && cd $ES_PLUGINS_IK_PATH && unzip *.zip && rm -rf *.zip && mv $ES_PLUGINS_IK_PATH/analysis-ik-7.4.2/* ./ && rm -rf $ES_PLUGINS_IK_PATH/analysis-ik-7.4.2  && mkdir -p $ES_PLUGINS_PINYIN_PATH && mv /home/analysis-pinyin-7.4.2.zip $ES_PLUGINS_PINYIN_PATH && cd $ES_PLUGINS_PINYIN_PATH && unzip *.zip && rm -rf *.zip && mv $ES_PLUGINS_PINYIN_PATH/analysis-pinyin-7.4.2/* ./ && rm -rf $ES_PLUGINS_PINYIN_PATH/analysis-pinyin-7.4.2  && mkdir -p $ES_PLUGINS_ANSJ_PATH && mv /home/elasticsearch-analysis-ansj-7.4.2.0-release.zip $ES_PLUGINS_ANSJ_PATH && cd $ES_PLUGINS_ANSJ_PATH && unzip *.zip && rm -rf *.zip && mv $ES_PLUGINS_ANSJ_PATH/elasticsearch-analysis-ansj-7.4.2.0-release/* ./ && rm -rf $ES_PLUGINS_ANSJ_PATH/elasticsearch-analysis-ansj-7.4.2.0-release  
#镜像内置elasticsearch，不需要创建用户
#&& useradd hd  && chown -R hd:hd $ES_PLUGINS_PATH && chown -R hd:hd  /usr/share/elasticsearch
#使用内置账户
USER elasticsearch

es does not support using the root account to start
4. Create a build mirror script

cd ../shell/
vim build

Add build script

#!/bin/bash
DOCKER_PATH=$PWD/../
sudo docker build -f $DOCKER_PATH/dockerfile/Dockerfile  -t elasticsearch-with-ansj-ik-pinyin:7.4.2 $DOCKER_PATH/dockerfile/

grant execute permission

chmod 755 build

implement

./build

view mirror

sudo docker images

5. Create a container
Create a docker run script

vim run

The content is as follows

#!/bin/sh
DOCKER_PATH=$PWD/../
port=9200
version=7.4.2
imageName=elasticsearch-with-ansj-ik-pinyin
sudo docker run  -d -p ${port}:9200 --name  es  -v /etc/localtime:/etc/localtime -v $DOCKER_PATH/volumes/config/jvm.options:/usr/share/elasticsearch/config/jvm.options -v $DOCKER_PATH/volumes/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml  -v $DOCKER_PATH/volumes/log/:/usr/share/elasticsearch/logs/ -v $DOCKER_PATH/volumes/data/:/usr/share/elasticsearch/data/ --restart=unless-stopped  ${imageName}:${version}  elasticsearch

implement

./run

6. Verify whether the startup is successful.
The browser accesses ip:9200
and the following information appears, which means the startup is successful

There may be permission problems when mounting.
When Linux verifies permissions, it only recognizes uid and gid instead of user name and group name.
For example: there is a folder a on the host machine that needs to be mounted to the container, and the user of the folder in the host machine The name is hd (uid1000) and the group is hd (gid1000).
There is a default user elasticsearch (uid1000) user group elasticsearch (gid1000) in the container
and a user hd (uid1001) user group hd (gid1001) created by me.
Then the host This folder a is mounted inside the container, and the user and group it belongs to are
elasticsearch.
The permission problem is reproduced:
the host user hd (uid1000) group is hd (gid1000) The
default user elasticsearch (uid1000) group in the container is hd (gid1000) )
Add the container user hd (uid1001) group to hd (gid1001) in the Dockerfile and change the es service user and group in the container to the user hd (uid1001) group hd (gid1001). When the host
file is not mounted, the container uses hd (uid1001) group hd (gid1001) has no permission to start es service, but
when the host file is mounted to the container, the host file permission is hd (uid1000) group is hd (gid1000), mapped to the container, according to uid and gid to judge the newness, the mounted file is elasticsearch (uid1000) group hd (gid1000) in the host machine, which will cause the hd (uid1001) group hd (gid1001) user in the mounted file container to have no permission, and the container When the hd user starts the es service, it needs to read the mounted configuration, log and other files, resulting in an error without permission

Some warnings or problems encountered in es service startup
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
Modify the jvm.options configuration file
-XX:+UseConcMarkSweepGC to -XX :+UseG1GC

max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
宿主机

sudo vim /etc/sysctl.conf

additional line

vm.max_map_count=655360

implement

sudo sysctl -p

the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured
修改服务配置

vim /usr/share/elasticsearch/config/elasticsearch.yml

Change to the following

# 设置节点名字
node.name: node-1
# 设置访问端口
http.port: 9200
# 取消注释：保留一个节点
cluster.initial_master_nodes: ["node-1"]

# 远程连接配置
network.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: "*"