kolla/docker/elasticsearch/Dockerfile.j2

FROM {{ namespace }}/{{ image_prefix }}base:{{ tag }}
MAINTAINER {{ maintainer }}

{% block elasticsearch_header %}{% endblock %}

{% import "macros.j2" as macros with context %}

{{ macros.configure_user(name='elasticsearch', shell='/bin/bash', homedir='/usr/share/elasticsearch') }}

{% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
    {% set elasticsearch_packages = [
        'java-1.7.0-openjdk',
        'elasticsearch'
    ] %}

ENV JAVA_HOME /usr/lib/jvm/jre-1.7.0-openjdk/

{% elif base_distro in ['ubuntu', 'debian'] %}
    {% set elasticsearch_packages = [
       'openjdk-8-jre',
       'elasticsearch'
    ] %}

ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64/

{% endif %}

{{ macros.install_packages(elasticsearch_packages | customizable("packages")) }}
COPY elasticsearch_sudoers /etc/sudoers.d/kolla_elasticsearch_sudoers
COPY extend_start.sh /usr/local/bin/kolla_extend_start

# NOTE: By default the shell of the elasticsearch user is /bin/false. We have to
# change the shell to /bin/bash to be able to run elasticsearch as a non-root user.
#
# https://discuss.elastic.co/t/running-as-non-root-user-service-wrapper-has-changed/7863

RUN chmod 755 /usr/local/bin/kolla_extend_start \
    && chmod 750 /etc/sudoers.d \
    && chmod 440 /etc/sudoers.d/kolla_elasticsearch_sudoers

{% block elasticsearch_footer %}{% endblock %}
{% block footer %}{% endblock %}
{{ include_footer }}

USER elasticsearch