Update Dockerfile

c3s4rfred · c3s4rfred · commit f248ae248fcb · 2025-03-07T23:00:26.000+02:00
Updating opensearch dockerfile
diff --git a/etc/opensearch/2.x/Dockerfile b/etc/opensearch/2.x/Dockerfile
@@ -12,100 +12,37 @@
 
 
 ########################### Stage 0 ########################
-FROM amazonlinux:2 AS linux_stage_0
+FROM opensearchproject/opensearch:latest
 
-ARG UID=1000
-ARG GID=1000
-ARG TEMP_DIR=/tmp/opensearch
-ARG OPENSEARCH_HOME=/usr/share/opensearch
-ARG OPENSEARCH_PATH_CONF=$OPENSEARCH_HOME/config
-ARG SECURITY_PLUGIN_DIR=$OPENSEARCH_HOME/plugins/opensearch-security
-ARG PERFORMANCE_ANALYZER_PLUGIN_CONFIG_DIR=$OPENSEARCH_PATH_CONF/opensearch-performance-analyzer
-ARG OS_VERSION=2.5.0
-# Update packages
-# Install the tools we need: tar and gzip to unpack the OpenSearch tarball, and shadow-utils to give us `groupadd` and `useradd`.
-# Install which to allow running of securityadmin.sh
-RUN yum update -y && yum install -y tar gzip shadow-utils which && yum clean all
+# Set the working directory
+WORKDIR /usr/share/opensearch/
 
-# Create an opensearch user, group, and directory
-RUN groupadd -g $GID opensearch && \
-    adduser -u $UID -g $GID -d $OPENSEARCH_HOME opensearch && \
-    mkdir $TEMP_DIR
+# Create the .utm_geoip folder inside the image
+RUN mkdir -p /usr/share/opensearch/.utm_geoip 
 
-RUN mkdir /usr/share/elasticsearch
-WORKDIR /usr/share/elasticsearch
+# Switch to root user to execute commands with permissions
+USER root
 
-RUN set -eux ; \
-    cur_arch="" ; \
-    case "$(arch)" in \
-        aarch64) cur_arch='arm64' ;; \
-        x86_64)  cur_arch='x64' ;; \
-        *) echo >&2 ; echo >&2 "Unsupported architecture $(arch)" ; echo >&2 ; exit 1 ;; \
-    esac ; \
-    curl --retry 10 -S -L --output $TEMP_DIR/opensearch.tar.gz https://artifacts.opensearch.org/releases/bundle/opensearch/$OS_VERSION/opensearch-$OS_VERSION-linux-$cur_arch.tar.gz; \
-    curl --output $TEMP_DIR/opensearch.pgp https://artifacts.opensearch.org/publickeys/opensearch.pgp; \
-    gpg --import $TEMP_DIR/opensearch.pgp; \
-    curl --output $TEMP_DIR/opensearch.tar.gz.sig https://artifacts.opensearch.org/releases/bundle/opensearch/$OS_VERSION/opensearch-$OS_VERSION-linux-$cur_arch.tar.gz.sig; \
-    gpg --verify $TEMP_DIR/opensearch.tar.gz.sig $TEMP_DIR/opensearch.tar.gz;
+# Download the utm-geoip.tar.xz file and extract it
+RUN yum update -y && \
+    yum install -y xz wget && \
+    wget -O /tmp/utm-geoip.tar.xz https://cdn.utmstack.com/geoip/utm-geoip.tar.xz && \
+    tar -xJf /tmp/utm-geoip.tar.xz -C /usr/share/opensearch/.utm_geoip && \
+    rm /tmp/utm-geoip.tar.xz && \
+    yum remove -y xz wget && \
+    yum clean all && \
+    rm -rf /var/cache/yum && \
+    rm -rf /usr/share/man /usr/share/doc /usr/share/info /tmp/* /var/tmp/*
 
-RUN tar --warning=no-timestamp -zxf $TEMP_DIR/opensearch.tar.gz -C $OPENSEARCH_HOME --strip-components=1 && \
-    mkdir -p $OPENSEARCH_HOME/data && chown -Rv $UID:$GID $OPENSEARCH_HOME/data && \
-    if [[ -d $SECURITY_PLUGIN_DIR ]] ; then chmod -v 750 $SECURITY_PLUGIN_DIR/tools/* ; fi && \
-    rm -rf $TEMP_DIR
+# Assign permissions and ownership to the extracted folder
+RUN chmod -R 777 /usr/share/opensearch/.utm_geoip && \
+    chown -R opensearch:opensearch /usr/share/opensearch/.utm_geoip
 
-COPY config/* $OPENSEARCH_PATH_CONF/
-COPY bin/* $OPENSEARCH_HOME/
-RUN if [[ -d $PERFORMANCE_ANALYZER_PLUGIN_CONFIG_DIR ]] ; then mv $OPENSEARCH_PATH_CONF/performance-analyzer.properties $PERFORMANCE_ANALYZER_PLUGIN_CONFIG_DIR/ ; fi
-########################### Stage 1 ########################
-# Copy working directory to the actual release docker images
-FROM amazonlinux:2
+# Restore OpenSearch user
+USER opensearch
 
-ARG UID=1000
-ARG GID=1000
-ARG OPENSEARCH_HOME=/usr/share/opensearch
-ARG OS_VERSION=2.5.0
+# Expose default OpenSearch ports
+EXPOSE 9200 9600
 
-RUN yum update -y && yum install -y tar gzip shadow-utils which && yum clean all
-
-# Create an opensearch user, group
-RUN groupadd -g $GID opensearch && \
-    adduser -u $UID -g $GID -d $OPENSEARCH_HOME opensearch
-
-# Copy from Stage0
-COPY --from=linux_stage_0 --chown=$UID:$GID $OPENSEARCH_HOME $OPENSEARCH_HOME
-WORKDIR $OPENSEARCH_HOME
-
-# Set $JAVA_HOME
-RUN echo "export JAVA_HOME=$OPENSEARCH_HOME/jdk" >> /etc/profile.d/java_home.sh && \
-    echo "export PATH=\$PATH:\$JAVA_HOME/bin" >> /etc/profile.d/java_home.sh
-ENV JAVA_HOME=$OPENSEARCH_HOME/jdk
-ENV PATH=$PATH:$JAVA_HOME/bin:$OPENSEARCH_HOME/bin
-
-# Add k-NN lib directory to library loading path variable
-ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$OPENSEARCH_HOME/plugins/opensearch-knn/lib"
-
-# Change user
-USER $UID
-
-
-# Setup OpenSearch
-# Disable security demo installation during image build, and allow user to disable during startup of the container
-# Enable security plugin during image build, and allow user to disable during startup of the container
-ARG DISABLE_INSTALL_DEMO_CONFIG=true
-ARG DISABLE_SECURITY_PLUGIN=false
-RUN ./opensearch-onetime-setup.sh
-
-EXPOSE 9200 9300 9600 9650
-
-# Label
-LABEL org.label-schema.schema-version="1.0" \
-  org.label-schema.name="opensearch" \
-  org.label-schema.version="$OS_VERSION" \
-  org.label-schema.url="https://opensearch.org" \
-  org.label-schema.vcs-url="https://github.com/OpenSearch" \
-  org.label-schema.license="Apache-2.0" \
-  org.label-schema.vendor="OpenSearch"
-
-# CMD to run
- ENTRYPOINT ["./opensearch-docker-entrypoint.sh"]
- CMD ["opensearch"]
+# Startup command
+CMD ["/usr/share/opensearch/opensearch-docker-entrypoint.sh"]
