From 06bd452488a135d14cf8b6f51a5ed39ee1b6ea8c Mon Sep 17 00:00:00 2001 From: ai-dev Date: Mon, 22 Sep 2025 00:35:01 +0200 Subject: [PATCH] test --- opensearch-master/Dockerfile | 132 ++++++++++---- opensearch-master/config.json | 14 +- .../rootfs/usr/bin/configure-opensearch | 161 +++--------------- 3 files changed, 125 insertions(+), 182 deletions(-) diff --git a/opensearch-master/Dockerfile b/opensearch-master/Dockerfile index 54cd00e..ca9e741 100644 --- a/opensearch-master/Dockerfile +++ b/opensearch-master/Dockerfile @@ -1,44 +1,104 @@ -ARG BASE_IMAGE=opensearchproject/opensearch:latest -FROM ${BASE_IMAGE} +ARG BUILD_FROM=ghcr.io/hassio-addons/base:18.1.1 +FROM ${BUILD_FROM} -# Switch to root user to install packages -USER root +# Set environment variables +ENV \ + LANG=C.UTF-8 \ + OPENSEARCH_HOME="/usr/share/opensearch" \ + OPENSEARCH_PATH_CONF="/usr/share/opensearch/config" \ + OPENSEARCH_DATA_DIR="/usr/share/opensearch/data" \ + OPENSEARCH_LOGS_DIR="/usr/share/opensearch/logs" \ + OPENSEARCH_PLUGINS_DIR="/usr/share/opensearch/plugins" \ + PATH="/usr/share/opensearch/bin:$PATH" -# Install dependencies for configuration -RUN if command -v dnf >/dev/null 2>&1; then \ - echo "Installing with dnf" && \ - dnf install -y gettext jq && \ - dnf clean all; \ - elif command -v yum >/dev/null 2>&1; then \ - echo "Installing with yum" && \ - yum install -y gettext jq && \ - yum clean all; \ - elif command -v microdnf >/dev/null 2>&1; then \ - echo "Installing with microdnf" && \ - microdnf install -y gettext jq && \ - microdnf clean all; \ - elif command -v apt-get >/dev/null 2>&1; then \ - echo "Installing with apt-get" && \ - apt-get update -y && \ - apt-get install -y gettext-base jq && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/*; \ - else \ - echo "No package manager found! Checking if envsubst and jq are already available..." && \ - command -v envsubst || echo "envsubst not found" && \ - command -v jq || echo "jq not found"; \ - fi +# Build arguments +ARG BUILD_ARCH +ARG BUILD_DATE +ARG BUILD_DESCRIPTION +ARG BUILD_NAME +ARG BUILD_REF +ARG BUILD_REPOSITORY +ARG BUILD_VERSION -# Copy configuration files and scripts -COPY rootfs/ / +# Set OpenSearch version +ARG OPENSEARCH_VERSION=2.11.0 + +# Install required dependencies +RUN \ + apk add --no-cache --virtual .build-deps \ + curl \ + tar \ + gzip \ + gnupg \ + && apk add --no-cache \ + openjdk17-jdk-headless \ + jq \ + gettext \ + bash \ + su-exec \ + tini \ + && rm -rf /var/cache/apk/* + +# Create opensearch user and group +RUN \ + addgroup -S -g 1000 opensearch \ + && adduser -S -u 1000 -G opensearch -H -h /usr/share/opensearch opensearch + +# Download and install OpenSearch +RUN \ + mkdir -p /tmp/opensearch \ + && cd /tmp/opensearch \ + && curl -fsSL "https://artifacts.opensearch.org/releases/bundle/opensearch/${OPENSEARCH_VERSION}/opensearch-${OPENSEARCH_VERSION}-linux-${BUILD_ARCH}.tar.gz" -o opensearch.tar.gz \ + && tar -xzf opensearch.tar.gz --strip-components=1 \ + && mv * /usr/share/opensearch \ + && rm -rf /tmp/opensearch \ + && chown -R opensearch:opensearch /usr/share/opensearch # Create directories and set permissions -RUN mkdir -p /usr/share/opensearch/config/jvm.options.d && \ - chown -R opensearch:opensearch /usr/share/opensearch && \ - chmod +x /usr/bin/configure-opensearch +RUN \ + mkdir -p \ + "${OPENSEARCH_DATA_DIR}" \ + "${OPENSEARCH_LOGS_DIR}" \ + "${OPENSEARCH_PATH_CONF}" \ + "${OPENSEARCH_PLUGINS_DIR}" \ + && chown -R opensearch:opensearch /usr/share/opensearch -# Switch back to opensearch user -USER opensearch +# Copy root filesystem +COPY rootfs / -# Use our custom entrypoint script +# Set permissions +RUN \ + chmod a+x \ + /usr/bin/configure-opensearch \ + /usr/share/opensearch/bin/* \ + && chown -R opensearch:opensearch /usr/share/opensearch + +# Clean up build dependencies +RUN apk del .build-deps + +# Expose ports +EXPOSE 9200 9300 + +# Health check +HEALTHCHECK --interval=30s --timeout=30s --start-period=300s --retries=3 \ + CMD curl -f http://localhost:9200/_cluster/health || exit 1 + +# Labels +LABEL \ + io.hass.name="OpenSearch Master" \ + io.hass.description="OpenSearch master node for Home Assistant" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version="${BUILD_VERSION}" \ + maintainer="Your Name" \ + org.opencontainers.image.title="OpenSearch Master" \ + org.opencontainers.image.description="OpenSearch master node for Home Assistant" \ + org.opencontainers.image.vendor="Home Assistant Local Add-ons" \ + org.opencontainers.image.authors="Your Name" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.url="https://github.com/your-username/your-repo" \ + org.opencontainers.image.source="https://github.com/your-username/your-repo/opensearch-master" \ + org.opencontainers.image.documentation="https://github.com/your-username/your-repo/blob/main/opensearch-master/README.md" + +# Set entrypoint ENTRYPOINT ["/usr/bin/configure-opensearch"] \ No newline at end of file diff --git a/opensearch-master/config.json b/opensearch-master/config.json index 549816c..a5ffc6b 100644 --- a/opensearch-master/config.json +++ b/opensearch-master/config.json @@ -1,13 +1,14 @@ { - "name": "OpenSearch Cluster Node", + "name": "OpenSearch Master", "version": "1.0.0", - "slug": "opensearch-node", - "description": "OpenSearch cluster node with configurable roles", - "arch": ["amd64", "armv7", "aarch64"], + "slug": "opensearch-master", + "description": "OpenSearch master node for Home Assistant", + "arch": ["amd64", "aarch64", "armv7"], "startup": "services", "boot": "auto", "host_network": true, "init": false, + "privileged": ["SYS_ADMIN"], "map": [ ["config", "/usr/share/opensearch/config", "rw"], ["data", "/usr/share/opensearch/data", "rw"], @@ -22,7 +23,7 @@ "transport_port": 9300, "discovery_seed_hosts": ["os-master:9300"], "initial_master_nodes": ["os-master"], - "security_enabled": true, + "security_enabled": false, "admin_password": "SecurePass123!", "plugins": [] }, @@ -42,5 +43,8 @@ "ports": { "9200/tcp": 9200, "9300/tcp": 9300 + }, + "environment": { + "OPENSEARCH_HEAP_SIZE": "2g" } } \ No newline at end of file diff --git a/opensearch-master/rootfs/usr/bin/configure-opensearch b/opensearch-master/rootfs/usr/bin/configure-opensearch index 6314363..7a81489 100644 --- a/opensearch-master/rootfs/usr/bin/configure-opensearch +++ b/opensearch-master/rootfs/usr/bin/configure-opensearch @@ -1,21 +1,21 @@ #!/bin/bash -# Function to read configuration using bashio if available +# Function to read configuration using bashio read_config() { if command -v bashio >/dev/null 2>&1; then bashio::config "$1" else - # Fallback for testing outside Home Assistant + # Fallback for testing case "$1" in "node_role") echo "master" ;; "cluster_name") echo "hass-opensearch-cluster" ;; - "node_name") echo "os-node-1" ;; + "node_name") echo "os-master" ;; "heap_size") echo "1g" ;; "http_port") echo "9200" ;; "transport_port") echo "9300" ;; "discovery_seed_hosts") echo '["os-master:9300"]' ;; "initial_master_nodes") echo '["os-master"]' ;; - "security_enabled") echo "true" ;; + "security_enabled") echo "false" ;; "admin_password") echo "SecurePass123!" ;; "plugins") echo "[]" ;; *) echo "" ;; @@ -23,7 +23,7 @@ read_config() { fi } -# Read configuration values +# Read configuration NODE_ROLE=$(read_config 'node_role' | tr -d '[]"' | tr ',' ' ') CLUSTER_NAME=$(read_config 'cluster_name') NODE_NAME=$(read_config 'node_name') @@ -35,121 +35,16 @@ INITIAL_MASTERS=$(read_config 'initial_master_nodes' | tr -d '[]"' | tr ',' ' ') SECURITY_ENABLED=$(read_config 'security_enabled') ADMIN_PASSWORD=$(read_config 'admin_password') -# Export environment variables +# Set heap size +export OPENSEARCH_JAVA_OPTS="-Xms${HEAP_SIZE} -Xmx${HEAP_SIZE}" +export OPENSEARCH_HEAP_SIZE="${HEAP_SIZE}" + +# Set admin password export OPENSEARCH_INITIAL_ADMIN_PASSWORD="${ADMIN_PASSWORD}" -export DISCOVERY_TYPE="multi-node" - -# Set heap size using environment variable -CLEAN_HEAP_SIZE=$(echo "$HEAP_SIZE" | tr -d ' ' | grep -oE '[0-9]+[mg]') -if [ -z "$CLEAN_HEAP_SIZE" ]; then - CLEAN_HEAP_SIZE="2g" -fi -export OPENSEARCH_JAVA_OPTS="-Xms${CLEAN_HEAP_SIZE} -Xmx${CLEAN_HEAP_SIZE}" - -# Create jvm.options directory if it doesn't exist -mkdir -p /usr/share/opensearch/config/jvm.options.d - -# Create or restore the main jvm.options file if it's missing -if [ ! -f "/usr/share/opensearch/config/jvm.options" ]; then - # Create a basic jvm.options file - cat > /usr/share/opensearch/config/jvm.options << 'EOF' -## JVM configuration - -################################################################ -## IMPORTANT: JVM heap size -################################################################ -## -## You should always set the min and max JVM heap -## size to the same value. For example, to set -## the heap to 4 GB, set: -## -## -Xms4g -## -Xmx4g -## -## See https://opensearch.org/docs/latest/opensearch/install/important-settings/ -## for more information -## -################################################################ - -# Xms represents the initial size of total heap space -# Xmx represents the maximum size of total heap space - --Xms2g --Xmx2g - -################################################################ -## Expert settings -################################################################ -## -## All settings below this section are considered -## expert settings. Don't tamper with them unless -## you understand what you are doing -## -################################################################ - -## GC configuration --XX:+UseConcMarkSweepGC --XX:CMSInitiatingOccupancyFraction=75 --XX:+UseCMSInitiatingOccupancyOnly - -## optimizations - -# disable calls to System#gc --XX:+DisableExplicitGC - -# pre-touch memory pages used by the JVM during initialization --XX:+AlwaysPreTouch - -## basic - -# force the server VM (remove on 32-bit client JVMs) --server - -# explicitly set the stack size --Xss1m - -# set to headless, just in case --Djava.awt.headless=true - -# ensure UTF-8 encoding by default (e.g. filenames) --Dfile.encoding=UTF-8 - -# use our provided JNA always versus the system one --Djna.nosys=true - -# turn off a JDK optimization that throws away stack traces for common -# exceptions because stack traces are important for debugging --XX:-OmitStackTraceInFastThrow - -# flags to configure Netty --Dio.netty.noUnsafe=true --Dio.netty.noKeySetOptimization=true --Dio.netty.recycler.maxCapacityPerThread=0 - -# log4j 2 --Dlog4j.shutdownHookEnabled=false --Dlog4j2.disable.jmx=true - -# enable JDK 9+ usage and allow the use of the bundle JDK ---add-opens=java.base/java.io=ALL-UNNAMED --Des.netty.tryReflectionSetAccessible=true - --Djava.locale.providers=COMPAT - -# enable the module path ---module-path=${OPENSEARCH_HOME}/lib/* - -# allow access to the jdk.unsupported module for sun.misc.Unsafe ---add-modules=jdk.unsupported - -# allow access to the jdk.incubator.vector module for VectorUtil ---add-modules=jdk.incubator.vector -EOF -fi # Export variables for envsubst export CLUSTER_NAME="${CLUSTER_NAME:-hass-opensearch-cluster}" -export NODE_NAME="${NODE_NAME:-os-node-1}" +export NODE_NAME="${NODE_NAME:-os-master}" export NODE_ROLE="${NODE_ROLE:-master}" export HTTP_PORT="${HTTP_PORT:-9200}" export TRANSPORT_PORT="${TRANSPORT_PORT:-9300}" @@ -157,39 +52,23 @@ export DISCOVERY_SEEDS="${DISCOVERY_SEEDS:-os-master:9300}" export INITIAL_MASTERS="${INITIAL_MASTERS:-os-master}" export SECURITY_ENABLED="${SECURITY_ENABLED:-false}" -# Generate opensearch.yml from template +# Generate configuration from template envsubst < /etc/opensearch/opensearch.yml.template > /usr/share/opensearch/config/opensearch.yml # Install plugins if specified PLUGINS_JSON=$(read_config 'plugins') -if [ -n "$PLUGINS_JSON" ] && [ "$PLUGINS_JSON" != "[]" ] && command -v bashio >/dev/null 2>&1; then +if [ -n "$PLUGINS_JSON" ] && [ "$PLUGINS_JSON" != "[]" ]; then PLUGINS=$(echo "$PLUGINS_JSON" | jq -r '.[]' 2>/dev/null || echo "") - if [ -n "$PLUGINS" ]; then - for plugin in $PLUGINS; do - echo "Installing plugin: $plugin" - /usr/share/opensearch/bin/opensearch-plugin install --batch "$plugin" || true - done - fi + for plugin in $PLUGINS; do + echo "Installing plugin: $plugin" + /usr/share/opensearch/bin/opensearch-plugin install --batch "$plugin" || true + done fi -# Try to set vm.max_map_count if we have privileges +# Set vm.max_map_count if possible if [ -w /proc/sys/vm/max_map_count ]; then - echo "Setting vm.max_map_count to 262144" echo 262144 > /proc/sys/vm/max_map_count -elif command -v sysctl >/dev/null 2>&1; then - echo "Trying to set vm.max_map_count with sysctl" - sysctl -w vm.max_map_count=262144 || true fi -# Check current value -if [ -r /proc/sys/vm/max_map_count ]; then - CURRENT_MAP_COUNT=$(cat /proc/sys/vm/max_map_count) - echo "Current vm.max_map_count: $CURRENT_MAP_COUNT" - if [ "$CURRENT_MAP_COUNT" -lt 262144 ]; then - echo "WARNING: vm.max_map_count is too low ($CURRENT_MAP_COUNT), should be at least 262144" - echo "You may need to run: sudo sysctl -w vm.max_map_count=262144 on the host system" - fi -fi - -# Start OpenSearch -exec /usr/share/opensearch/bin/opensearch \ No newline at end of file +# Start OpenSearch as opensearch user +exec su-exec opensearch /usr/share/opensearch/bin/opensearch \ No newline at end of file