By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

ElasticSearch Container failed to start - ECS deployment using docker compose up - /usr/share/elasticsearch/data/nodes/ AccessDeinedException

1

Hi I'm trying to start an elasticsearch container via - docker compose (aws-cli and switching to ecs context), but it fails to start - AccessDeinedExcception - cant write to /usr/share/elasticsearch/data/nodes/ directory. I have researched the issue on google and its because of the permission on that folder - from my understanding I need to fix the permissions in the host directory mapped to /usr/share/elasticsearch/data/nodes/ (I think) running sudo chown -R 1000:1000 [directory}

However my container shuts down and how am I supposed to update the permission on that directory?

this is my docker-compose - any help appreciated

version: '3.8' services: elasticsearch01: user: $USER image: docker.elastic.co/elasticsearch/elasticsearch:7.14.1 #image: 645694603269.dkr.ecr.eu-west-2.amazonaws.com/smpn_ecr:latest container_name: es02 restart: unless-stopped environment: cluster.name: docker-es-cluster discovery.type: single-node bootstrap.memory_lock: "true" # ES_JAVA_OPTS: "-Xms2g -Xmx2g" xpack.security.enabled: "false" xpack.monitoring.enabled: "false" xpack.watcher.enabled: "false" node.name: es01 network.host: 0.0.0.0 logger.level: DEBUG ulimits: memlock: soft: -1 hard: -1 volumes: - es_data01:/usr/share/elasticsearch/data:rw ports: - "9200:9200" - "9300:9300" healthcheck: test: "curl -f http://localhost:9200 || exit 1" networks: - smpn_network volumes: es_data01: driver: local

networks: smpn_network: driver: bridge

Topics
StorageAnalyticsServerlessContainers
Tags
Amazon Elastic File SystemAnalyticsAmazon OpenSearch ServiceAmazon Elastic Container Service
Language
English
AWS-User-2395837
asked 2 years ago247 views
1 Answer
0

When I set the uid: 0 and gid: 0 permissions on the EFS access points, it worked correctly.

In docker-compose, specify volumes.es_data01.driver_opts.uid and volumes.es_data01.driver_opts.gid.

version: '3.8'

services:
  elasticsearch01:
    # user: $USER
    image: docker.elastic.co/elasticsearch/elasticsearch:7.14.1
    # image: 645694603269.dkr.ecr.eu-west-2.amazonaws.com/smpn_ecr:latest
    container_name: es02
    restart: unless-stopped
    environment:
      cluster.name: docker-es-cluster
      discovery.type: single-node
      bootstrap.memory_lock: "true"
      ES_JAVA_OPTS: "-Xms2g -Xmx2g"
      xpack.security.enabled: "false"
      xpack.monitoring.enabled: "false"
      xpack.watcher.enabled: "false"
      node.name: es01
      network.host: 0.0.0.0
      logger.level: DEBUG
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - es_data01:/usr/share/elasticsearch/data:rw
    ports:
      - "9200:9200"
      - "9300:9300"
    healthcheck:
      test: "curl -f http://localhost:9200 || exit 1"
    networks:
      - smpn_network
    deploy:
      resources:
        limits:
          cpus: '2.0'
          memory: 2048M

volumes:
  es_data01:
    driver: local
    driver_opts:
      uid: 0
      gid: 0

networks:
  smpn_network:
    driver: bridge

Reference

https://docs.docker.com/cloud/ecs-compose-features/#persistent-volumes https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html

profile picture
moritalous
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content