How to build docker image with OSS Elasticsearch and SearchGuard?

We are using docker images from this repo:

https://hub.docker.com/r/floragunncom/sg-elasticsearch/tags?page=1&ordering=last_updated

But It seems like, some versions of Elasticsearch are missing.

I want to build a docker image with the following configuration:

Elasticsearch	Search Guard	Kibana Plugin	SG Admin Standalone	Status
7.3.2	37.0.0	37.0.0	37.0.0	Active

Do you have an open-source Dockerfile or script which I can use to generate the image?

You can get scripts from the following repository Files · master · search-guard / search-guard-labs · GitLab

For example

Dokerfile

ARG ES_VERSION
ARG SG_VERSION
ARG CONTAINER_NAME
ARG AUTH

FROM docker.elastic.co/elasticsearch/elasticsearch:${ES_VERSION}

# Must repeat the docker-compose args to make them available after FROM
ARG ES_VERSION
ARG SG_VERSION
ARG CONTAINER_NAME
ARG AUTH

RUN elasticsearch-plugin install --batch https://maven.search-guard.com/search-guard-suite-release/com/floragunn/search-guard-suite-plugin/${ES_VERSION}-${SG_VERSION}/search-guard-suite-plugin-${ES_VERSION}-${SG_VERSION}.zip

# Copy Elasticsearch config
COPY ./config/${AUTH}/${CONTAINER_NAME}/*.pem /usr/share/elasticsearch/config/
COPY ./config/${AUTH}/${CONTAINER_NAME}/*.key /usr/share/elasticsearch/config/
COPY ./config/${AUTH}/${CONTAINER_NAME}/*.readme /usr/share/elasticsearch/config/
COPY ./config/${AUTH}/${CONTAINER_NAME}/*.yml /usr/share/elasticsearch/config/
COPY ./config/${AUTH}/${CONTAINER_NAME}/*.yml.example /usr/share/elasticsearch/config/

# Copy Search Guard config
COPY ./config/${AUTH}/${CONTAINER_NAME}/sgconfig/* /usr/share/elasticsearch/plugins/search-guard-7/sgconfig/

.env

ES_VERSION=7.9.1
KIBANA_VERSION=7.9.1
SG_VERSION=45.0.0

docker-compose-basicauth.yml

version: '3.2'

services:
  sgssl-0.example.com:
    container_name: sgssl-0.example.com
    build:
      context: elasticsearch/
      args:
        AUTH: basicauth
        CONTAINER_NAME: sgssl-0.example.com
        ES_VERSION: $ES_VERSION
        SG_VERSION: $SG_VERSION
    ports:
      - "9200:9200"
      - "9300:9300"
    environment:
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    # volumes:
    #   - type: volume
    #     source: elasticsearch
    #     target: /usr/share/elasticsearch/data_sgssl-0.example.com
    networks:
      - elastic
  sgssl-1.example.com:
    container_name: sgssl-1.example.com
    build:
      context: elasticsearch/
      args:
        AUTH: basicauth
        CONTAINER_NAME: sgssl-1.example.com
        ES_VERSION: $ES_VERSION
        SG_VERSION: $SG_VERSION
    environment:
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    # volumes:
    #   - type: volume
    #     source: elasticsearch
    #     target: /usr/share/elasticsearch/data_sgssl-1.example.com
    networks:
      - elastic
  sgssl-2.example.com:
    container_name: sgssl-2.example.com
    build:
      context: elasticsearch/
      args:
        AUTH: basicauth
        CONTAINER_NAME: sgssl-2.example.com
        ES_VERSION: $ES_VERSION
        SG_VERSION: $SG_VERSION
    environment:
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    # volumes:
    #   - type: volume
    #     source: elasticsearch
    #     target: /usr/share/elasticsearch/data_sgssl-2.example.com
    networks:
      - elastic
  kibana.example.com:
    container_name: kibana.example.com
    build:
      context: kibana/
      dockerfile: Dockerfile
      args:
        AUTH: basicauth
        CONTAINER_NAME: kibana.example.com
        KIBANA_VERSION: $KIBANA_VERSION
        SG_VERSION: $SG_VERSION
    ports:
      - "5601:5601"
    depends_on:
      - sgssl-0.example.com
    networks:
      - elastic

networks:
  elastic:
    driver: bridge

#volumes:
#  elasticsearch:

And here are the scripts from the official Search Guard Helm repository https://git.floragunn.com/gh/search-guard-helm/-/tree/prod_ready_ca/docker

Thanks @srgbnd

Can’t access your link though, tried to sign up, but not working.

Hi @kamolhasan Sorry, the link to the helm repo is not available yet. The Docker image for v7.3.2 was uploaded on Docker Hub