Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 12:32:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Rebuild Logstash, Elasticsearch

Browse source 
Setting static limits for Elasticsearch / Logstash on Xms, Xmx and Container RAM results in unwanted side effects for some installations. With Elastic supporting dynamic heap management for Java 14+ we now use OpenJDK 16 JRE and as such remove limitations. This should improve stability for T-Pot, provided the minimum requirements will be met.
This commit is contained in:
t3chn0m4g3 2021-05-26 11:00:49 +00:00
parent 0c5ab33b8a
commit de38e5e86f
8 changed files with 32 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docker/elk/docker-compose.yml
View file

@ -10,7 +10,7 @@ services:
restart: always
environment:
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
# - ES_JAVA_OPTS=-Xms2048m -Xmx2048m
- ES_TMPDIR=/tmp
cap_add:
- IPC_LOCK
@ -21,7 +21,7 @@ services:
nofile:
soft: 65536
hard: 65536
mem_limit: 4g
# mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
image: "ghcr.io/telekom-security/elasticsearch:2006"
@ -46,8 +46,8 @@ services:
build: logstash/.
container_name: logstash
restart: always
environment:
- LS_JAVA_OPTS=-Xms2048m -Xmx2048m
# environment:
# - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
depends_on:
elasticsearch:
condition: service_healthy

8
docker/elk/elasticsearch/Dockerfile
View file

@ -2,7 +2,7 @@ FROM alpine:3.13
#
# VARS
ENV ES_VER=7.12.1 \
JAVA_HOME=/usr/lib/jvm/java-11-openjdk
ES_JAVA_HOME=/usr/lib/jvm/java-16-openjdk
# Include dist
ADD dist/ /root/dist/
#
@ -12,8 +12,9 @@ RUN apk -U --no-cache add \
aria2 \
bash \
curl \
nss \
openjdk11-jre && \
nss && \
# openjdk16-jre && \
apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing openjdk16-jre && \
#
# Get and install packages
cd /root/dist/ && \
@ -30,6 +31,7 @@ RUN apk -U --no-cache add \
addgroup -g 2000 elasticsearch && \
adduser -S -H -s /bin/ash -u 2000 -D -g 2000 elasticsearch && \
chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/ && \
rm -rf /usr/share/elasticsearch/jdk && \
rm -rf /usr/share/elasticsearch/modules/x-pack-ml && \
#
# Clean up

5
docker/elk/logstash/Dockerfile
View file

@ -14,8 +14,9 @@ RUN apk -U --no-cache add \
curl \
libc6-compat \
libzmq \
nss \
openjdk11-jre && \
nss && \
# openjdk16-jre && \
apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing openjdk16-jre && \
#
# Get and install packages
mkdir -p /etc/listbot && \

8
etc/compose/collector.yml
View file

@ -127,7 +127,7 @@ services:
restart: always
environment:
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
# - ES_JAVA_OPTS=-Xms2048m -Xmx2048m
- ES_TMPDIR=/tmp
cap_add:
- IPC_LOCK
@ -138,7 +138,7 @@ services:
nofile:
soft: 65536
hard: 65536
mem_limit: 4g
# mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
image: "dtagdevsec/elasticsearch:2006"
@ -160,8 +160,8 @@ services:
logstash:
container_name: logstash
restart: always
environment:
- LS_JAVA_OPTS=-Xms2048m -Xmx2048m
# environment:
# - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
depends_on:
elasticsearch:
condition: service_healthy

8
etc/compose/industrial.yml
View file

@ -334,7 +334,7 @@ services:
restart: always
environment:
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
# - ES_JAVA_OPTS=-Xms2048m -Xmx2048m
- ES_TMPDIR=/tmp
cap_add:
- IPC_LOCK
@ -345,7 +345,7 @@ services:
nofile:
soft: 65536
hard: 65536
mem_limit: 4g
# mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
image: "dtagdevsec/elasticsearch:2006"
@ -367,8 +367,8 @@ services:
logstash:
container_name: logstash
restart: always
environment:
- LS_JAVA_OPTS=-Xms2048m -Xmx2048m
# environment:
# - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
depends_on:
elasticsearch:
condition: service_healthy

8
etc/compose/medical.yml
View file

@ -111,7 +111,7 @@ services:
restart: always
environment:
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
# - ES_JAVA_OPTS=-Xms2048m -Xmx2048m
- ES_TMPDIR=/tmp
cap_add:
- IPC_LOCK
@ -122,7 +122,7 @@ services:
nofile:
soft: 65536
hard: 65536
mem_limit: 4g
# mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
image: "dtagdevsec/elasticsearch:2006"
@ -144,8 +144,8 @@ services:
logstash:
container_name: logstash
restart: always
environment:
- LS_JAVA_OPTS=-Xms2048m -Xmx2048m
# environment:
# - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
depends_on:
elasticsearch:
condition: service_healthy

8
etc/compose/nextgen.yml
View file

@ -546,7 +546,7 @@ services:
restart: always
environment:
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
# - ES_JAVA_OPTS=-Xms2048m -Xmx2048m
- ES_TMPDIR=/tmp
cap_add:
- IPC_LOCK
@ -557,7 +557,7 @@ services:
nofile:
soft: 65536
hard: 65536
mem_limit: 4g
# mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
image: "dtagdevsec/elasticsearch:2006"
@ -579,8 +579,8 @@ services:
logstash:
container_name: logstash
restart: always
environment:
- LS_JAVA_OPTS=-Xms2048m -Xmx2048m
# environment:
# - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
depends_on:
elasticsearch:
condition: service_healthy

8
etc/compose/standard.yml
View file

@ -510,7 +510,7 @@ services:
restart: always
environment:
- bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
# - ES_JAVA_OPTS=-Xms2048m -Xmx2048m
- ES_TMPDIR=/tmp
cap_add:
- IPC_LOCK
@ -521,7 +521,7 @@ services:
nofile:
soft: 65536
hard: 65536
mem_limit: 4g
# mem_limit: 4g
ports:
- "127.0.0.1:64298:9200"
image: "dtagdevsec/elasticsearch:2006"
@ -543,8 +543,8 @@ services:
logstash:
container_name: logstash
restart: always
environment:
- LS_JAVA_OPTS=-Xms2048m -Xmx2048m
# environment:
# - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
depends_on:
elasticsearch:
condition: service_healthy