Ubuntu 20.04 LTS (Focal Fossa) and Ubuntu 22.04 LTS (Jammy Jellyfish)
editUbuntu 20.04 LTS (Focal Fossa) and Ubuntu 22.04 LTS (Jammy Jellyfish)
editThe following instructions show you how to prepare your hosts on 20.04 LTS (Focal Fossa) and Ubuntu 22.04 LTS (Jammy Jellyfish).
Install Docker
editInstall Docker LTS version 24.0 for Ubuntu 20.04 or 22.04.
Make sure to use a combination of Linux distribution and Docker version that is supported, following our official Support matrix. Using unsupported combinations can cause multiple issues with you ECE environment, such as failures to create system deployments, to upgrade workload deployments, proxy timeouts, and more.
Docker 25 and higher are not compatible with ECE 3.7.
-
Install the Docker repository dependencies:
sudo apt-get install ca-certificates curl gnupg lsb-release
-
Add Docker’s official GPG key:
sudo mkdir -m 0755 -p /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
-
Add the stable Docker repository:
echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-
Install the correct version of the
docker-ce
package, for Ubuntu 20.04 LTS (Focal Fossa) or Ubuntu 22.04 LTS (Jammy Jellyfish):sudo apt install -y docker-ce=5:24.0.* docker-ce-cli=5:24.0.* containerd.io
Set up XFS quotas
editXFS is required to support disk space quotas for Elasticsearch data directories. Some Linux distributions such as RHEL and Rocky Linux already provide XFS as the default file system. On Ubuntu, you need to set up an XFS file system and have quotas enabled.
Disk space quotas set a limit on the amount of disk space an Elasticsearch cluster node can use. Currently, quotas are calculated by a static ratio of 1:32, which means that for every 1 GB of RAM a cluster is given, a cluster node is allowed to consume 32 GB of disk space.
Using LVM, mdadm
, or a combination of the two for block device management is possible, but the
configuration is not covered here, and it is not supported by Elastic Cloud Enterprise.
You must use XFS and have quotas enabled on all allocators, otherwise disk usage won’t display correctly.
Example: Set up XFS on a single, pre-partitioned block device named /dev/xvdg1
.
-
Format the partition:
sudo mkfs.xfs /dev/xvdg1
-
Create the
/mnt/data/
directory as a mount point:sudo install -o $USER -g $USER -d -m 700 /mnt/data
-
Add an entry to the
/etc/fstab
file for the new XFS volume. The default filesystem path used by Elastic Cloud Enterprise is/mnt/data
./dev/xvdg1 /mnt/data xfs defaults,nofail,x-systemd.automount,prjquota,pquota 0 2
-
Regenerate the mount files:
sudo systemctl daemon-reload sudo systemctl restart local-fs.target
Update the configurations settings
edit-
Stop the Docker service:
sudo systemctl stop docker
-
Enable cgroup accounting for memory and swap space.
-
In the
/etc/default/grub
file, ensure that theGRUB_CMDLINE_LINUX=
variable includes these values:cgroup_enable=memory swapaccount=1 cgroup.memory=nokmem
-
Update your Grub configuration:
sudo update-grub
-
-
Configure kernel parameters
cat <<EOF | sudo tee -a /etc/sysctl.conf # Required by Elasticsearch vm.max_map_count=262144 # enable forwarding so the Docker networking works as expected net.ipv4.ip_forward=1 # Decrease the maximum number of TCP retransmissions to 5 as recommended for Elasticsearch TCP retransmission timeout. # See https://www.elastic.co/guide/en/elasticsearch/reference/current/system-config-tcpretries.html net.ipv4.tcp_retries2=5 # Make sure the host doesn't swap too early vm.swappiness=1 EOF
The
net.ipv4.tcp_retries2
setting applies to all TCP connections and affects the reliability of communication with systems other than Elasticsearch clusters too. If your clusters communicate with external systems over a low quality network then you may need to select a higher value fornet.ipv4.tcp_retries2
.-
Apply the settings:
sudo sysctl -p
-
-
Adjust the system limits.
Add the following configuration values to the
/etc/security/limits.conf
file. These values are derived from our experience with the Elastic Cloud hosted offering and should be used for Elastic Cloud Enterprise as well.If you are using a user name other than
elastic
, adjust the configuration values accordingly.* soft nofile 1024000 * hard nofile 1024000 * soft memlock unlimited * hard memlock unlimited elastic soft nofile 1024000 elastic hard nofile 1024000 elastic soft memlock unlimited elastic hard memlock unlimited elastic soft nproc unlimited elastic hard nproc unlimited root soft nofile 1024000 root hard nofile 1024000 root soft memlock unlimited
-
NOTE: This step is optional if the Docker registry doesn’t require authentication.
Authenticate the
elastic
user to pull images from the Docker registry you use, by creating the file/home/elastic/.docker/config.json
. This file needs to be owned by theelastic
user. If you are using a user name other thanelastic
, adjust the path accordingly.Example: In case you use
docker.elastic.co
, the file content looks like as follows:{ "auths": { "docker.elastic.co": { "auth": "<auth-token>" } } }
-
If you did not create the mount point earlier (if you did not set up XFS), create the
/mnt/data/
directory as a mount point:sudo install -o $USER -g $USER -d -m 700 /mnt/data
-
If you set up a new device with XFS earlier:
-
Mount the block device (change the device name if you use a different device than
/dev/xvdg1
):sudo mount /dev/xvdg1 /mnt/data
-
Set the permissions on the newly mounted device:
sudo chown $USER:$USER /mnt/data
-
-
Create the
/mnt/data/docker
directory for the Docker service storage:sudo install -o $USER -g $USER -d -m 700 /mnt/data/docker
Configure the Docker daemon options
editDocker creates a bridge IP address that can conflict with IP addresses on your internal network. To avoid an IP address conflict, change the --bip=172.17.42.1/16
parameter in our examples to something that you know will work. If there is no conflict, you can omit the --bip
parameter. The --bip
parameter is internal to the host and can be set to the same IP for each host in the cluster. More information on Docker daemon options can be found in the dockerd command line reference.
You can specify --log-opt max-size
and --log-opt max-file
to define the Docker daemon containers log rotation.
-
Update
/etc/systemd/system/docker.service.d/docker.conf
. If the file path and file do not exist, create them first.[Unit] Description=Docker Service After=multi-user.target [Service] Environment="DOCKER_OPTS=-H unix:///run/docker.sock --data-root /mnt/data/docker --storage-driver=overlay2 --bip=172.17.42.1/16 --raw-logs --log-opt max-size=500m --log-opt max-file=10 --icc=false" ExecStart= ExecStart=/usr/bin/dockerd $DOCKER_OPTS
-
Apply the updated Docker daemon configuration:
Reload the Docker daemon configuration:
sudo systemctl daemon-reload
Restart the Docker service:
sudo systemctl restart docker
Enable Docker to start on boot:
sudo systemctl enable docker
-
Enable your user to communicate with the Docker subsystem by adding it to the
docker
group:sudo usermod -aG docker $USER
-
Recommended: Tune your network settings.
Create a
70-cloudenterprise.conf
file in the/etc/sysctl.d/
file path that includes these network settings:cat << SETTINGS | sudo tee /etc/sysctl.d/70-cloudenterprise.conf net.ipv4.tcp_max_syn_backlog=65536 net.core.somaxconn=32768 net.core.netdev_max_backlog=32768 SETTINGS
-
Pin the Docker version to ensure that the package does not get upgraded:
echo "docker-ce hold" | sudo dpkg --set-selections echo "docker-ce-cli hold" | sudo dpkg --set-selections echo "containerd.io hold" | sudo dpkg --set-selections
-
Reboot your system to ensure that all configuration changes take effect:
sudo reboot
-
After rebooting, verify that your Docker settings persist as expected:
sudo docker info | grep Root
If the command returns
Docker Root Dir: /mnt/data/docker
, then your changes were applied successfully and persist as expected.If the command returns
Docker Root Dir: /var/lib/docker
, then you need to troubleshoot the previous configuration steps until the Docker settings are applied successfully before continuing with the installation process. For more information, check Custom Docker daemon options in the Docker documentation. - Repeat these steps on other hosts that you want to use with Elastic Cloud Enterprise or follow the steps in the next section to start installing Elastic Cloud Enterprise.