Could not start elasticsearch service with docker rootless and ulimits memlock -1 #66
Description
Hello,
I'm using docker rootless and cannot start the elasticsearch service :
user@virtualbox:~/projets/local/elastic-local$ curl -fsSL https://elastic.co/start-local | sh
______ _ _ _
| ____| | | | (_)
| |__ | | __ _ ___| |_ _ ___
| __| | |/ _` / __| __| |/ __|
| |____| | (_| \__ \ |_| | (__
|______|_|\__,_|___/\__|_|\___|
-------------------------------------------------
🚀 Run Elasticsearch and Kibana for local testing
-------------------------------------------------
ℹ️ Do not use this script in a production environment
⌛️ Setting up Elasticsearch and Kibana v9.0.3...
- Generated random passwords
- Created the elastic-start-local folder containing the files:
- .env, with settings
- docker-compose.yml, for Docker services
- start/stop/uninstall commands
- Running docker compose up --wait
[+] Running 5/6
✔ Network elastic-start-local_default Created 0.0s
✔ Volume "elastic-start-local_dev-elasticsearch" Created 0.0s
✔ Volume "elastic-start-local_dev-kibana" Created 0.0s
⠸ Container es-local-dev Starting 0.4s
✔ Container kibana_settings Created 0.1s
✔ Container kibana-local-dev Created 0.1s
Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting rlimits for ready process: error setting rlimit type 8: operation not permitted: unknown
Error: docker compose up --wait command failed!
An error log has been generated in error-start-local.log file.
If you need assistance, open an issue at https://github.com/elastic/start-local/issues
This is due to the ulimits configuration for elasticsearch service in the docker-compose.yml file :
services:
elasticsearch:
ulimits:
memlock:
soft: -1
hard: -1I can reproduce the error with the following command :
$ docker run --ulimit memlock=-1:-1 --rm debian sh -c "ulimit -a"
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting rlimits for ready process: error setting rlimit type 8: operation not permitted: unknown
We can find this discussion.
A workaround is to set a value :
$ docker run --ulimit memlock=9999999:9999999 --rm debian sh -c "ulimit -a"
time(seconds) unlimited
file(blocks) unlimited
data(kbytes) unlimited
stack(kbytes) 8192
coredump(blocks) unlimited
memory(kbytes) unlimited
locked memory(kbytes) 9765
process 31433
nofiles 1048576
vmemory(kbytes) unlimited
locks unlimited
rtprio 0
Could we configure this during the installation ?
Thank you
Metadata
Metadata
Assignees
Labels
No labels