Introducing our new CEO Don Johnson - Read More

bitnami/opensearch

Verified Publisher

By VMware

Updated 2 days ago

Bitnami container image for OpenSearch

Image
Data Science
Monitoring & Observability
Web Analytics
4

100K+

Bitnami package for OpenSearch

What is OpenSearch?

OpenSearch is a scalable open-source solution for search, analytics, and observability. Features full-text queries, natural language processing, custom dictionaries, amongst others.

Overview of OpenSearch Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.

TL;DR

docker run --name opensearch bitnami/opensearch:latest

You can find the available configuration options in the Environment Variables section.

Why use Bitnami Images?

  • Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems.
  • With Bitnami images the latest bug fixes and features are available as soon as possible.
  • Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs.
  • All our images are based on minideb -a minimalist Debian based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or scratch -an explicitly empty image-.
  • All Bitnami images available in Docker Hub are signed with Notation. Check this post to know how to verify the integrity of the images.
  • Bitnami container images are released on a regular basis with the latest distribution packages available.

Looking to use OpenSearch in production? Try VMware Tanzu Application Catalog, the commercial edition of the Bitnami catalog.

How to deploy OpenSearch in Kubernetes?

Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the Bitnami OpenSearch Chart GitHub repository.

Bitnami containers can be used with Kubeapps for deployment and management of Helm Charts in clusters.

Why use a non-root container?

Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers in our docs.

Only latest stable branch maintained in the free Bitnami catalog

Starting December 10th 2024, only the latest stable branch of any container will receive updates in the free Bitnami catalog. To access up-to-date releases for all upstream-supported branches, consider upgrading to Bitnami Premium. Previous versions already released will not be deleted. They are still available to pull from DockerHub.

Please check the Bitnami Premium page in our partner Arrow Electronics for more information.

Supported tags and respective Dockerfile links

Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.

You can see the equivalence between the different tags by taking a look at the tags-info.yaml file present in the branch folder, i.e bitnami/ASSET/BRANCH/DISTRO/tags-info.yaml.

Subscribe to project updates by watching the bitnami/containers GitHub repo.

Get this image

The recommended way to get the Bitnami OpenSearch Docker Image is to pull the prebuilt image from the Docker Hub Registry.

docker pull bitnami/opensearch:latest

To use a specific version, you can pull a versioned tag. You can view the list of available versions in the Docker Hub Registry.

docker pull bitnami/opensearch:[TAG]

If you wish, you can also build the image yourself by cloning the repository, changing to the directory containing the Dockerfile and executing the docker build command. Remember to replace the APP, VERSION and OPERATING-SYSTEM path placeholders in the example command below with the correct values.

git clone https://github.com/bitnami/containers.git
cd bitnami/APP/VERSION/OPERATING-SYSTEM
docker build -t bitnami/APP:latest .

Persisting your application

If you remove the container all your data will be lost, and the next time you run the image the application will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.

For persistence you should mount a directory at the /bitnami path. If the mounted directory is empty, it will be initialized on the first run.

docker run \
    -v /path/to/opensearch-data-persistence:/bitnami/opensearch/data \
    bitnami/opensearch:latest

or by making a minor change to the docker-compose.yml file present in this repository:

opensearch:
  ...
  volumes:
    - /path/to/opensearch-data-persistence:/bitnami/opensearch/data
  ...

NOTE: As this is a non-root container, the mounted files and directories must have the proper permissions for the UID 1001.

It is also possible to use multiple volumes for data persistence by using the OPENSEARCH_DATA_DIR_LIST environment variable:

opensearch:
  ...
  volumes:
    - /path/to/opensearch-data-persistence-1:/opensearch/data-1
    - /path/to/opensearch-data-persistence-2:/opensearch/data-2
  environment:
    - OPENSEARCH_DATA_DIR_LIST=/opensearch/data-1,/opensearch/data-2
  ...

Connecting to other containers

Using Docker container networking, an OpenSearch server running inside a container can easily be accessed by your application containers.

Containers attached to the same network can communicate with each other using the container name as the hostname.

Using the Command Line

Step 1: Create a network

docker network create app-tier --driver bridge

Step 2: Launch the OpenSearch server instance

Use the --network app-tier argument to the docker run command to attach the OpenSearch container to the app-tier network.

docker run -d --name opensearch-server \
    --network app-tier \
    bitnami/opensearch:latest

Step 3: Launch your application container

docker run -d --name myapp \
    --network app-tier \
    YOUR_APPLICATION_IMAGE

IMPORTANT:

  1. Please update the YOUR_APPLICATION_IMAGE_ placeholder in the above snippet with your application image
  2. In your application container, use the hostname opensearch-server to connect to the OpenSearch server
Using a Docker Compose file

When not specified, Docker Compose automatically sets up a new network and attaches all deployed services to that network. However, we will explicitly define a new bridge network named app-tier. In this example we assume that you want to connect to the OpenSearch server from your own custom application image which is identified in the following snippet by the service name myapp.

version: '2'

networks:
  app-tier:
    driver: bridge

services:
  opensearch:
    image: 'bitnami/opensearch:latest'
    networks:
      - app-tier
  myapp:
    image: 'YOUR_APPLICATION_IMAGE'
    networks:
      - app-tier

IMPORTANT:

  1. Please update the YOUR_APPLICATION_IMAGE_ placeholder in the above snippet with your application image
  2. In your application container, use the hostname opensearch to connect to the OpenSearch server

Launch the containers using:

docker-compose up -d

Configuration

Environment variables

Customizable environment variables

NameDescriptionDefault Value
OPENSEARCH_CERTS_DIRPath to certificates folder.${DB_CONF_DIR}/certs
OPENSEARCH_DATA_DIR_LISTComma, semi-colon or space separated list of directories to use for data storagenil
OPENSEARCH_BIND_ADDRESSOpensearch bind addressnil
OPENSEARCH_ADVERTISED_HOSTNAMEOpensearch advertised hostname, used for publishnil
OPENSEARCH_CLUSTER_HOSTSOpensearch cluster hostsnil
OPENSEARCH_CLUSTER_MASTER_HOSTSOpensearch cluster master hostsnil
OPENSEARCH_CLUSTER_NAMEOpensearch cluster namenil
OPENSEARCH_HEAP_SIZEOpensearch heap size1024m
OPENSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGEOpensearch maximum allowed memory percentage100
OPENSEARCH_MAX_ALLOWED_MEMORYOpensearch maximum allowed memory amount (in megabytes)nil
OPENSEARCH_MAX_TIMEOUTOpensearch maximum init timeout60
OPENSEARCH_LOCK_ALL_MEMORYSets bootstrap.memory_lock parameterno
OPENSEARCH_DISABLE_JVM_HEAP_DUMPDisable JVM Heap dumpno
OPENSEARCH_DISABLE_GC_LOGSDisable GC logsno
OPENSEARCH_IS_DEDICATED_NODEIf false, Opensearch will be configured with all the roles, deploy as dedicated node using DB_NODE_ROLES.no
OPENSEARCH_MINIMUM_MASTER_NODESMinimum number of master nodesnil
OPENSEARCH_NODE_NAMEOpensearch node namenil
OPENSEARCH_FS_SNAPSHOT_REPO_PATHOpensearch repo path to restore snapshots from system repositorynil
OPENSEARCH_NODE_ROLESComma-separated list of Opensearch roles. If empty, will be deployed as a coordinating-only node.nil
OPENSEARCH_PLUGINSList of Opensearch plugins to activatenil
OPENSEARCH_TRANSPORT_PORT_NUMBEROpensearch node port number9300
OPENSEARCH_HTTP_PORT_NUMBEROpensearch port9200
OPENSEARCH_ENABLE_SECURITYEnable Opensearch security settings.false
OPENSEARCH_PASSWORDPassword for "admin" user.bitnami
OPENSEARCH_TLS_VERIFICATION_MODEOpensearch TLS verification mode in transport layer.full
OPENSEARCH_TLS_USE_PEMConfigure Security settings using PEM certificates.false
OPENSEARCH_KEYSTORE_PASSWORDPassword for the Opensearch keystore containing the certificates or password-protected PEM key.nil
OPENSEARCH_TRUSTSTORE_PASSWORDPassword for the Opensearch truststore.nil
OPENSEARCH_KEY_PASSWORDPassword for the Opensearch node PEM key.nil
OPENSEARCH_KEYSTORE_LOCATIONPath to Keystore${DB_CERTS_DIR}/opensearch.keystore.jks
OPENSEARCH_TRUSTSTORE_LOCATIONPath to Truststore.${DB_CERTS_DIR}/opensearch.truststore.jks
OPENSEARCH_NODE_CERT_LOCATIONPath to PEM node certificate.${DB_CERTS_DIR}/tls.crt
OPENSEARCH_NODE_KEY_LOCATIONPath to PEM node key.${DB_CERTS_DIR}/tls.key
OPENSEARCH_CA_CERT_LOCATIONPath to CA certificate.${DB_CERTS_DIR}/ca.crt
OPENSEARCH_SKIP_TRANSPORT_TLSSkips transport layer TLS configuration. Useful when deploying single-node clusters.false
OPENSEARCH_TRANSPORT_TLS_USE_PEMConfigure transport layer TLS settings using PEM certificates.$DB_TLS_USE_PEM
OPENSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORDPassword for the Opensearch transport layer TLS keystore containing the certificates or password-protected PEM key.$DB_KEYSTORE_PASSWORD
OPENSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORDPassword for the Opensearch transport layer TLS truststore.$DB_TRUSTSTORE_PASSWORD
OPENSEARCH_TRANSPORT_TLS_KEY_PASSWORDPassword for the Opensearch transport layer TLS node PEM key.$DB_KEY_PASSWORD
OPENSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATIONPath to Keystore for transport layer TLS.$DB_KEYSTORE_LOCATION
OPENSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATIONPath to Truststore for transport layer TLS.$DB_TRUSTSTORE_LOCATION
OPENSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATIONPath to PEM node certificate for transport layer TLS.$DB_NODE_CERT_LOCATION
OPENSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATIONPath to PEM node key for transport layer TLS.$DB_NODE_KEY_LOCATION
OPENSEARCH_TRANSPORT_TLS_CA_CERT_LOCATIONPath to CA certificate for transport layer TLS.$DB_CA_CERT_LOCATION
OPENSEARCH_ENABLE_REST_TLSEnable TLS encryption for REST API communications.true
OPENSEARCH_HTTP_TLS_USE_PEMConfigure HTTP TLS settings using PEM certificates.$DB_TLS_USE_PEM
OPENSEARCH_HTTP_TLS_KEYSTORE_PASSWORDPassword for the Opensearch HTTP TLS keystore containing the certificates or password-protected PEM key.$DB_KEYSTORE_PASSWORD
OPENSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORDPassword for the Opensearch HTTP TLS truststore.$DB_TRUSTSTORE_PASSWORD
OPENSEARCH_HTTP_TLS_KEY_PASSWORDPassword for the Opensearch HTTP TLS node PEM key.$DB_KEY_PASSWORD
OPENSEARCH_HTTP_TLS_KEYSTORE_LOCATIONPath to Keystore for HTTP TLS.$DB_KEYSTORE_LOCATION
OPENSEARCH_HTTP_TLS_TRUSTSTORE_LOCATIONPath to Truststore for HTTP TLS.$DB_TRUSTSTORE_LOCATION
OPENSEARCH_HTTP_TLS_NODE_CERT_LOCATIONPath to PEM node certificate for HTTP TLS.$DB_NODE_CERT_LOCATION
OPENSEARCH_HTTP_TLS_NODE_KEY_LOCATIONPath to PEM node key for HTTP TLS.$DB_NODE_KEY_LOCATION
OPENSEARCH_HTTP_TLS_CA_CERT_LOCATIONPath to CA certificate for HTTP TLS.$DB_CA_CERT_LOCATION
OPENSEARCH_SECURITY_DIRRoot directory of the Opensearch Security plugin.${DB_PLUGINS_DIR}/opensearch-security
OPENSEARCH_SECURITY_CONF_DIRConfiguration directory of the Opensearch Security plugin.${DB_CONF_DIR}/opensearch-security
OPENSEARCH_DASHBOARDS_PASSWORDPassword for the Opensearch-dashboards user.bitnami
LOGSTASH_PASSWORDPassword for the Logstash user.bitnami
OPENSEARCH_SET_CGROUPConfigure Opensearch java opts with cgroup hierarchy override, so cgroup statistics are available in the container.true
OPENSEARCH_SECURITY_BOOTSTRAPIf set to true, this node will be configured with instructions to bootstrap the Opensearch security config.false
OPENSEARCH_SECURITY_NODES_DNComma-separated list including the Opensearch nodes allowed TLS DNs.nil
OPENSEARCH_SECURITY_ADMIN_DNComma-separated list including the Opensearch Admin user allowed TLS DNs.nil
OPENSEARCH_SECURITY_ADMIN_CERT_LOCATIONPath to the Opensearch Admin PEM certificate.${DB_CERTS_DIR}/admin.crt
OPENSEARCH_SECURITY_ADMIN_KEY_LOCATIONPath to the Opensearch Admin PEM key.${DB_CERTS_DIR}/admin.key

Read-only environment variables

NameDescriptionValue
DB_FLAVORDatabase flavor. Valid values: elasticsearch or opensearch.opensearch
OPENSEARCH_VOLUME_DIRPersistence base directory/bitnami/opensearch
OPENSEARCH_BASE_DIROpensearch installation directory/opt/bitnami/opensearch
OPENSEARCH_CONF_DIROpensearch configuration directory${DB_BASE_DIR}/config
OPENSEARCH_DEFAULT_CONF_DIROpensearch default configuration directory${DB_BASE_DIR}/config.default
OPENSEARCH_LOGS_DIROpensearch logs directory${DB_BASE_DIR}/logs
OPENSEARCH_PLUGINS_DIROpensearch plugins directory${DB_BASE_DIR}/plugins
OPENSEARCH_DEFAULT_PLUGINS_DIROpensearch default plugins directory${DB_BASE_DIR}/plugins.default
OPENSEARCH_DATA_DIROpensearch data directory${DB_VOLUME_DIR}/data
OPENSEARCH_TMP_DIROpensearch temporary directory${DB_BASE_DIR}/tmp
OPENSEARCH_BIN_DIROpensearch executables directory${DB_BASE_DIR}/bin
OPENSEARCH_MOUNTED_PLUGINS_DIRDirectory where plugins are mounted${DB_VOLUME_DIR}/plugins
OPENSEARCH_CONF_FILEPath to Opensearch c

Note: the README for this container is longer than the DockerHub length limit of 25000, so it has been trimmed. The full README can be found at https://github.com/bitnami/containers/blob/main/bitnami/opensearch/README.md

Docker Pull Command

docker pull bitnami/opensearch
Bitnami