Git pull (force)

# fetch from the default remote, origin
git fetch
# reset your current branch (master) to origin's master
git reset --hard origin/master

Docker cleaning

Stop and delete containers

docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

Delete images

docker rmi $(docker images -q)


docker system prune --force

Beats – quick settings

Before first run of any beat from is good to set up number of replicas and shards based on your environment (e.g. number of nodes).

settings: {
  index.number_of_replicas: 0,


Elasticsearch cluster security

Access control

Never ever run elasticsearch as root!


script.inline: false  
script.stored: false  
script.file:   true

Script.inline enable run scripts provided inline in the API. Script.stored enable run stored script using API. Script.file  can run script which are stored in filesystem ( /etc/elasticsearch/scripts (rpm or deb), config/scripts (zip, tar).

Read more about scripting in elasticsearch e.g. Java security policy



rest.action.multi.allow_explicit_index: false

Elasticsearch will reject now multi-search, multi-get and bulk request with explicit index in body.

Filtered alias

For specification and  for better user expirience it is possible to use filtred alias.

POST /_aliases
    "actions" : [
        { "add" : { "indices" : ["test1", "test2"], "alias" : "alias1" } }

Service stability:




Zabezpečení Elasticsearch pomocí SearchGuardu


Elasticsearch scripts

cd /opt/elasticsearch
sudo bin/elasticsearch-plugin install -b com.floragunn:search-guard-5:5.3.0-11
vim /etc/elasticsearch/elasticsearch.yml

Searchguard settings in elasticsearch.yml

security.manager.enabled: false

root@e58127d1d54e:/opt/elasticsearch# plugins/search-guard-5/tools/ -cd plugins/search-guard-5/sgconfig/ -ks /etc/elasticsearch/node-1-keystore.jks -kspass 95ba06bb222fd7640283 -ts /etc/elasticsearch/truststore.jks -tspass 25cb9058f1b53dd61c69 -nhnv
 Search Guard Admin v5
 Will connect to localhost:9300 ... done
 Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
 Clustername: elasticsearch
 Clusterstate: YELLOW
 Number of nodes: 1
 Number of data nodes: 1
 searchguard index does not exists, attempt to create it ... done (auto expand replicas is on)
 Populate config from /opt/elasticsearch/plugins/search-guard-5/sgconfig
 Will update 'config' with plugins/search-guard-5/sgconfig/sg_config.yml
 SUCC: Configuration for 'config' created or updated
 Will update 'roles' with plugins/search-guard-5/sgconfig/sg_roles.yml
 SUCC: Configuration for 'roles' created or updated
 Will update 'rolesmapping' with plugins/search-guard-5/sgconfig/sg_roles_mapping.yml
 SUCC: Configuration for 'rolesmapping' created or updated
 Will update 'internalusers' with plugins/search-guard-5/sgconfig/sg_internal_users.yml
 SUCC: Configuration for 'internalusers' created or updated
 Will update 'actiongroups' with plugins/search-guard-5/sgconfig/sg_action_groups.yml
 SUCC: Configuration for 'actiongroups' created or updated
 Done with success

SearchGuard + Kibana + security

Logstash 5.4.0 – offline filter plugins

Exportovaný zip pluginů obsahuje tyto přidané pluginy:

  • logstash-filter-aggregate
  • logstash-filter-de_dot
  • logstash-filter-json_encode
  • logstash-input-jmx

Pluginy lze nainstalovat pomocí tohoto příkazu:

bin/logstash-plugin install file:///<path_to_zip>/



boot2docker – Elasticsearch a max_map_count

Pokud používáte boot2docker, tak určitě narazíte při startu Elasticsearch služby na podobnou chybu:

Exception in thread "main" java.lang.RuntimeException: bootstrap checks failed
 initial heap size [268435456] not equal to maximum heap size [1073741824]; this can cause resize pauses and prevents mlockall from locking the entire heap
 max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144]
 at org.elasticsearch.bootstrap.BootstrapCheck.check(
 at org.elasticsearch.bootstrap.BootstrapCheck.check(
 at org.elasticsearch.bootstrap.Bootstrap$5.validateNodeBeforeAcceptingRequests(
 at org.elasticsearch.node.Node.start(
 at org.elasticsearch.bootstrap.Bootstrap.start(
 at org.elasticsearch.bootstrap.Bootstrap.init(
 at org.elasticsearch.bootstrap.Elasticsearch.init(
 at org.elasticsearch.bootstrap.Elasticsearch.execute(
 at org.elasticsearch.cli.Command.mainWithoutErrorHandling(
 at org.elasticsearch.cli.Command.main(
 at org.elasticsearch.bootstrap.Elasticsearch.main(
 at org.elasticsearch.bootstrap.Elasticsearch.main(
 Refer to the log for complete error details.

Stačí upravit /var/lib/boot2docker/profile přídáním tohoto řádku na konec souboru a následně udělat reboot.

 # Update the vm.max_map_count setting
 sysctl -w vm.max_map_count=262144