Docker - External Configfiles - Opensearch: "node-id is not writable"

I want to run a new Graylog5 Enviroment.

First i prepare the config

cd ~
mkdir graylog
cd graylog
mkdir config
cd config
wget https://raw.githubusercontent.com/Graylog2/graylog-docker/5.0/config/graylog.conf
wget https://raw.githubusercontent.com/Graylog2/graylog-docker/5.0/config/log4j2.xml

Then I change some parameters (like passphrase and so one) in the graylog.conf

Then I create my ‘docker-compose.yaml’

version: "3.8"

services:
  mongodb:
    image: "mongo:5.0"
    volumes:
      - "mongodb_data:/data/db"
    restart: "on-failure"

  opensearch:
    image: "opensearchproject/opensearch:2.4.0"
    environment:
      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
      - "bootstrap.memory_lock=true"
      - "discovery.type=single-node"
      - "action.auto_create_index=false"
      - "plugins.security.ssl.http.enabled=false"
      - "plugins.security.disabled=true"
    ulimits:
      memlock:
        hard: -1
        soft: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - "os_data:/usr/share/opensearch/data"
    restart: "on-failure"

  graylog:
    hostname: "server"
    image: "${GRAYLOG_IMAGE:-graylog/graylog:5.0}"
    depends_on:
      opensearch:
        condition: "service_started"
      mongodb:
        condition: "service_started"
    entrypoint: "/usr/bin/tini -- wait-for-it opensearch:9200 --  /docker-entrypoint.sh"
    ports:
    - "5044:5044/tcp"   # Beats
    - "5140:5140/udp"   # Syslog
    - "5140:5140/tcp"   # Syslog
    - "5555:5555/tcp"   # RAW TCP
    - "5555:5555/udp"   # RAW TCP
    - "9000:9000/tcp"   # Server API
    #- "443:9000/tcp"    # Server API HTTPS
    - "12201:12201/tcp" # GELF TCP
    - "12201:12201/udp" # GELF UDP
    #- "10000:10000/tcp" # Custom TCP port
    #- "10000:10000/udp" # Custom UDP port
    - "13301:13301/tcp" # Forwarder data
    - "13302:13302/tcp" # Forwarder config
    volumes:
      - "graylog_data:/usr/share/graylog/data/data"
      - "graylog_journal:/usr/share/graylog/data/journal"
      - ./config:/usr/share/graylog/data/config
    restart: "on-failure"

volumes:
  mongodb_data:
  os_data:
  graylog_data:
  graylog_journal:

Then I start the creation of the docker settings with ‘docker-compose up -d’

Now i look for the reason why the container didn´t start properly with ‘docker logs graylog-graylog-1’

2023-04-06 09:22:39,530 ERROR: org.graylog2.bootstrap.CmdLineTool - Invalid configuration
com.github.joschi.jadconfig.ValidationException: Parent directory /usr/share/graylog/data/config for Node ID file at /usr/share/graylog/data/config/node-id is not writable

I using Ubuntu 20.04 with Docker 2.17.3

Hey @MyKeySoftMK,

Did you create a node-id file yourself within ./config to persist the nodes ID between builds? What are the permissions on that directory?

No - i didn´t have create a node-id file - but i thought that will be create automaticly

The permissions are:

root@se69j4h32gl:~/graylog# ls -ls
total 12
4 drwxr-xr-x 2 root root 4096 Apr  6 12:31 config
4 -rw-r--r-- 1 root root 1812 Apr  6 11:03 docker-compose.yaml

If you are not looking to persist the node-id then try removing '- ./config:/usr/share/graylog/data/config" from the setup . Otherwise attempt creating the writable file first and see if the error changes.

Solution is:

useradd -u 1100 graylog
chown -R 1100:1100 config

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.