I am new to Graylog (and kinda Docker in general). I am attempting to deploy Graylog in Docker on my Pi 4, but am having difficulty getting it going.
MongoDB and Elasticsearch have both started and are running, but the Graylog container itself only throws a generic [standard_init_linux.go:211: exec user process caused “exec format error”] log error, which after much searching on Google, I have not been able to solve.
I am using Ubuntu 19.10 on my Pi 4 with 4GB of RAM, as well as docker info below:
Thanks for your response, and my apologies for not providing that information upfront. I have tried both via the compose file (i.e. docker-compose up), as well as booting the required containers individually via Portainer. Same result both ways, and that error seems to be very generic (or at least, I cannot make much sense of it).
I do not think its a resource constraint at this point, as I modified the graylogctl file to restrict to 512MB RAM usage. With the DB and Elasticsearch containers running, the Pi sits at around 54% RAM usage, which includes the OS.
Do you by any chance know if the Graylog container supports ARM64 architecture? That is my suspicion at this point - I had to pull another Elasticsearch container, one that supported the system architecture, as I could not get the official one to boot either.
Do you by any chance know if the Graylog container supports ARM64 architecture? That is my suspicion at this point - I had to pull another Elasticsearch container, one that supported the system architecture, as I could not get the official one to boot either.
let say it direct - it is not tested and supported to run on ARM64
It might run, but I did not tested it. I guess that you might need to build the image on ARM64 to have the supported software packages of the container os/packages.
I had a feeling that might be the case, but it would surprise me if I was the first person to try doing this.
Would you or anyone else have any idea of how to build the ARM64 image/container? My current level of skill is not really sufficient to puzzle my way through this.
you might be not the first person. But it looks like nobody else took the duty to look into this. I guess because ARM64 builds are mostly for lab/hobby.
Feel free to take the dockerfile ( https://github.com/Graylog2/graylog-docker/blob/3.1/Dockerfile ) and check if all of the used packages are available for ARM64 if yes you can build that container. But the build infrastructure we (Graylog) use does not have the ability to create a cross architecture image.
I am quite a noob at this stuff. From your statement, would I be correct in assuming that I need to go through the stuff under the “apt-get install” section in the file?
I appreciate you taking the time to reply and to help me out, thank you.
the base image is the key - you have written that you took another elasticsearch image to be able to run … you might want to look into that Dockerfile to check what base image is used.
That might be a openjdk ARM image or similar. Takes this as starter and try to build the container just by replacing the base image with that one. Work from that point and check each step if you get a working image.
