Configure a SUSE host

SUSE Linux Enterprise Server (SLES) hosts use zypper to install Docker and require XFS quotas to be set up manually, since SLES doesn't ship XFS as the default filesystem. The steps on this page target SLES 15.

Before installing, make sure to cross-check your SLES version and Docker version against the Support matrix. The commands shown on this page are examples; substitute the versions you've identified in the support matrix.

• Install Docker
• Set up XFS quotas
• Update the configurations settings
• Configure the Docker daemon options

1. Remove Docker and any previously installed podman packages.

   sudo zypper remove -y docker docker-ce podman podman-remote
   		

2. Update packages to the latest available versions.

   sudo zypper refresh
   sudo zypper update -y
   		

3. Install Docker and other required packages on SLES 15. The following command is an example of installing Docker 27.0. To install a different Docker version, replace 27.0 with your preferred version from the Support matrix.

   sudo zypper install -y curl device-mapper lvm2 net-tools docker=27.0.*
   		

   Tip

   If zypper reports that the requested Docker version isn't available, make sure the SUSE Containers Module is enabled, or refer to SUSE's documentation for adding the upstream Docker repository.

   Note

   Installation on SLES 12 SP5 is no longer covered here because SLES 12 SP5 is past general support end of life. If you're maintaining an existing SLES 12 SP5 deployment, install the last Docker version that SUSE shipped for SLES 12 SP5 and plan a migration to SLES 15.

4. Set up the OS groups and add your user.

   1. Create the elastic and docker groups if they don't already exist:

      sudo groupadd elastic
      sudo groupadd docker
      		

   2. Add the user to both groups:

      sudo usermod -aG elastic,docker $USER
      		

5. Disable nscd, which can interfere with Elastic services:

   sudo systemctl stop nscd
   sudo systemctl disable nscd
   		

XFS is required to support disk space quotas for Elasticsearch data directories. Some Linux distributions such as RHEL and Rocky Linux already provide XFS as the default file system. On SLES 15, you need to set up an XFS file system and have quotas enabled.

Disk space quotas set a limit on the amount of disk space an Elasticsearch cluster node can use. Currently, quotas are calculated by a static ratio of 1:32, which means that for every 1 GB of RAM a cluster is given, a cluster node is allowed to consume 32 GB of disk space.

Example: Set up XFS on a single, pre-partitioned block device named /dev/xvdg1. Replace /dev/xvdg1 in the following example with the corresponding device on your host.

1. Format the partition:

   sudo mkfs.xfs /dev/xvdg1
   		

2. Create the /mnt/data/ directory as a mount point:

   sudo install -o $USER -g elastic -d -m 700 /mnt/data
   		

3. Add an entry to the /etc/fstab file for the new XFS volume. The default filesystem path used by ECE is /mnt/data.

   /dev/xvdg1	/mnt/data	xfs	defaults,pquota,prjquota,x-systemd.automount  0 0
   		

4. Regenerate the mount files:

   sudo mount -a
   		

1. Stop the Docker service:

   sudo systemctl stop docker
   		

2. Enable cgroup accounting for memory and swap space.

   1. In the /etc/default/grub file, ensure that the GRUB_CMDLINE_LINUX= variable includes these values:

      cgroup_enable=memory swapaccount=1 cgroup.memory=nokmem
      		

   2. Update your Grub configuration:

      sudo update-bootloader
      		

3. Configure kernel parameters.

   cat <<EOF | sudo tee -a /etc/sysctl.conf
   # Required by Elasticsearch
   vm.max_map_count=1048576
   # enable forwarding so the Docker networking works as expected
   net.ipv4.ip_forward=1
   # Decrease the maximum number of TCP retransmissions to 5 as recommended for Elasticsearch TCP retransmission timeout.
   # See https://www.elastic.co/guide/en/elasticsearch/reference/current/system-config-tcpretries.html
   net.ipv4.tcp_retries2=5
   # Make sure the host doesn't swap too early
   vm.swappiness=1
   EOF
   		

   Important

   The net.ipv4.tcp_retries2 setting applies to all TCP connections and affects the reliability of communication with systems other than Elasticsearch clusters too. If your clusters communicate with external systems over a low quality network then you may need to select a higher value for net.ipv4.tcp_retries2.

   1. Apply the settings:

      sudo sysctl -p
      		

4. Adjust the system limits.

   Add the following configuration values to the /etc/security/limits.conf file. These values are derived from our experience with the Elastic Cloud hosted offering and should be used for ECE as well.

   Tip

   If you are using a user name other than elastic, adjust the configuration values accordingly.

   *                soft    nofile         1024000
   *                hard    nofile         1024000
   *                soft    memlock        unlimited
   *                hard    memlock        unlimited
   elastic          soft    nofile         1024000
   elastic          hard    nofile         1024000
   elastic          soft    memlock        unlimited
   elastic          hard    memlock        unlimited
   elastic          soft    nproc          unlimited
   elastic          hard    nproc          unlimited
   root             soft    nofile         1024000
   root             hard    nofile         1024000
   root             soft    memlock        unlimited
   		

5. NOTE: This step is optional if the Docker registry doesn't require authentication.

   Authenticate the elastic user to pull images from the Docker registry you use, by creating the file /home/elastic/.docker/config.json. This file needs to be owned by the elastic user. If you are using a user name other than elastic, adjust the path accordingly.

   Example: In case you use docker.elastic.co, the file content looks like as follows:

   {
    "auths": {
      "docker.elastic.co": {
        "auth": "<auth-token>"
      }
    }
   }
   		

6. If you did not create the mount point earlier (if you did not set up XFS), create the /mnt/data/ directory as a mount point:

   sudo install -o $USER -g elastic -d -m 700 /mnt/data
   		

7. If you set up a new device with XFS earlier:

   1. Mount the block device (change the device name if you use a different device than /dev/xvdg1):

      sudo mount /dev/xvdg1
      		

   2. Set the permissions on the newly mounted device:

      sudo chown $USER:elastic /mnt/data
      		

8. Create the /mnt/data/docker directory for the Docker service storage:

   sudo install -o $USER -g elastic -d -m 700 /mnt/data/docker
   		

1. Edit /etc/docker/daemon.json, and make sure that the following configuration values are present:
   

   {
     "storage-driver": "overlay2",
     "bip":"172.17.42.1/16",
     "icc": false,
     "log-driver": "json-file",
     "log-opts": {
       "max-size": "500m",
       "max-file": "10"
     },
     "data-root": "/mnt/data/docker"
   }
   		

2. The user installing ECE must have a User ID (UID) and Group ID (GID) of 1000 or higher. Make sure that the GID matches the ID of the elastic group created earlier (likely to be 1000). You can set this using the following command:

   sudo usermod -g <elastic_group_gid> $USER
   		

3. Apply the updated Docker daemon configuration:

   • Reload the Docker daemon configuration:

     sudo systemctl daemon-reload
     		

   • Restart the Docker service:

     sudo systemctl restart docker
     		

   • Enable Docker to start on boot:

     sudo systemctl enable docker
     		

4. Recommended: Tune your network settings.

   Create a 70-cloudenterprise.conf file in the /etc/sysctl.d/ file path that includes these network settings:

   cat << SETTINGS | sudo tee /etc/sysctl.d/70-cloudenterprise.conf
   net.ipv4.tcp_max_syn_backlog=65536
   net.core.somaxconn=32768
   net.core.netdev_max_backlog=32768
   net.ipv4.tcp_keepalive_time=1800
   net.netfilter.nf_conntrack_tcp_timeout_established=7200
   net.netfilter.nf_conntrack_max=262140
   SETTINGS
   		

   Note

   According to Elasticsearch networking settings, Elasticsearch overrides TCP keepalive settings at the socket level for its own connections:

   • If system-level values exceed 300 seconds, Elasticsearch automatically lowers them to 300 seconds.
   • Values below 300 seconds are used as-is.

   For non-Elasticsearch connections such as the proxy layer, consider reducing the following TCP keepalive parameters to detect stale network sessions and prevent firewalls from dropping silent connections:

   • net.ipv4.tcp_keepalive_time
   • net.ipv4.tcp_keepalive_intvl
   • net.ipv4.tcp_keepalive_probes

   1. Ensure settings in /etc/sysctl.d/*.conf are applied on boot:

      SCRIPT_LOCATION="/var/lib/cloud/scripts/per-boot/00-load-sysctl-settings"
      sudo sh -c "cat << EOF > ${SCRIPT_LOCATION}
      #!/bin/bash
      
      set -x
      
      lsmod | grep ip_conntrack || modprobe ip_conntrack
      
      sysctl --system
      EOF
      "
      sudo chmod +x ${SCRIPT_LOCATION}
      		

5. Reboot your system to ensure that all configuration changes take effect:

   sudo reboot
   		

6. If the Docker daemon is not already running, start it:

   sudo systemctl start docker
   		

7. After rebooting, verify that your Docker settings persist as expected:

   sudo docker info | grep Root
   		

   If the command returns Docker Root Dir: /mnt/data/docker, then your changes were applied successfully and persist as expected.

   If the command returns Docker Root Dir: /var/lib/docker, then you need to troubleshoot the previous configuration steps until the Docker settings are applied successfully before continuing with the installation process. For more information, check Custom Docker daemon options in the Docker documentation.

8. Repeat these steps on other hosts that you want to use with ECE or follow the steps in the next section to start installing Elastic Cloud Enterprise.