diff --git a/docs/reference/setup/install/docker.asciidoc b/docs/reference/setup/install/docker.asciidoc index ed4fda82b1149..713298018f255 100644 --- a/docs/reference/setup/install/docker.asciidoc +++ b/docs/reference/setup/install/docker.asciidoc @@ -141,10 +141,10 @@ start the new node with the generated enrollment token. -- .Generating enrollment tokens **** -The enrollment token is valid for 30 minutes. If you need to generate a +The enrollment token is valid for 30 minutes. If you need to generate a new enrollment token, run the <> tool on your -existing node. This tool is available in the {es} `bin` directory of the Docker +existing node. This tool is available in the {es} `bin` directory of the Docker container. For example, run the following command on the existing `es01` node to @@ -158,7 +158,7 @@ docker exec -it es01 /usr/share/elasticsearch/bin/elasticsearch-create-enrollmen -- . In the terminal where you started your first node, copy the generated -enrollment token for adding new {es} nodes. +enrollment token for adding new {es} nodes. . On your new node, start {es} and include the generated enrollment token. + @@ -445,11 +445,17 @@ chmod g+rwx esdatadir chgrp 0 esdatadir -------------------------------------------- -You can also run an {es} container using both a custom UID and GID. Unless you -bind-mount each of the `config`, `data` and `logs` directories, you must pass -the command line option `--group-add 0` to `docker run`. This ensures that the user -under which {es} is running is also a member of the `root` (GID 0) group inside the -container. +You can also run an {es} container using both a custom UID and GID. You +must ensure that file permissions will not prevent {es} from executing. You +can use one of two options: + +* Bind-mount the `config`, `data` and `logs` + directories. If you intend to install plugins and prefer not to + <<_c_customized_image, create a custom Docker image>>, you must also + bind-mount the `plugins` directory. +* Pass the `--group-add 0` command line option to `docker run`. This + ensures that the user under which {es} is running is also a member of the + `root` (GID 0) group inside the container. ===== Increase ulimits for nofile and nproc