Increase the limit of the mmap counts for Elasticsearch service.

Bootstrap checks failed due to max virtual memory areas vm.max_map_count [65530] is too low is a common issue.

$ sudo docker run --rm --name elasticsearch docker.elastic.co/elasticsearch/elasticsearch:8.2.3
{"@timestamp":"2022-06-23T20:50:59.580Z", "log.level": "INFO", "message":"version[8.2.3], pid[7], build[default/docker/9905bfb62a3f0b044948376b4f607f70a8a151b4/2022-06-08T22:21:36.455508792Z], OS[Linux/5.15.0-39-generic/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/18.0.1.1/18.0.1.1+2-6]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"0495db0dbeec","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2022-06-23T20:50:59.584Z", "log.level": "INFO", "message":"JVM home [/usr/share/elasticsearch/jdk], using bundled JDK [true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"0495db0dbeec","elasticsearch.cluster.name":"docker-cluster"}
[...]
ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
ERROR: Elasticsearch did not exit normally - check the logs at /usr/share/elasticsearch/logs/docker-cluster.log
[...]

The default limit of the mmap counts is definitely too low for Elasticsearch service.

$ sysctl vm.max_map_count
vm.max_map_count = 65530

Increase it to avoid running out of map areas.

$ echo "vm.max_map_count=262144" | sudo tee /etc/sysctl.d/90-max_map_count.conf
vm.max_map_count=262144
$ sudo sysctl --load /etc/sysctl.d/90-max_map_count.conf

Now, the container will start as expected.

$ sudo docker run --detach --name elasticsearch  --env "ELASTIC_PASSWORD=secret" \
                  docker.elastic.co/elasticsearch/elasticsearch:8.2.3
a67038f591a032d218ab03348e32a7f12e6c05cc5f9f346a7cb5ba441d5f63a7
$ sudo docker ps
CONTAINER ID   IMAGE                                                 COMMAND                  CREATED          STATUS                PORTS                                       NAMES
a67038f591a0   docker.elastic.co/elasticsearch/elasticsearch:8.2.3   "/bin/tini -- /usr/l…"   14 seconds ago   Up 14 seconds         9200/tcp, 9300/tcp                          elasticsearch

Determine elasticsearch IP address.

$ sudo docker inspect a67038f591a0  --format '{{ .NetworkSettings.IPAddress }}'
172.17.0.4

Check elasticsearch service.

$ curl --insecure -u elastic:secret https://172.17.0.4:9200/
{
  "name" : "a67038f591a0",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "8A6Tz4hNTWu0o_QwGmOnqg",
  "version" : {
    "number" : "8.2.3",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "9905bfb62a3f0b044948376b4f607f70a8a151b4",
    "build_date" : "2022-06-08T22:21:36.455508792Z",
    "build_snapshot" : false,
    "lucene_version" : "9.1.0",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}
ko-fi