replace performance analyzer with telemetry-otel & address PR feedback

Author: labrenbe

CHANGELOG.md

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Added
+
+- opensearch: Add Opensearch as new product with version `3.1.0` ([#1215]).
+
+[#1215]: https://github.com/stackabletech/docker-images/pull/1215
+
 ## [25.7.0] - 2025-07-23
 
 ## [25.7.0-rc1] - 2025-07-18
@@ -65,7 +71,6 @@ All notable changes to this project will be documented in this file.
 - hadoop: backport HADOOP-19352, HADOOP-19335, HADOOP-19465, HADOOP-19456 and HADOOP-19225 to fix vulnerabilities in Hadoop `3.4.1` ([#1184])
 - hadoop: Backport HADOOP-18583 to make OpenSSL 3.x work with the native hadoop libraries ([#1209]).
 - spark: backport [SPARK-51311] Promote bcprov-jdk18on to compile scope ([#1212]).
-- opensearch: Add Opensearch as new product with version `3.1.0` ([#1215]).
 
 ### Changed
 
@@ -230,7 +235,6 @@ All notable changes to this project will be documented in this file.
 [#1197]: https://github.com/stackabletech/docker-images/pull/1197
 [#1209]: https://github.com/stackabletech/docker-images/pull/1209
 [#1212]: https://github.com/stackabletech/docker-images/pull/1212
-[#1215]: https://github.com/stackabletech/docker-images/pull/1215
 
 ## [25.3.0] - 2025-03-21
 

conf.py

@@ -33,9 +33,6 @@
 opensearch_security_plugin = importlib.import_module(
     "opensearch.security-plugin.versions"
 )
-opensearch_performance_analyzer = importlib.import_module(
-    "opensearch.performance-analyzer.versions"
-)
 spark_k8s = importlib.import_module("spark-k8s.versions")
 stackable_base = importlib.import_module("stackable-base.versions")
 stackable_devel = importlib.import_module("stackable-devel.versions")
@@ -78,10 +75,6 @@
         "name": "opensearch/security-plugin",
         "versions": opensearch_security_plugin.versions,
     },
-    {
-        "name": "opensearch/performance-analyzer",
-        "versions": opensearch_performance_analyzer.versions,
-    },
     {"name": "spark-k8s", "versions": spark_k8s.versions},
     {"name": "stackable-base", "versions": stackable_base.versions},
     {"name": "stackable-devel", "versions": stackable_devel.versions},
@@ -109,6 +102,7 @@
     "kafka": {"id": "625ff25b91bdcd4b49c823a4"},
     "nifi": {"id": "625586a32e9e14bc8118e203"},
     "opa": {"id": "6255838bea1feb8bec4aaaa3"},
+    "opensearch": {"id": "6880fe690db664aa303d3a28"},
     "spark-k8s": {"id": "62613e81f8ce82a2f247dda5"},
     "superset": {"id": "62557e5fea1feb8bec4aaaa0"},
     "tools": {"id": "62557cd575ab7e30884aaaa0"},

jdk-base/Dockerfile

@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.10.0@sha256:865e5dd094beca432e8c0a1d5e1c465db5f998dca4e439981029b3b81fb39ed5
+# syntax=docker/dockerfile:1.16.0@sha256:e2dd261f92e4b763d789984f6eab84be66ab4f5f08052316d8eb8f173593acf7
 # check=error=true
 
 #

opensearch/Dockerfile

@@ -1,11 +1,12 @@
+# syntax=docker/dockerfile:1.16.0@sha256:e2dd261f92e4b763d789984f6eab84be66ab4f5f08052316d8eb8f173593acf7
+# check=error=true
+
 FROM stackable/image/opensearch/security-plugin AS opensearch-security-plugin
-FROM stackable/image/opensearch/performance-analyzer AS opensearch-performance-analyzer
 FROM stackable/image/java-devel AS opensearch-builder
 
 ARG PRODUCT
 ARG RELEASE
 ARG OPENSEARCH_SECURITY_PLUGIN
-ARG OPENSEARCH_PERFORMANCE_ANALYZER
 ARG STACKABLE_USER_UID
 
 WORKDIR /stackable
@@ -28,38 +29,22 @@ cd "$(/stackable/patchable --images-repo-root=src checkout opensearch ${PRODUCT}
 NEW_VERSION="${PRODUCT}-stackable${RELEASE}"
 # Create snapshot of the source code including custom patches
 tar -czf /stackable/opensearch-${NEW_VERSION}-src.tar.gz .
-./gradlew clean localDistro -Dbuild.snapshot=false
+if [[ $(uname -m) == "arm64" ]]
+then
+    ./scripts/build.sh -v ${PRODUCT} -s false -a arm64
+    tar -xzf artifacts/dist/opensearch-min-${PRODUCT}-linux-arm64.tar.gz -C /stackable
+else
+    ./scripts/build.sh -v ${PRODUCT} -s false -a x64
+    tar -xzf artifacts/dist/opensearch-min-${PRODUCT}-linux-x64.tar.gz -C /stackable
+fi
+unzip artifacts/core-plugins/repository-s3-${PRODUCT}.zip -d /stackable/opensearch-${PRODUCT}/plugins/repository-s3/
+mv /stackable/opensearch-${PRODUCT}/plugins/repository-s3/config /stackable/opensearch-${PRODUCT}/config/repository-s3
+unzip artifacts/core-plugins/telemetry-otel-${PRODUCT}.zip -d /stackable/opensearch-${PRODUCT}/plugins/telemetry-otel/
+mv /stackable/opensearch-${PRODUCT}/plugins/telemetry-otel/config /stackable/opensearch-${PRODUCT}/config/telemetry-otel
 ./gradlew cyclonedxBom --warning-mode=summary -Dbuild.snapshot=false
-cp -r build/distribution/local/opensearch-${PRODUCT} /stackable/opensearch
-cp distribution/docker/src/docker/bin/docker-entrypoint.sh /stackable/opensearch/opensearch-docker-entrypoint.sh
-# repository-s3 plugin
-cd plugins/repository-s3
-../../gradlew clean assemble -Dbuild.snapshot=false
-mkdir /stackable/opensearch/plugins/repository-s3
-cp build/distributions/repository-s3-${PRODUCT}.zip /stackable/opensearch/plugins/repository-s3/repository-s3-${PRODUCT}.zip
-cp -r config/repository-s3 /stackable/opensearch/config/repository-s3
-cd /stackable/opensearch/plugins/repository-s3
-unzip repository-s3-${PRODUCT}.zip
-rm repository-s3-${PRODUCT}.zip
-# Fix an error where OpenSearch running in a container is denied access to swap space size
-sed -i -e 's/OPENSEARCH_DISTRIBUTION_TYPE=tar/OPENSEARCH_DISTRIBUTION_TYPE=docker/' /stackable/opensearch/bin/opensearch-env
-EOF
-
-WORKDIR /stackable/opensearch-performance-analyzer
-COPY \
-    --chown=${STACKABLE_USER_UID}:0 \
-    --from=opensearch-performance-analyzer \
-    /stackable/src/opensearch/performance-analyzer/patchable-work/worktree/${OPENSEARCH_PERFORMANCE_ANALYZER}/build/distributions/opensearch-performance-analyzer-${OPENSEARCH_PERFORMANCE_ANALYZER}.zip \
-    opensearch-performance-analyzer-${OPENSEARCH_PERFORMANCE_ANALYZER}.zip
-COPY \
-    --chown=${STACKABLE_USER_UID}:0 \
-    --from=opensearch-performance-analyzer \
-    /stackable/src/opensearch/performance-analyzer/patchable-work/worktree/${OPENSEARCH_PERFORMANCE_ANALYZER}/config \
-    /stackable/opensearch/config/opensearch-performance-analyzer
-
-RUN <<EOF
-unzip opensearch-performance-analyzer-${OPENSEARCH_PERFORMANCE_ANALYZER}.zip
-rm opensearch-performance-analyzer-${OPENSEARCH_PERFORMANCE_ANALYZER}.zip
+cp distribution/docker/src/docker/bin/docker-entrypoint.sh /stackable/opensearch-${PRODUCT}/opensearch-docker-entrypoint.sh
+# Tell OpenSearch it is running in a container
+sed -i -e 's/OPENSEARCH_DISTRIBUTION_TYPE=tar/OPENSEARCH_DISTRIBUTION_TYPE=docker/' /stackable/opensearch-${PRODUCT}/bin/opensearch-env
 EOF
 
 WORKDIR /stackable/opensearch-security
@@ -72,10 +57,10 @@ COPY \
 RUN <<EOF
 unzip opensearch-security-${OPENSEARCH_SECURITY_PLUGIN}.zip
 rm opensearch-security-${OPENSEARCH_SECURITY_PLUGIN}.zip
-mv config /stackable/opensearch/config/opensearch-security
+mv config /stackable/opensearch-${PRODUCT}/config/opensearch-security
 EOF
 
-WORKDIR /stackable/opensearch
+WORKDIR /stackable/opensearch-${PRODUCT}
 
 RUN <<EOF
 # The JDK from jdk-base is used instead.
@@ -85,10 +70,9 @@ rm -r jdk
 # the size of the final image.
 # see https://github.com/stackabletech/docker-images/issues/961
 chmod -R g=u "${HOME}"
-chmod +x /stackable/opensearch/opensearch-docker-entrypoint.sh
+chmod +x /stackable/opensearch-${PRODUCT}/opensearch-docker-entrypoint.sh
 EOF
 
-
 # The OpenSearch Performance Analyzer needs a JDK, not just a JRE.
 # With a JRE, the following exception is thrown:
 # java.lang.ClassNotFoundException: com.sun.tools.attach.VirtualMachine
@@ -97,19 +81,21 @@ FROM stackable/image/jdk-base
 ARG PRODUCT
 ARG RELEASE
 ARG OPENSEARCH_SECURITY_PLUGIN
-ARG OPENSEARCH_PERFORMANCE_ANALYZER
 ARG STACKABLE_USER_UID
 
 ARG NAME="OpenSearch"
-ARG DESCRIPTION="This image is deployed by a custom Helm Chart"
+ARG DESCRIPTION="This image is deployed by the Stackable Operator for OpenSearch."
 ARG HOME=/stackable
 ARG OPENSEARCH_HOME=${HOME}/opensearch
 
-LABEL name="${NAME}"
-LABEL version="${PRODUCT}"
-LABEL release="${RELEASE}"
-LABEL summary="The Stackable image for OpenSearch"
-LABEL description="${DESCRIPTION}"
+LABEL \
+  name="OpenSearch" \
+  maintainer="[email protected]" \
+  vendor="Stackable GmbH" \
+  version="${PRODUCT}" \
+  release="${RELEASE}" \
+  summary="The Stackable image for OpenSearch." \
+  description="This image is deployed by the Stackable Operator for OpenSearch."
 
 # https://github.com/opencontainers/image-spec/blob/036563a4a268d7c08b51a08f05a02a0fe74c7268/annotations.md#annotations
 LABEL org.opencontainers.image.version="${PRODUCT}"
@@ -120,18 +106,13 @@ LABEL org.opencontainers.image.description="${DESCRIPTION}"
 COPY \
     --chown=${STACKABLE_USER_UID}:0 \
     --from=opensearch-builder \
-    /stackable/opensearch \
+    /stackable/opensearch-${PRODUCT} \
     /stackable/opensearch-${PRODUCT}-stackable${RELEASE}
 COPY \
     --chown=${STACKABLE_USER_UID}:0 \
     --from=opensearch-builder \
     /stackable/opensearch-security \
     /stackable/opensearch-${PRODUCT}-stackable${RELEASE}/plugins/opensearch-security
-COPY \
-    --chown=${STACKABLE_USER_UID}:0 \
-    --from=opensearch-builder \
-    /stackable/opensearch-performance-analyzer \
-    /stackable/opensearch-${PRODUCT}-stackable${RELEASE}/plugins/opensearch-performance-analyzer
 COPY \
     --chown=${STACKABLE_USER_UID}:0 \
     --from=opensearch-builder \
@@ -142,11 +123,6 @@ COPY \
     --from=opensearch-security-plugin \
     /stackable/opensearch-security-${OPENSEARCH_SECURITY_PLUGIN}-stackable${RELEASE}-src.tar.gz \
     /stackable
-COPY \
-    --chown=${STACKABLE_USER_UID}:0 \
-    --from=opensearch-performance-analyzer \
-    /stackable/opensearch-performance-analyzer-${OPENSEARCH_PERFORMANCE_ANALYZER}-stackable${RELEASE}-src.tar.gz \
-    /stackable
 COPY \
     --chown=${STACKABLE_USER_UID}:0 \
     --from=opensearch-builder \
@@ -157,11 +133,6 @@ COPY \
     --from=opensearch-security-plugin \
     /stackable/src/opensearch/security-plugin/patchable-work/worktree/${OPENSEARCH_SECURITY_PLUGIN}/build/reports/bom.json \
     /stackable/opensearch-security-${OPENSEARCH_SECURITY_PLUGIN}-stackable${RELEASE}.cdx.json
-COPY \
-    --chown=${STACKABLE_USER_UID}:0 \
-    --from=opensearch-performance-analyzer \
-    /stackable/src/opensearch/performance-analyzer/patchable-work/worktree/${OPENSEARCH_PERFORMANCE_ANALYZER}/build/reports/bom.json \
-    /stackable/opensearch-performance-analyzer-${OPENSEARCH_PERFORMANCE_ANALYZER}-stackable${RELEASE}.cdx.json
 RUN <<EOF
 microdnf update
 microdnf clean all
@@ -175,11 +146,24 @@ ln -s /stackable/opensearch-${PRODUCT}-stackable${RELEASE} ${OPENSEARCH_HOME}
 chown -h ${STACKABLE_USER_UID}:0 ${OPENSEARCH_HOME}
 EOF
 
+# ----------------------------------------
+# Checks
+# This section is to run final checks to ensure the created final images
+# adhere to several minimal requirements like:
+# - check file permissions and ownerships
+# ----------------------------------------
+
+# Check that permissions and ownership in /stackable are set correctly
+# This will fail and stop the build if any mismatches are found.
+RUN <<EOF
+/bin/check-permissions-ownership.sh /stackable ${STACKABLE_USER_UID} 0
+EOF
+
 USER ${STACKABLE_USER_UID}
+
 ENV HOME=${HOME}
 ENV OPENSEARCH_HOME=${OPENSEARCH_HOME}
 ENV PATH="${PATH}:/${OPENSEARCH_HOME}:${OPENSEARCH_HOME}/bin"
-ENV OPENSEARCH_CONTAINER=true
 
 WORKDIR ${OPENSEARCH_HOME}
 CMD ["./opensearch-docker-entrypoint.sh"]

opensearch/performance-analyzer/Dockerfile

@@ -1,3 +1,6 @@
+# syntax=docker/dockerfile:1.16.0@sha256:e2dd261f92e4b763d789984f6eab84be66ab4f5f08052316d8eb8f173593acf7
+# check=error=true
+
 FROM stackable/image/java-devel AS security-plugin-builder
 
 ARG PRODUCT