ClearML/clearml-server
1
0
Fork 0
mirror of https://github.com/clearml/clearml-server synced 2025-03-03 10:43:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add precautionary mitigation for Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31

Browse Source
This commit is contained in:
allegroai 2021-12-14 15:15:11 +02:00
parent e352a6a1e7
commit cfccbe05c1
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docker/docker-compose.yml
View File

@ -39,7 +39,7 @@ services:
- backend - backend
container_name: clearml-elastic container_name: clearml-elastic
environment: environment:
ES_JAVA_OPTS: -Xms2g -Xmx2g ES_JAVA_OPTS: -Xms2g -Xmx2g -Dlog4j2.formatMsgNoLookups=true
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD} ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
bootstrap.memory_lock: "true" bootstrap.memory_lock: "true"
cluster.name: clearml cluster.name: clearml
@ -123,7 +123,9 @@ services:
- backend - backend
container_name: clearml-agent-services container_name: clearml-agent-services
image: allegroai/clearml-agent-services:latest image: allegroai/clearml-agent-services:latest
restart: unless-stopped deploy:
restart_policy:
condition: on-failure
privileged: true privileged: true
environment: environment:
CLEARML_HOST_IP: ${CLEARML_HOST_IP} CLEARML_HOST_IP: ${CLEARML_HOST_IP}
@ -144,6 +146,7 @@ services:
GOOGLE_APPLICATION_CREDENTIALS: ${GOOGLE_APPLICATION_CREDENTIALS:-} GOOGLE_APPLICATION_CREDENTIALS: ${GOOGLE_APPLICATION_CREDENTIALS:-}
CLEARML_WORKER_ID: "clearml-services" CLEARML_WORKER_ID: "clearml-services"
CLEARML_AGENT_DOCKER_HOST_MOUNT: "/opt/clearml/agent:/root/.clearml" CLEARML_AGENT_DOCKER_HOST_MOUNT: "/opt/clearml/agent:/root/.clearml"
SHUTDOWN_IF_NO_ACCESS_KEY: 1
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /opt/clearml/agent:/root/.clearml - /opt/clearml/agent:/root/.clearml