Docker

Crystalline is primarily made to be deployed to a container runtime such as Docker or Podman.

The container is built with 3 mountpoints to be configured, These are:

• /data - This is where Crystalline will store all log events and where the index files are stored.
• /config - This is where Crystalline will look for and save its configuration database.
• /cache - This is where Crystalline will store temporary data such as search results, this is usually fine to be a tmpfs mountpoint; but if individual searches produce a very large number of results then you may want to consider using a persistent storage device for this directory.

Example compose file

version: "3"
services:
  crystalline:
    image: codeberg.org/kryesh/crystalline:latest
    hostname: crystalline
    restart: unless-stopped
    volumes:
      - crystalline_data:/data
      - crystalline_config:/config
      - type: tmpfs
        target: /cache
    ports:
      - 8080:8080
    environment:
      - CRYSTALLINE_BATCH_SIZE=500
      - CRYSTALLINE_PARALLEL_BUCKET_READERS=4
      - CRYSTALLINE_PARALLEL_BUCKET_WRITERS=4
      - CRYSTALLINE_SCALE_FACTOR=4
      - CRYSTALLINE_WRITER_WORKER_MEM=16
      - CRYSTALLINE_WRITER_WORKER_THREADS=4
      - CRYSTALLINE_IDLE_WRITER_TIMEOUT=5
      - CRYSTALLINE_COMMIT_INTERVAL=5
      - CRYSTALLINE_SEARCH_JOB_TTL=7200
volumes:
  crystalline_data:
  crystalline_config: