Skip to main content

How to deply Elasticsearch and Kibana (elastic stack 7.14) in docker

How to deploy Elasticsearch and kibana in docker?

I will use docker-compose to fast deploy Elastic stack version 7.14.

1'st step:

Install docker on your machine :)

2'nd Step:

Generate certificate using any tool with what you know how to use. I used CA cert and elastic host cert for both elasticsearch and kibana. Elastic provides tool to generate certificates called  elasticsearch-certutil and you can run it from location /usr/share/elasticsearch/bin (After installing elasticsearch).

3'rd step:

After first run generate users and passwords. You can add new user with superuser role or use tool provided by elastic team (/usr/share/elasticsearch/bin/elasticsearch-setup-passwords). I used tool from elastic team because it can generate passwords for all built-in accounts.

4'th step:

Create all paths:

/docker/es01/data

/docker/es01/config/

And files:

ca.crt, pn.crt, pn.key

5'th step:

Change IP address, passwords and keys in config:

HOST_IP, Password_for_kibana_system, 32characterKey

Docker-compose.yaml:

version: '3'
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.14.0
container_name: es01
environment:
- node.name=es01
- cluster.name=elk
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms2g -Xmx2g"
- http.port=9201
- network.host=HOST_IP
- xpack.security.enabled=true
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=pn.key
- xpack.security.http.ssl.certificate_authorities=ca.crt
- xpack.security.http.ssl.certificate=pn.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.certificate_authorities=ca.crt
- xpack.security.transport.ssl.certificate=pn.crt
- xpack.security.transport.ssl.key=pn.key
- xpack.security.authc.api_key.enabled=true
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65535
hard: 65535

volumes:
- /docker/es01/data:/usr/share/elasticsearch/data
- /docker/es01/config/pn.crt:/usr/share/elasticsearch/config/pn.crt
- /docker/es01/config/pn.key:/usr/share/elasticsearch/config/pn.key
- /docker/es01/config/ca.crt:/usr/share/elasticsearch/config/ca.crt
restart: always
network_mode: "host"

kib01:
image: docker.elastic.co/kibana/kibana:7.14.0
container_name: kib01
environment:
ELASTICSEARCH_URL: "https://HOST_IP:9201"
ELASTICSEARCH_HOSTS: '["https://HOST_IP:9201"]'
ELASTICSEARCH_USERNAME: "kibana_system"
ELASTICSEARCH_PASSWORD: "Password_for_kibana_system"
XPACK_MONITORING_ENABLED: "true"
XPACK_MONITORING_COLLECTION_ENABLED: "true"

XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: "32characterKey"
XPACK_REPORTING_ENCRYPTIONKEY: "32characterKey"
ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: /usr/share/kibana/config/ca.crt
SERVER_PORT: '5601'
ELASTICSEARCH_REQUESTTIMEOUT: 300000
volumes:
- /docker/es01/config/ca.crt:/usr/share/kibana/config/ca.crt
restart: always
network_mode: "host"

This is all you need to setup single node cluster.

Comments

  1. inderjitvacura5 March 2022 at 11:04

    Iron Stinger of T-Shirt - The T-Shirt - The T-Shirt - The
    Iron Stinger of T-Shirt. Sleeve length: 20 titanium wok cm titanium welder (4 x 2020 edge titanium 7 cm). This black titanium fallout 76 is an titanium easy flux 125 elegant classic. · Material: Stainless steel.

    ReplyDelete
  2. Buffalo GFE16 November 2024 at 06:36

    Hi thanks for shharing this

    ReplyDelete

Post a Comment

Popular posts from this blog

Installing Elastic STACK

Fast elastic install script:    #!/bin/bash # Add users sudo addgroup operator_user sudo useradd operator_user-s /bin/bash -m -g operator_user -G sudo -p operator_password # add  APT keys and sources wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list    # apt update && install all components sudo apt-get update && sudo apt-get install -y apt-transport-https nano unzip ntpdate htop bwm-ng nfs-common   elasticsearch    && sudo apt upgrade -y   #restart service daemon sudo /bin/systemctl daemon-reload sudo /bin/systemctl enable elasticsearch.service   # configure elastic host sudo mv /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.old echo " cluster.name: homenet node.name: $HOSTNAME node.attr.allocation: ...
2 comments
Read more