Menu
I am using a Docker image of Elasticsearch v.6.2.4. My problem is that X-Pack is installed, but it is not asking for credentials.
I know that X-Pack is installed as you can see below:
907
Elasticsearch security features that come with Xpack are not for free, there is a trial version for a month and then a paid version.
But according to this elastic blog, it is for free starting in versions (6.8.0 and 7.1.0).
I write this answer to activate free Elasticsearch security features with docker-compose.
Remember that when using the below code, both Kibana and Elasticsearch node are secure with username and password, so rest client that access Elasticsearch must have the credential, this answer will help.
That's my code:
version: '3'
services:
create_certs:
container_name: create_certs
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.0
command: >
bash -c '
if [[ ! -f ./config/certificates/elastic-certificates.p12 ]]; then
bin/elasticsearch-certutil cert -out config/certificates/elastic-certificates.p12 -pass ""
fi;
chown -R 1000:0 /usr/share/elasticsearch/config/certificates
'
user: "0"
working_dir: /usr/share/elasticsearch
volumes: ['certs:/usr/share/elasticsearch/config/certificates']
elasticsearch:
container_name: elasticsearch
depends_on: [create_certs]
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.0
environment:
- cluster.name=docker-cluster
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- ELASTIC_PASSWORD=MyPassword # password for default user: elastic
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.keystore.path=/usr/share/elasticsearch/config/certificates/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=/usr/share/elasticsearch/config/certificates/elastic-certificates.p12
volumes: ['esdata:/usr/share/elasticsearch/data', 'certs:/usr/share/elasticsearch/config/certificates']
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
ports:
- "9200:9200"
kibana:
container_name: kibana
depends_on: [elasticsearch]
image: docker.elastic.co/kibana/kibana:6.8.0
environment:
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=MyPassword
ports:
- "5601:5601"
volumes: {"esdata", "certs"}
Change elasticsearch environment to "ELASTIC_USERNAME" and "ELASTIC_PASSWORD" for elasticsearch:7.14.0
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.14.0
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
ports:
- 32769:9200
- 32770:9300
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.14.0
container_name: kibana
environment:
- ELASTICSEARCH_URL="http://elasticsearch:9200"
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=MagicWord
- xpack.security.enabled=true
links:
- elasticsearch
ports:
- 5601:5601
networks:
- elastic
depends_on:
- elasticsearch
networks:
elastic:
driver: bridge
Update the environment variables t enable true
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
Here is the sample, docker-compose.yml file for the elasticseaarch and kibana
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.16.2
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
ports:
- 9200:9200
- 9300:9300
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.16.2
container_name: kibana
environment:
- ELASTICSEARCH_URL="http://elasticsearch:9200"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
links:
- elasticsearch
ports:
- 5601:5601
networks:
- elastic
depends_on:
- elasticsearch
networks:
elastic:
driver: bridge
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
