Advice on Docker ELKv6.6.1 Authentication

Ramakrishna_Satti · March 11, 2019, 4:28am

I am not able to setup passwords for Kibana and ElastiCsearch. Please see below docker-compose.yml. I would appreciate if someone could put me in right direction?
Use Case: I would like to setup authentication/login for Kibana and Elastic Search.

version: '3.6'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.6.1
    container_name: elasticsearch
    environment:
      - "discovery.type=single-node"
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - "ELASTIC_PASSWORD=MagicWord"
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
    volumes:
      - esdata:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
      - 9300:9300
  kibana:
    image: docker.elastic.co/kibana/kibana:6.6.1
    container_name: kibana
    environment:
      SERVER_NAME: localhost
      ELASTICSEARCH_URL: http://elasticsearch:9200/
      elasticsearch.username: "kibana"
      elasticsearch.password: "kibanapassword"
    ports:
      - 5601:5601
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
volumes:
  esdata:

Note: fyi, i posted this query on stackoverflow forum

tsullivan · March 15, 2019, 5:08pm

The kibana service environment variables should be uppercased and dot replaced with an underscore. Here's what mine looks like (using docker compose version 2.2)

  kibana:
    image: "docker.elastic.co/kibana/kibana:6.6.2"
    env_file: [".env"]
    volumes: ["./cert-bundle:$KBN_CERTS_DIR"]
    environment:
      - "SERVER_BASEPATH=/kibana"
      - "SERVER_HOST=kibana"
      - "LOGGING_VERBOSE=true"
      - "ELASTICSEARCH_URL=$ELASTICSEARCH_URL"
      - "ELASTICSEARCH_USERNAME=$KBN_ES_USERNAME"
      - "ELASTICSEARCH_PASSWORD=$KBN_ES_PASSWORD"
      - "ELASTICSEARCH_SSL_KEY=$KBN_CERTS_DIR/kibana.key"
      - "ELASTICSEARCH_SSL_CERTIFICATE=$KBN_CERTS_DIR/kibana.crt"
      - "ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=$KBN_CERTS_DIR/ca/kibana-ca.crt"
      - "ELASTICSEARCH_SSL_VERIFICATIONMODE=certificate"
      - "XPACK_REPORTING_ENCRYPTIONKEY=$SESSION_SECRET"
      - "XPACK_SECURITY_ENCRYPTIONKEY=$SESSION_SECRET"

BTW I prefer having passwords in a separate file called .env, so that I can commit my docker-compose.yml file into a git repo, but I don't have to have my passwords in the git repo. The .env file is listed in my .gitignore

system · April 12, 2019, 5:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Set Password and user with Docker-compose Elasticsearch docker	11	62275	May 1, 2020
Problems spinning up the docker compose example Elasticsearch elastic-stack-security , docker	3	622	July 16, 2023
ELK version 8.7.0 with mysql using docker compose Elasticsearch elastic-stack-security , docker	14	959	June 22, 2023
Upgrade elk started with docker-compose Elasticsearch docker	5	502	October 3, 2022
Kibana and logstash can't run using docker-compose Elasticsearch docker	2	359	May 16, 2023

Advice on Docker ELKv6.6.1 Authentication

Related Topics