Advice on Docker ELKv6.6.1 Authentication

Ramakrishna_Satti · March 11, 2019, 4:28am

I am not able to setup passwords for Kibana and ElastiCsearch. Please see below docker-compose.yml. I would appreciate if someone could put me in right direction?
Use Case: I would like to setup authentication/login for Kibana and Elastic Search.

version: '3.6'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.6.1
    container_name: elasticsearch
    environment:
      - "discovery.type=single-node"
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - "ELASTIC_PASSWORD=MagicWord"
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
    volumes:
      - esdata:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
      - 9300:9300
  kibana:
    image: docker.elastic.co/kibana/kibana:6.6.1
    container_name: kibana
    environment:
      SERVER_NAME: localhost
      ELASTICSEARCH_URL: http://elasticsearch:9200/
      elasticsearch.username: "kibana"
      elasticsearch.password: "kibanapassword"
    ports:
      - 5601:5601
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
volumes:
  esdata:

Note: fyi, i posted this query on stackoverflow forum

tsullivan · March 15, 2019, 5:08pm

The kibana service environment variables should be uppercased and dot replaced with an underscore. Here's what mine looks like (using docker compose version 2.2)

  kibana:
    image: "docker.elastic.co/kibana/kibana:6.6.2"
    env_file: [".env"]
    volumes: ["./cert-bundle:$KBN_CERTS_DIR"]
    environment:
      - "SERVER_BASEPATH=/kibana"
      - "SERVER_HOST=kibana"
      - "LOGGING_VERBOSE=true"
      - "ELASTICSEARCH_URL=$ELASTICSEARCH_URL"
      - "ELASTICSEARCH_USERNAME=$KBN_ES_USERNAME"
      - "ELASTICSEARCH_PASSWORD=$KBN_ES_PASSWORD"
      - "ELASTICSEARCH_SSL_KEY=$KBN_CERTS_DIR/kibana.key"
      - "ELASTICSEARCH_SSL_CERTIFICATE=$KBN_CERTS_DIR/kibana.crt"
      - "ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=$KBN_CERTS_DIR/ca/kibana-ca.crt"
      - "ELASTICSEARCH_SSL_VERIFICATIONMODE=certificate"
      - "XPACK_REPORTING_ENCRYPTIONKEY=$SESSION_SECRET"
      - "XPACK_SECURITY_ENCRYPTIONKEY=$SESSION_SECRET"

BTW I prefer having passwords in a separate file called .env, so that I can commit my docker-compose.yml file into a git repo, but I don't have to have my passwords in the git repo. The .env file is listed in my .gitignore

system · April 12, 2019, 5:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to configure username and password in kibana in docker-compose.yml Kibana elastic-stack-security	2	3042	December 7, 2019
Set Password and user with Docker-compose Elasticsearch docker	11	62843	May 1, 2020
Problems spinning up the docker compose example Elasticsearch elastic-stack-security , docker	3	636	July 16, 2023
ELK version 8.7.0 with mysql using docker compose Elasticsearch elastic-stack-security , docker	14	963	June 22, 2023
Upgrade elk started with docker-compose Elasticsearch docker	5	502	October 3, 2022

Advice on Docker ELKv6.6.1 Authentication

Related topics