Advice on Docker ELKv6.6.1 Authentication

I am not able to setup passwords for Kibana and ElastiCsearch. Please see below docker-compose.yml. I would appreciate if someone could put me in right direction?
Use Case: I would like to setup authentication/login for Kibana and Elastic Search.

version: '3.6'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.6.1
    container_name: elasticsearch
    environment:
      - "discovery.type=single-node"
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - "ELASTIC_PASSWORD=MagicWord"
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
    volumes:
      - esdata:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
      - 9300:9300
  kibana:
    image: docker.elastic.co/kibana/kibana:6.6.1
    container_name: kibana
    environment:
      SERVER_NAME: localhost
      ELASTICSEARCH_URL: http://elasticsearch:9200/
      elasticsearch.username: "kibana"
      elasticsearch.password: "kibanapassword"
    ports:
      - 5601:5601
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
volumes:
  esdata:

Note: fyi, i posted this query on stackoverflow forum

The kibana service environment variables should be uppercased and dot replaced with an underscore. Here's what mine looks like (using docker compose version 2.2)

  kibana:
    image: "docker.elastic.co/kibana/kibana:6.6.2"
    env_file: [".env"]
    volumes: ["./cert-bundle:$KBN_CERTS_DIR"]
    environment:
      - "SERVER_BASEPATH=/kibana"
      - "SERVER_HOST=kibana"
      - "LOGGING_VERBOSE=true"
      - "ELASTICSEARCH_URL=$ELASTICSEARCH_URL"
      - "ELASTICSEARCH_USERNAME=$KBN_ES_USERNAME"
      - "ELASTICSEARCH_PASSWORD=$KBN_ES_PASSWORD"
      - "ELASTICSEARCH_SSL_KEY=$KBN_CERTS_DIR/kibana.key"
      - "ELASTICSEARCH_SSL_CERTIFICATE=$KBN_CERTS_DIR/kibana.crt"
      - "ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=$KBN_CERTS_DIR/ca/kibana-ca.crt"
      - "ELASTICSEARCH_SSL_VERIFICATIONMODE=certificate"
      - "XPACK_REPORTING_ENCRYPTIONKEY=$SESSION_SECRET"
      - "XPACK_SECURITY_ENCRYPTIONKEY=$SESSION_SECRET"

BTW I prefer having passwords in a separate file called .env, so that I can commit my docker-compose.yml file into a git repo, but I don't have to have my passwords in the git repo. The .env file is listed in my .gitignore

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.