Cannot enable x-pack with basic-flavor elastic docker image (6.0.0)

john_int · November 17, 2017, 4:42pm

Greetings.

Following the docs
https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html

i'm downloading the basic-flavor image.
Running it with
docker run -d -p 9200:9200
-e "http.host=0.0.0.0"
-e "transport.host=127.0.0.1"
--name elastic docker.elastic.co/elasticsearch/elasticsearch:6.0.0

which means x-pack.security should be enabled by default as it is, but the available property is "False" and i can access es without prompting for credentials.

Here is the localhost:9200/_xpack output
{
build: {
hash: "cc96bca",
date: "2017-11-10T19:36:09.930Z"
},
features: {
graph: {
description: "Graph Data Exploration for the Elastic Stack",
available: false,
enabled: true
},
logstash: {
description: "Logstash management component for X-Pack",
available: false,
enabled: true
},
ml: {
description: "Machine Learning for the Elastic Stack",
available: false,
enabled: true,
native_code_info: {
version: "6.0.0",
build_hash: "8e6ab35cf803a2"
}
},
monitoring: {
description: "Monitoring for the Elastic Stack",
available: true,
enabled: true
},
security: {
description: "Security for the Elastic Stack",
available: false,
enabled: true
},
watcher: {
description: "Alerting, Notification and Automation for the Elastic Stack",
available: false,
enabled: true
}
},
tagline: "You know, for X"
}

Am i doing something wrong?

TimV · November 18, 2017, 12:58am

The basic flavour of the ES6 Docker image comes with an X-Pack basic license.

You can read about the inclusions for each license type here: https://www.elastic.co/subscriptions

X-Pack basic does not include security.

john_int · November 21, 2017, 7:58am

Ah, I thought it did.
That means we can't use our custom oAUth2 for user login right?
As far as i understand this can be done only with x-pack security running on ES, correct?

TimV · November 21, 2017, 9:44am

Well it depends how your custom Oauth works.

If you are dependent on X-Pack security, then you need the platinum flavour of our Docker image.
If you just want to put an Oauth proxy in front of ES/Kibana then you might be able to get that to work.

john_int · November 21, 2017, 1:59pm

Thank you very much TIm.

system · December 19, 2017, 1:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.