I am configuring an Elasticsearch/Kibana running under Docker-compose.
And I am have some problems with authentication.
When running docker-compose build:
version: '3.7'
services:
create_cert:
image: docker.elastic.co/elasticsearch/elasticsearch:7.14.0
command: >
bash -c '
if [[ ! -f /certs/elasticsearch.p12 || \
! -f /certs/kibana.zip ]]; then
echo "Removing certificates" &&
rm -rf /certs/* &&
echo "Generating CA" &&
bin/elasticsearch-certutil ca --silent --pass QwerTy --pem --out /certs/ca.zip &&
unzip /certs/ca.zip -d /certs &&
echo "Generating certificate for Elasticsearch" &&
bin/elasticsearch-certutil cert --silent --ca-cert /certs/ca/ca.crt --ca-key /certs/ca/ca.key --ca-pass QwerTy --pass QwerTy --dns elasticsearch --out /certs/elasticsearch.p12 &&
echo "Generating certificate for Kibana" &&
bin/elasticsearch-certutil cert --silent --ca-cert /certs/ca/ca.crt --ca-key /certs/ca/ca.key --ca-pass QwerTy --pass QwerTy --pem --dns kibana --out /certs/kibana.zip &&
unzip /certs/kibana.zip -d /certs &&
mv /certs/instance/instance.crt /certs/kibana.crt &&
mv /certs/instance/instance.key /certs/kibana.key &&
rm -rf /certs/instance &&
chown -R 1000:0 /certs
fi;
'
user: "0"
working_dir: /usr/share/elasticsearch
volumes:
- /srv/elasticsearch/certs:/certs
- /srv/elasticsearch/config:/usr/share/elasticsearch/config/
networks:
- elastic
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.14.0
container_name: elasticsearch
environment:
- node.master=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- discovery.type=single-node
- network.host=0.0.0.0
- node.name=elasticsearch
- discovery.seed_hosts=["127.0.0.1"]
- xpack.security.enabled=true
- xpack.security.authc.token.enabled=true
- xpack.security.audit.enabled=true
- xpack.security.authc.realms.file.file1.order=0
- xpack.security.authc.realms.native.native1.order=1
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.keystore.password=QwerTy
- xpack.security.transport.ssl.truststore.password=QwerTy
- xpack.security.transport.ssl.keystore.path=certs/elasticsearch.p12
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.keystore.password=QwerTy
- xpack.security.http.ssl.truststore.password=QwerTy
- xpack.security.http.ssl.keystore.path=certs/elasticsearch.p12
- xpack.security.http.ssl.verification_mode=certificate
- xpack.license.self_generated.type=trial
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=changeme
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
cap_add:
- IPC_LOCK
user: "0"
ports:
- 9200:9200
networks:
- elastic
volumes:
- /srv/elasticsearch/certs:/usr/share/elasticsearch/config/certs:rw
kibana:
container_name: kibana
image: docker.elastic.co/kibana/kibana:7.14.0
environment:
- ELASTICSEARCH_HOSTS=["https://elasticsearch:9200"]
- ELASTICSEARCH_URL=https://elasticsearch:9200
- XPACK_SECURITY_ENABLED=true
- ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
- ELASTICSEARCH_SSL_VERIFICATIONMODE=certificate
- SERVER_SSL_ENABLED=true
- SERVER_SSL_KEY=config/certs/kibana.key
- SERVER_SSL_CERTIFICATE=config/certs/kibana.crt
- SERVER_SSL_PASSWORD=QwerTy
- SERVER_SSL_KEYPASSPHRASE=QwerTy
- XPACK_SECURITY_ENCRYPTIONKEY=aqwqdqwdkoijiojqwdqwdq133wedqqe2
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=changeme
ports:
- 5601:5601
depends_on:
- elasticsearch
links: ['elasticsearch']
networks:
- elastic
volumes:
- /srv/elasticsearch/certs:/usr/share/kibana/config/certs:rw
networks:
elastic:
driver: bridge
I am getting the error from elasticsearch:
elasticsearch | {"type":"audit", "timestamp":"2021-08-24T13:18:24,001+0000", "node.id":"9dPw2uqMRqyV6aYwbTQ-ZA", "event.type":"rest", "event.action":"authentication_failed", "user.name":"elastic", "origin.type":"rest", "origin.address":"172.18.0.3:41838", "url.path":"/_nodes", "url.query":"filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip", "request.method":"GET", "request.id":"PXNxlu7RQ96o_FFZuA00Yw"}
from kibana:
kibana | {"type":"log","@timestamp":"2021-08-24T13:18:10+00:00","tags":["error","savedobjects-service"],"pid":1213,"message":"Unable to retrieve version information from Elasticsearch nodes. security_exception: [security_exception] Reason: unable to authenticate user [elastic] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]"}
When run elasticsearch-setup-passwords interactive
under elasticsearch container and input passwords (changeme) kibana connect elasticsearch.
I am understand default:
ELASTICSEARCH_USERNAME=elastic
ELASTICSEARCH_PASSWORD=changeme
disable after 6.0.0 version.
How connect kibana with elasticsearch in one docker-compose.yml?