Enable x-pack on a Docker-Compose elasticsearch cluster

Hi, I have a 3 node cluster in docker, and I want to use xpack security, this is my actual environment config inside the docker compose, but im not able to enable xpack security

environment:
  - node.name=es01
  - cluster.name=cluster
  - discovery.seed_hosts=es02,es03
  - cluster.initial_master_nodes=es01,es02,es03
  - bootstrap.memory_lock=true
    #- xpack.security.audit.enabled=true
  - xpack.security.enabled=true

what other lines I mus ad to enable x.pack ?

Hi @decal

To use the xpack security features, you must secure the connection in your cluster on the transport layer with TLS/SSL. You can find an example of how to use it on the following page:
https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls-docker.html
Note that this guide also secures the HTTP layer.

Hope this helps.

Tanks MiT, but the first thing that I read in your link is this "Unless you are using a trial license" and Im gonna use the trial license for 30 days, thats mean that I dont need that configuration?

Looks like that is true (I haven't known that). But you need to be aware of the following:

Clusters that do not have encryption enabled send all data in plain text including passwords. If the Elasticsearch security features are enabled, unless you have a trial license, you must configure SSL/TLS for internode-communication.

If you intend to use the basic version of the elastic stack in the future, you have to secure your communications for the transport layer network. Well, you now have 30 days to try it :sweat_smile:

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.