Hey there,
I am running an Elasticsearch 7.3.0 cluster with three nodes (on three different machines) via a docker-compose setup. Here is my elasticsearch and kibana service defined in docker-compose.yml:
services:
es-mdi:
container_name: lxelk01-es-mdi
image: elasticsearch:7.3.0
ports:
- "9200:9200"
- "9300:9300"
networks:
- elk
volumes:
- es-mdi-volume:/usr/share/elasticsearch
environment:
cluster.name: my-cluster
node.name: lxelk01-es-mdi
network.host: 0.0.0.0
network.publish_host: 192.168.2.120
http.port: 9200
transport.port: 9300
bootstrap.memory_lock: "true"
node.master: "true"
node.data: "true"
node.ingest: "true"
node.ml: "false"
xpack.ml.enabled: "false"
discovery.seed_hosts: 192.168.2.120:9300,192.168.2.121:9300,192.168.2.122:9300
cluster.initial_master_nodes: 192.168.2.120:9300,192.168.2.121:9300,192.168.2.122:9300
xpack.monitoring.enabled: "true"
xpack.monitoring.collection.enabled: "true"
ES_JAVA_OPTS: "-Xms4g -Xmx4g"
xpack.security.enabled: "true"
#xpack.license.self_generated.type: "trial"
ulimits:
memlock: -1
#noproc: 65536
nofile: 65536
fsize: -1
as: -1
restart: always
kibana:
container_name: lxelk01-kibana
image: kibana:7.3.0
ports:
- "5601:5601"
networks:
- elk
volumes:
- kibana-volume:/usr/share/kibana
ulimits:
memlock: -1
#noproc: 65536
nofile: 65536
fsize: -1
as: -1
environment:
SERVER_PORT: 5601
SERVER_NAME: kibana.lxelk01.de
ELASTICSEARCH_HOSTS: "http://192.168.2.120:9201/"
XPACK_MONITORING_ENABLED: "true"
XPACK_MONITORING_COLLECTION_ENABLED: "true"
ELASTICSEARCH_USERNAME: "kibana"
#ELASTICSEARCH_PASSWORD: ""
restart: always
The cluster runs, meaning the nodes can find each other and they successfully elect a master. So far so good.
I followed the instructions on how to secure the elastic stack and right now I stuck at setting the passwords for the built-in users.
I start all three nodes and then go into one node's bash via docker exec -it ID bash and call
bin/elasticsearch-setup-passwords auto -u "http://192.168.2.120:9200"
This will print out the generated passwords on the terminal. At this point my kibana instance can logically not connect with the elasticsearch node because I haven't set the credentials of the kibana user. So I stop and remove the kibana service, edit the docker-compose file and set
ELASTICSEARCH_PASSWORD: "foo"
as environment argument (foo will be the generated password).
Then I bring kibana up again, it connects to the cluster and I get prompted for basic authentication when trying to access. There I log in as elastic user with the generated password and activate the trial license.
Now here is my issue:
Even though I successfully logged in as the elastic super user I can't acces the user management UI. There I want to create normal logins for the users.
Questions:
- Why can I not see the user management function even though I logged in as elastic user? (left highlighting)
- I expected that it would say the username "elastic" in the right highlighting. Am I really logged in?
- Is this workflow to set passwords for the built-in users in a docker environment good or would you suggest a different approach?
Thanks in advance!