I am running an Elasticsearch 7.3.0 cluster with three nodes (on three different machines) via a docker-compose setup. Here is my elasticsearch and kibana service defined in docker-compose.yml:
services: es-mdi: container_name: lxelk01-es-mdi image: elasticsearch:7.3.0 ports: - "9200:9200" - "9300:9300" networks: - elk volumes: - es-mdi-volume:/usr/share/elasticsearch environment: cluster.name: my-cluster node.name: lxelk01-es-mdi network.host: 0.0.0.0 network.publish_host: 192.168.2.120 http.port: 9200 transport.port: 9300 bootstrap.memory_lock: "true" node.master: "true" node.data: "true" node.ingest: "true" node.ml: "false" xpack.ml.enabled: "false" discovery.seed_hosts: 192.168.2.120:9300,192.168.2.121:9300,192.168.2.122:9300 cluster.initial_master_nodes: 192.168.2.120:9300,192.168.2.121:9300,192.168.2.122:9300 xpack.monitoring.enabled: "true" xpack.monitoring.collection.enabled: "true" ES_JAVA_OPTS: "-Xms4g -Xmx4g" xpack.security.enabled: "true" #xpack.license.self_generated.type: "trial" ulimits: memlock: -1 #noproc: 65536 nofile: 65536 fsize: -1 as: -1 restart: always kibana: container_name: lxelk01-kibana image: kibana:7.3.0 ports: - "5601:5601" networks: - elk volumes: - kibana-volume:/usr/share/kibana ulimits: memlock: -1 #noproc: 65536 nofile: 65536 fsize: -1 as: -1 environment: SERVER_PORT: 5601 SERVER_NAME: kibana.lxelk01.de ELASTICSEARCH_HOSTS: "http://192.168.2.120:9201/" XPACK_MONITORING_ENABLED: "true" XPACK_MONITORING_COLLECTION_ENABLED: "true" ELASTICSEARCH_USERNAME: "kibana" #ELASTICSEARCH_PASSWORD: "" restart: always
The cluster runs, meaning the nodes can find each other and they successfully elect a master. So far so good.
I followed the instructions on how to secure the elastic stack and right now I stuck at setting the passwords for the built-in users.
I start all three nodes and then go into one node's bash via docker exec -it ID bash and call
bin/elasticsearch-setup-passwords auto -u "http://192.168.2.120:9200"
This will print out the generated passwords on the terminal. At this point my kibana instance can logically not connect with the elasticsearch node because I haven't set the credentials of the kibana user. So I stop and remove the kibana service, edit the docker-compose file and set
as environment argument (foo will be the generated password).
Then I bring kibana up again, it connects to the cluster and I get prompted for basic authentication when trying to access. There I log in as elastic user with the generated password and activate the trial license.
Now here is my issue:
Even though I successfully logged in as the elastic super user I can't acces the user management UI. There I want to create normal logins for the users.
- Why can I not see the user management function even though I logged in as elastic user? (left highlighting)
- I expected that it would say the username "elastic" in the right highlighting. Am I really logged in?
- Is this workflow to set passwords for the built-in users in a docker environment good or would you suggest a different approach?
Thanks in advance!