Hi ELK Team,
I set up Elastic stack in separate docker containers on my local machine.
It is build based on the following Github repository:
https://github.com/deviantony/docker-elk
below is
*** Docker-compose file**
version: '3.7'
services:
# The 'setup' service runs a one-off script which initializes the
# 'logstash_internal' and 'kibana_system' users inside Elasticsearch with the
# values of the passwords defined in the '.env' file.
#
# This task is only performed during the *initial* startup of the stack. On all
# subsequent runs, the service simply returns immediately, without performing
# any modification to existing users.
setup:
build:
context: setup/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
init: true
volumes:
- setup:/state:Z
environment:
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-}
LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD:-}
KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD:-}
networks:
- elk
elasticsearch:
build:
context: elasticsearch/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro,z
- elasticsearch:/usr/share/elasticsearch/data:z
ports:
- "9200:9200"
- "9300:9300"
environment:
ES_JAVA_OPTS: -Xmx512m -Xms512m
# Bootstrap password.
# Used to initialize the keystore during the initial startup of
# Elasticsearch. Ignored on subsequent runs.
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-}
# Use single node discovery in order to disable production mode and avoid bootstrap checks.
# see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
discovery.type: single-node
networks:
- elk
entsearch:
build:
context: enterprise-search/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
# image: docker.elastic.co/staging/enterprise-search:8.1.1
volumes:
- ./enterprise-search/config/enterprise-search.yml:/usr/share/enterprise-search/config/enterprise-search.yml:ro,Z
ports:
- 3002:3002
cap_add:
- NET_ADMIN
- NET_RAW
- SYS_ADMIN
privileged: true
environment:
ENT_SEARCH_DEFAULT_PASSWORD: ${ENT_SEARCH_DEFAULT_PASSWORD}
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-}
JAVA_OPTS: -Xmx1g -Xms1g
networks:
- elk
depends_on:
- "elasticsearch"
logstash:
build:
context: logstash/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z
- ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
ports:
- "5044:5044"
- "5000:5000/tcp"
- "5000:5000/udp"
- "9600:9600"
cap_add:
- NET_ADMIN
- NET_RAW
- SYS_ADMIN
privileged: true
environment:
LS_JAVA_OPTS: -Xmx256m -Xms256m
LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD:-}
networks:
- elk
depends_on:
- elasticsearch
kibana:
build:
context: kibana/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro,Z
ports:
- "5601:5601"
cap_add:
- NET_ADMIN
- NET_RAW
- SYS_ADMIN
privileged: true
environment:
KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD:-}
networks:
- elk
depends_on:
- elasticsearch
networks:
elk:
driver: bridge
volumes:
setup:
elasticsearch:
*** Elasticsearch configuration File**
## Default Elasticsearch configuration from Elasticsearch base image.
## https://github.com/elastic/elasticsearch/blob/master/distribution/docker/src/docker/config/elasticsearch.yml
#
cluster.name: "docker-cluster"
network.host: 0.0.0.0
## X-Pack settings
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html
#
xpack.license.self_generated.type: trial
xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true
Kibana configuration File
## Default Kibana configuration from Kibana base image.
## https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/templates/kibana_yml.template.ts
#
server.name: kibana
server.host: 0.0.0.0
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
enterpriseSearch.host: http://localhost:3002
monitoring.ui.container.elasticsearch.enabled: true
## X-Pack security credentials
#
elasticsearch.username: kibana_system
elasticsearch.password: ${KIBANA_SYSTEM_PASSWORD}
*** And Enterprise Search configuration File**
## Enterprise Search core configuration
## https://www.elastic.co/guide/en/enterprise-search/current/configuration.html
#
## --------------------- REQUIRED ---------------------
# Encryption keys to protect application secrets.
secret_management.encryption_keys: ['df8a1584401c6d5dc80577441dec7d316383298fde1063e0804deae3d081d44e']
# add encryption keys below
#- add encryption keys here with this command : openssl rand -hex 32
# Or Run the following command : od -vN 32 -An -tx1 /dev/urandom | tr -d " \n" ; echo
## ----------------------------------------------------
# IP address Enterprise Search listens on
ent_search.listen_host: 0.0.0.0
ent_search.listen_port: 3002
ent_search.ssl.enabled: false
# URL at which users reach Enterprise Search / Kibana
kibana.external_url: http://localhost:5601
ent_search.external_url: http://localhost:3002
kibana.host: http://localhost:5601
#Enterprise Search User Login and Password
#username: enterprise_search
# password: changeme
# Elasticsearch URL and credentials
elasticsearch.host: http://elasticsearch:9200
elasticsearch.username: elastic
elasticsearch.password: changeme
# Allow Enterprise Search to modify Elasticsearch settings. Used to enable auto-creation of Elasticsearch indexes.
allow_es_settings_modification: true
# WARNING: A new secret session key has been generated by Enterprise Search. | Set the key in your config file to persist user sessions through process restarts:|
secret_session_key: 8a07481f7d08da6e694a4ee9e71ef3e58f3e7a640c07d8544f3b8ba3c18eb0845c5c2fa3b8b347eecdf87ebc74c9c2ad7c99c3307f01f37d7b5697a8d37203de
Elasticsearch and Kibana are working well. But Enterprise Search within Kibana does not work. I have tried so much on this, still no solution.
Below are the error logs:
workspace-kibana-1 *| [2022-04-03T03:19:31.484+00:00][ERROR][plugins.enterpriseSearch] Could not perform access check to Enterprise Search: FetchError: request to http://localhost:3002/api/ent/v2/internal/client_config failed, reason: connect ECONNREFUSED 127.0.0.1:3002*
Your help will be much appreciated