Unable to setup elastic stack in docker with tls enabled

Followed these instructions verbatim:
https://www.elastic.co/guide/en/elastic-stack-get-started/7.5/get-started-docker.html#get-started-docker-tls

This issue is when you attempt to setup passwords this is the error received:

Failed to authenticate user 'elastic' against https://es01:9200/_security/_authenticate?pretty
Possible causes include:
 * The password for the 'elastic' user has already been changed on this cluster
 * Your elasticsearch node is running against a different keystore
   This tool used the keystore at /usr/share/elasticsearch/config/elasticsearch.keystore

ERROR: Failed to verify bootstrap password

I have tried for over two weeks tweaking the configuration, the certs, the container, the permissions. Please review these instructions. I am dying to know the answer to reset a password on this service.

Also setting the environmental variable for ELASTIC_PASSWORD in the docker-compose file doesn't work at all. How come this functionality doesn't work?

It works for me very well.

Here is the docker-compose.yml file I'm using:

---
version: '3'
services:

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.5.1
    environment:
      - bootstrap.memory_lock=true
      - discovery.type=single-node
      - ELASTIC_PASSWORD=changeme
      - xpack.security.enabled=true
    ulimits:
      memlock:
        soft: -1
        hard: -1
    ports:
      - 9200:9200
    networks: ['stack']

  kibana:
    image: docker.elastic.co/kibana/kibana:7.5.1
    environment:
      - ELASTICSEARCH_USERNAME=elastic
      - ELASTICSEARCH_PASSWORD=changeme
    ports: ['5601:5601']
    networks: ['stack']
    links: ['elasticsearch']
    depends_on: ['elasticsearch']

networks:
  stack: {}

David I am looking for a config that incorporates TLS certs with Xpack in Docker containers. Your configuration doesn't appear to be utilizing certificates. Any experience with this?

Error message in Elastic container when attempting to set the passwords:

es01                | {"type": "server", "timestamp": "2019-12-14T21:38:28,670Z", "level": "INFO", "component": "o.e.x.s.a.AuthenticationService", "cluster.name": "docker-cluster", "node.name": "es01", "message": "Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic]", "cluster.uuid": "38P8BUwoRymc8niNyYIfuQ", "node.id": "HznRQrvZTmuk-EGr6EBqtA"  }

No. I don't.

Did you start with a clean data volume?

Yes started from scratch per these instructions:

https://www.elastic.co/guide/en/elastic-stack-get-started/7.5/get-started-docker.html#get-started-docker-tls

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.