- I am trying to configure Elastic Stack using
docker-compose.yml
as follows, where Kibana gets the API key viabin/elasticsearch-create-enrollment-token -s kibana
.
version: "3.8"
services:
elasticsearch-node01:
image: elasticsearch:8.1.2
environment:
bootstrap.memory_lock: true
ELASTIC_PASSWORD: "1234AF57-35CA-B2E0-BE8B-12345D5C123E"
ES_JAVA_OPTS: "-Xms4g -Xmx4g"
volumes:
- elasticsearch-data01:/usr/share/elasticsearch/data
- elasticsearch-config01:/usr/share/elasticsearch/config:rw
ports:
- "9200:9200"
- "9300:9300"
ulimits:
memlock:
soft: -1
hard: -1
kibana-node01:
image: kibana:8.1.2
environment:
XPACK_SECURITY_ENCRYPTIONKEY: fc12345ea223eb1234dac7b1234ac62e
XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 1bb85c4e9ed1c36ae4a8ead1234567f1
XPACK_REPORTING_ENCRYPTIONKEY: af5cbdd2e2f4da20a72f60f1e123456f
ports:
- "5601:5601"
volumes:
- kibana-data01:/usr/share/kibana/data
- kibana-config01:/usr/share/kibana/config
volumes:
elasticsearch-data01:
driver: local
elasticsearch-config01:
driver: local
kibana-data01:
driver: local
kibana-config01:
driver: local
-
After the normal startup, I entered the integration page of Fleet, clicked
Create policy
to createFleet Server policy 1
, and addedFleet Server host
ashttp://elastic-agent-node01:8220
(mentioned later ). At this time byGenerate a service token
generates aservice token
,AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NDkyMDgzNzg0MzI6dGdxV0kzRWJSSk9RY3ppRVo3R3hwQQ
. -
Then get
Enrollment tokens
athttp://localhost:5601/app/fleet/enrollment-tokens
asYmh4M19IOEJFRUlyYW43dUpRRzI6N0pDeVNkaFpTRFdoNU1HTWFGaEZHZw==
. -
According to Run Elastic Agent in a container | Fleet and Elastic Agent Guide [8.1] | Elastic , I updated
docker-compose.yml
as follows, and then executeddocker compose pull
anddocker compose up -d
to startElastic Agent
.
version: "3.8"
services:
elasticsearch-node01:
image: elasticsearch:8.1.2
environment:
bootstrap.memory_lock: true
cluster.name: "sg8000-elasticsearch"
ELASTIC_PASSWORD: "1234AF57-35CA-B2E0-BE8B-12345D5C123E"
ES_JAVA_OPTS: "-Xms4g -Xmx4g"
volumes:
- elasticsearch-data01:/usr/share/elasticsearch/data
- elasticsearch-config01:/usr/share/elasticsearch/config:rw
ports:
- "9200:9200"
- "9300:9300"
ulimits:
memlock:
soft: -1
hard: -1
kibana-node01:
image: kibana:8.1.2
environment:
XPACK_SECURITY_ENCRYPTIONKEY: fc12345ea223eb1234dac7b1234ac62e
XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 1bb85c4e9ed1c36ae4a8ead1234567f1
XPACK_REPORTING_ENCRYPTIONKEY: af5cbdd2e2f4da20a72f60f1e123456f
ports:
- "5601:5601"
volumes:
- kibana-data01:/usr/share/kibana/data
- kibana-config01:/usr/share/kibana/config
elastic-agent-node01:
image: elastic/elastic-agent:8.1.2
restart: always
user: root
environment:
FLEET_ENROLLMENT_TOKEN: "Ymh4M19IOEJFRUlyYW43dUpRRzI6N0pDeVNkaFpTRFdoNU1HTWFGaEZHZw=="
FLEET_ENROLL: 1
FLEET_URL: http://elastic-agent-node01:8220
FLEET_SERVER_ENABLE: true
FLEET_SERVER_ELASTICSEARCH_HOST: http://elasticsearch-node01:9200
FLEET_SERVER_SERVICE_TOKEN: "AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NDkyMDgzNzg0MzI6dGdxV0kzRWJSSk9RY3ppRVo3R3hwQQ"
volumes:
elasticsearch-data01:
driver: local
elasticsearch-config01:
driver: local
kibana-data01:
driver: local
kibana-config01:
driver: local
-
Then I got a series of ERRORs starting up in the logs of the Elastic Agent in Docker Desktop. At the same time Kibana did not get Fleet's registration information.
-
I'm confused how to configure
Elastic Agent
, hope some friends can help.