Technology Sharing

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

This article refers to the following two articles

✅ElasticSearch&Kibana deployment · Cloud Effect Thoughts · Enterprise Knowledge Base (aliyun.com)

Install ElasticSearch & Kibana in Docker - Feishu

Install elasticsearch

Use docker to download es:

docker pull elasticsearch:8.13.0

Mount configuration

Create a directory to hang on the file

mkdir -p /home/docker/es/config
mkdir -p /home/docker/es/data
mkdir -p /home/docker/es/plugins
mkdir -p /home/docker/es/logs
 
#权限
chmod 777 /home/docker/es/config
chmod 777 /home/docker/es/data
chmod 777 /home/docker/es/plugins
chmod 777 /home/docker/es/logs

Edit /home/docker/es/config/elasticsearch.yml file

cluster.name: "nfturbo-cluster"
network.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: "*"
xpack.security.enabled: true

Start the image

docker run --name elasticsearch 
-p 9200:9200 
-p 9300:9300 
-e "discovery.type=single-node" 
-e ES_JAVA_OPTS="-Xms256m -Xmx512m" 
-v /home/docker/es/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml 
-v /home/docker/es/data:/usr/share/elasticsearch/data 
-v /home/docker/es/plugins:/usr/share/elasticsearch/plugins 
-v /home/docker/es/logs:/usr/share/elasticsearch/logs 
-d elasticsearch:8.13.0

Set the built-in user password

For setting the Elasticsearch built-in user password in a Docker environment, it is recommended to use elasticsearch-setup-passwords auto command, because it automatically generates a random password for the built-in user and displays it directly on the console. This method is more suitable for automated deployment or scripted operations.

If you wish to manually enter the password and set it interactively, you can use elasticsearch-setup-passwords interactive command. This method is suitable for interactive password setting, and you can manually enter the password of each user according to your needs.

# 进入es容器内部
docker exec -it a46f2f8bdfd7 /bin/bash
 
#手动设置用户密码
elasticsearch-setup-passwords interactive
 
#重启es容器

However, this does not work. You will encounter a problem when you start kibana.BecauseLatest version Elasticsearch Introduced stricter security policies, especially regarding system indexes that Kibana needs to access. Specifically, the error message indicates that theelastic A superuser account, but this account is not allowed to write to the system indexes required by Kibana。

Error: [config validation of [elasticsearch].username]: value of "elastic" is forbidden

Enter the es container, add a new user, set role permissions, create a password according to the prompts, and confirm the password again

bin/elasticsearch-users useradd gxj
#密码123456
bin/elasticsearch-users roles -a superuser gxj
bin/elasticsearch-users roles -a kibana_system gxj

Warning is fine, ignore it

WARNING: Owner of file [/usr/share/elasticsearch/config/users_roles] used to be [root], but now is [elasticsearch]

Browser access

ip:9200, Remember to open the mapping in the firewallport

Install Kibana

Download kibana using docker

docker pull kibana:8.13.0

View es ip

docker inspect elasticsearch|grep IPAddress

Mount configuration

#创建挂载文件
touch /home/docker/es/config/kibana.yml
#权限
chmod 777 /home/docker/es/config/kibana.yml

editkibana.yml, you need to set the es ip you just found toelasticsearch.hostsOther configurations can be adjusted appropriately

server.name: kibana
#server.port: 5601
server.host: 0.0.0.0
#改成 es 的内网 ip
elasticsearch.hosts: [ "http://172.17.0.2:9200" ]
elasticsearch.username: "gxj"
elasticsearch.password: "123456"
xpack.monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: "zh-CN"

Start Kibana

docker run --name kibana 
-p 5601:5601 
-v /home/docker/es/config/kibana.yml:/usr/share/kibana/config/kibana.yml 
-d kibana:8.13.0

Browser access

http://ip:5601, Remember to open the mapping in the firewallport

Enter username (gxj) and password (123456) to access

#kibana容器运行日志
docker logs kibana