I am using a Docker image of Elasticsearch v.6.2.4. My problem is that X-Pack is installed, but it is not asking for credentials.
I know that X-Pack is installed as you can see below:
Add a comment
|
5 Answers
Elasticsearch security features that come with Xpack are not for free, there is a trial version for a month and then a paid version.
But according to this elastic blog, it is for free starting in versions (6.8.0 and 7.1.0).
I write this answer to activate free Elasticsearch security features with docker-compose.
Remember that when using the below code, both Kibana and Elasticsearch node are secure with username and password, so rest client that access Elasticsearch must have the credential, this answer will help.
That's my code:
version: '3'
services:
create_certs:
container_name: create_certs
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.0
command: >
bash -c '
if [[ ! -f ./config/certificates/elastic-certificates.p12 ]]; then
bin/elasticsearch-certutil cert -out config/certificates/elastic-certificates.p12 -pass ""
fi;
chown -R 1000:0 /usr/share/elasticsearch/config/certificates
'
user: "0"
working_dir: /usr/share/elasticsearch
volumes: ['certs:/usr/share/elasticsearch/config/certificates']
elasticsearch:
container_name: elasticsearch
depends_on: [create_certs]
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.0
environment:
- cluster.name=docker-cluster
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- ELASTIC_PASSWORD=MyPassword # password for default user: elastic
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.keystore.path=/usr/share/elasticsearch/config/certificates/elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=/usr/share/elasticsearch/config/certificates/elastic-certificates.p12
volumes: ['esdata:/usr/share/elasticsearch/data', 'certs:/usr/share/elasticsearch/config/certificates']
ulimits:
nofile:
soft: 65536
hard: 65536
memlock:
soft: -1
hard: -1
ports:
- "9200:9200"
kibana:
container_name: kibana
depends_on: [elasticsearch]
image: docker.elastic.co/kibana/kibana:6.8.0
environment:
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=MyPassword
ports:
- "5601:5601"
volumes: {"esdata", "certs"}
Comments
Enable Security in Elasticsearch using docker
Update the environment variables t enable true
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
Here is the sample, docker-compose.yml file for the elasticseaarch and kibana
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.16.2
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
ports:
- 9200:9200
- 9300:9300
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.16.2
container_name: kibana
environment:
- ELASTICSEARCH_URL="http://elasticsearch:9200"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
links:
- elasticsearch
ports:
- 5601:5601
networks:
- elastic
depends_on:
- elasticsearch
networks:
elastic:
driver: bridge
2 Comments
Kevin
Unfortunately something must have changed for version 7. I get
Authentication of [elastic] was terminated by realm [reserved] - failed to authenticate user [elastic] errors after starting this exact stack.
Eric M.
It is not the case in this script, but I had the problem of the
failed to authenticate user [elastic] even by provided the variable. The ELASTIC_PASSWORD is used by docker-entrypoint.sh so if you overwrite the command docker section to start with something else the password could not be set.Maybe I came too late... but I had this problem today and digging found tha you don't have to set the user, just the password. This is the docker-compose file
version: '3.6'
services:
elasticsearchNode:
image: elasticsearch:$STACK_VERSION
container_name: elasticsearchNode
environment:
discovery.type: 'single-node'
ELASTIC_PASSWORD: $ELK_PASS
cluster.name: 'dockercluster'
node.name: 'node-master'
bootstrap.memory_lock: 'true'
ES_JAVA_OPTS: '-Xms512m -Xmx512m'
xpack.security.enabled: 'true'
ports:
- 9200:9200
- 9300:9300
networks:
- docker_elk_node
volumes:
esdataNode:
networks:
docker_elk_node:
and the .env file
COMPOSE_PROJECT_NAME=es
STACK_VERSION=7.6.0
ELK_PASS=MyPassWord
Comments
Change elasticsearch environment to "ELASTIC_USERNAME" and "ELASTIC_PASSWORD" for elasticsearch:7.14.0
version: '3.4'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.14.0
container_name: elasticsearch
environment:
- "discovery.type=single-node"
- ELASTIC_USERNAME=elastic
- ELASTIC_PASSWORD=MagicWord
- xpack.security.enabled=true
ports:
- 32769:9200
- 32770:9300
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.14.0
container_name: kibana
environment:
- ELASTICSEARCH_URL="http://elasticsearch:9200"
- ELASTICSEARCH_USERNAME=elastic
- ELASTICSEARCH_PASSWORD=MagicWord
- xpack.security.enabled=true
links:
- elasticsearch
ports:
- 5601:5601
networks:
- elastic
depends_on:
- elasticsearch
networks:
elastic:
driver: bridge
Comments
Attached is a simple configuration for elasticsearch > 7.x.
Elasticsearch expects the user "elastic".
elasticsearch:
container_name: search
image: elasticsearch:7.10.1
restart: always
ports:
- 9200:9200
- 9300:9300
environment:
- "discovery.type=single-node"
- xpack.security.enabled=true
- ELASTIC_PASSWORD=YOUR_PASSWORD
