Created
November 10, 2019 00:09
-
-
Save nickadam/abebf747c1b6fc3e382e04842667ae83 to your computer and use it in GitHub Desktop.
Elasticsearch three node cluster and kibana with security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.5' | |
services: | |
kibana: | |
image: docker.elastic.co/kibana/kibana:7.4.2 | |
environment: | |
- ELASTICSEARCH_HOSTS=http://es01:9200 | |
- ELASTICSEARCH_USERNAME=kibana | |
- ELASTICSEARCH_PASSWORD=agoodpassword | |
ports: | |
- target: 5601 | |
published: 5601 | |
mode: host | |
deploy: | |
mode: global | |
placement: | |
constraints: [node.labels.elastic_node == es01] | |
# | |
# Run `./bin/elasticsearch-setup-passwords interactive` on one node to set | |
# passwords after setup password populates data volume. | |
# | |
# Generate cert by running this on one node | |
# `bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""`` | |
# then copy the p12 file to the other nodes. | |
# | |
es01: | |
image: docker.elastic.co/elasticsearch/elasticsearch:7.4.2 | |
container_name: es01 | |
environment: | |
- node.name=es01 | |
- cluster.name=es-docker-cluster | |
- discovery.seed_hosts=es02,es03 | |
- cluster.initial_master_nodes=es01,es02,es03 | |
- xpack.security.enabled=true | |
- xpack.security.audit.enabled=true | |
- xpack.security.transport.ssl.enabled=true | |
- xpack.security.transport.ssl.verification_mode=certificate | |
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 | |
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 | |
- "ES_JAVA_OPTS=-Xms4g -Xmx4g" | |
volumes: | |
- type: volume | |
source: data01 | |
target: /usr/share/elasticsearch/data | |
- type: volume | |
source: config | |
target: /usr/share/elasticsearch/config | |
ports: | |
- target: 9200 | |
published: 9200 | |
mode: host | |
deploy: | |
mode: global | |
placement: | |
constraints: [node.labels.elastic_node == es01] | |
es02: | |
image: docker.elastic.co/elasticsearch/elasticsearch:7.4.2 | |
container_name: es02 | |
environment: | |
- node.name=es02 | |
- cluster.name=es-docker-cluster | |
- discovery.seed_hosts=es01,es03 | |
- cluster.initial_master_nodes=es01,es02,es03 | |
- xpack.security.enabled=true | |
- xpack.security.audit.enabled=true | |
- xpack.security.transport.ssl.enabled=true | |
- xpack.security.transport.ssl.verification_mode=certificate | |
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 | |
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 | |
- "ES_JAVA_OPTS=-Xms4g -Xmx4g" | |
volumes: | |
- type: volume | |
source: data02 | |
target: /usr/share/elasticsearch/data | |
- type: volume | |
source: config | |
target: /usr/share/elasticsearch/config | |
ports: | |
- target: 9200 | |
published: 9200 | |
mode: host | |
deploy: | |
mode: global | |
placement: | |
constraints: [node.labels.elastic_node == es02] | |
es03: | |
image: docker.elastic.co/elasticsearch/elasticsearch:7.4.2 | |
container_name: es03 | |
environment: | |
- node.name=es03 | |
- cluster.name=es-docker-cluster | |
- discovery.seed_hosts=es01,es02 | |
- cluster.initial_master_nodes=es01,es02,es03 | |
- xpack.security.enabled=true | |
- xpack.security.audit.enabled=true | |
- xpack.security.transport.ssl.enabled=true | |
- xpack.security.transport.ssl.verification_mode=certificate | |
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12 | |
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12 | |
- "ES_JAVA_OPTS=-Xms4g -Xmx4g" | |
volumes: | |
- type: volume | |
source: data03 | |
target: /usr/share/elasticsearch/data | |
- type: volume | |
source: config | |
target: /usr/share/elasticsearch/config | |
ports: | |
- target: 9200 | |
published: 9200 | |
mode: host | |
deploy: | |
mode: global | |
placement: | |
constraints: [node.labels.elastic_node == es03] | |
volumes: | |
data01: | |
data02: | |
data03: | |
config: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment