Skip to content

Instantly share code, notes, and snippets.

@technige

technige/elk-docker-howto.md

Last active November 18, 2021 17:08
Show Gist options
  • Save technige/02ddb309fd7c23c4649995b1a2b80e93 to your computer and use it in GitHub Desktop.
Save technige/02ddb309fd7c23c4649995b1a2b80e93 to your computer and use it in GitHub Desktop.
Download ZIP
How to run Elasticsearch and Kibana in local Docker containers
Raw
elk-docker-howto.md

How to run Elasticsearch and Kibana in local Docker containers

This document contains step-by-step notes for how to run Elasticsearch and Kibana in local Docker containers.

This assumes three terminal windows are available: A (control), B (Elasticsearch) and C (Kibana). Note also that the stack version included here may be varied, although it should remain identical across both components.

1. Create a Docker network

In terminal A, run:

$ docker network create elk

Note that this command will not succeed if a network called elk already exists.

2. Start Elasticsearch

In terminal B, run the following to start Elasticsearch:

$ docker run --name es1 --net elk -p 9200:9200 \
    -e "discovery.type=single-node" \
    -e "xpack.security.enabled=true" \
    -e "xpack.security.authc.api_key.enabled=true" \
    docker.elastic.co/elasticsearch/elasticsearch:7.15.1

Elasticsearch will now be available on port 9200.

3. Generate passwords

Once the Elasticsearch instance has fully initiated, run the following in terminal A:

$ docker exec -it es1 ./bin/elasticsearch-setup-passwords auto

Confirm with [Y] and a a list of newly-generated passwords will be displayed.

Elasticsearch can now be accessed as the user elastic with the password generated in step 3.

4. Start Kibana

In terminal C, use the kibana_system password from the previous step to set the following environment variable:

$ KIBANA_SYSTEM_PASSWORD=<PASSWORD>

Then, also in terminal C, start Kibana:

$ docker run --name kib1 --net elk \
    -p 5601:5601 \
    -e "ELASTICSEARCH_HOSTS=http://es1:9200" \
    -e "ELASTICSEARCH_USERNAME=kibana_system" \
    -e "ELASTICSEARCH_PASSWORD=$KIBANA_SYSTEM_PASSWORD" \
    docker.elastic.co/kibana/kibana:7.15.1

Kibana will now be available on port 5601. Log in as elastic with the password generated in step 3.

Note that unlike Elasticsearch, Kibana cannot be terminated with Ctrl+C. Instead, use docker kill kib1 from Terminal A.

5. Start Enterprise Search

In terminal D, first set the Elasticsearch password variable based on the elastic user in step 3:

$ ELASTIC_PASSWORD=<PASSWORD>

Then, also in terminal D, start Enterprise Search:

$ docker run --name ent1 --net elk -p 3002:3002 \
  -e elasticsearch.host='http://es1:9200' \
  -e elasticsearch.username=elastic \
  -e elasticsearch.password=$ELASTIC_PASSWORD \
  -e allow_es_settings_modification=true \
  -e secret_management.encryption_keys='[4a2cd3f81d39bf28738c10db0ca782095ffac07279561809eecc722e0c20eb09]' \
docker.elastic.co/enterprise-search/enterprise-search:7.15.1

The log output will display a user name and password similar to that below. Make a note of these.

username: enterprise_search
password: xxxxxxxxxxxxxxxx

Enterprise Search will now be available on port 3002, and can be access using these credentials.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment