An end-to-end fully secure Elasticsearch cluster (of 3 Elasticsearch instances) with Kibana and run by Docker. Using official images. Ever dreamed of the following ?
First, you will need to raise your host's ulimits for Elasticsearch to be able to handle high I/O :
sudo sysctl -w vm.max_map_count=500000
Now, we will generate the certificates for your cluster :
docker-compose -f create-certs.yml run --rm create_certs
That's it ! Start the cluster with :
docker-compose up -d
Access Kibana through https://localhost:5601
Default username is
elastic
and password ischangeme
User management can be performed both through the UI and from API calls. This chapter focuses on API call examples.
To create a new user ingest
with password changeme
:
curl -k -X POST "https://localhost:9200/_security/user/ingest" -H "Content-Type: application/json" -u elastic:changeme -d '{
"password" : "changeme",
"full_name" : "Ingest User",
"roles": [],
"email" : "[email protected]",
"metadata" : {
"intelligence" : 7
}
}'
To update a password :
docker exec -it secure-docker-elastic-cluster-es01-1 bin/elasticsearch-users passwd admin
Make it so ingest
can write data in *metric*
or *logs*
indices :
curl -k -X PUT "https://localhost:9200/_security/role/ingest-role" -H "Content-Type: application/json" -u elastic:changeme -d'
{
"cluster": ["manage_index_templates", "monitor", "manage_ilm"],
"indices": [
{
"names": [ "*metric*", "*logs*" ],
"privileges": ["read","write"]
}
]
}'
curl -k -X PUT "https://localhost:9200/_security/user/ingest" -H "Content-Type: application/json" -u elastic:changeme -d '{
"roles" : ["ingest-role"],
"full_name" : "Ingest User",
"email" : "[email protected]",
"metadata" : {
"intelligence" : 7
}
}'
Test authentication :
curl -k -u ingest:changeme https://localhost:9200/_cluster/health