Skip to content

An end-to-end fully secure Elasticsearch cluster with Kibana and run with Docker. Using official images.

License

Notifications You must be signed in to change notification settings

flavienbwk/Secure-Docker-Elastic-Cluster

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Secure Docker Elastic cluster

An end-to-end fully secure Elasticsearch cluster (of 3 Elasticsearch instances) with Kibana and run by Docker. Using official images. Ever dreamed of the following ?

Kibana Elasticsearch cluster

First, you will need to raise your host's ulimits for Elasticsearch to be able to handle high I/O :

sudo sysctl -w vm.max_map_count=500000

Now, we will generate the certificates for your cluster :

docker-compose -f create-certs.yml run --rm create_certs

That's it ! Start the cluster with :

docker-compose up -d

Access Kibana through https://localhost:5601

Default username is elastic and password is changeme

User management

User management can be performed both through the UI and from API calls. This chapter focuses on API call examples.

To create a new user ingest with password changeme :

curl -k -X POST "https://localhost:9200/_security/user/ingest" -H "Content-Type: application/json" -u elastic:changeme -d '{
  "password" : "changeme",
  "full_name" : "Ingest User",
  "roles": [],
  "email" : "[email protected]",
  "metadata" : {
    "intelligence" : 7
  }
}'

To update a password :

docker exec -it secure-docker-elastic-cluster-es01-1 bin/elasticsearch-users passwd admin

Make it so ingest can write data in *metric* or *logs* indices :

curl -k -X PUT "https://localhost:9200/_security/role/ingest-role" -H "Content-Type: application/json" -u elastic:changeme -d'
{
  "cluster": ["manage_index_templates", "monitor", "manage_ilm"],
  "indices": [
    {
      "names": [ "*metric*", "*logs*" ],
      "privileges": ["read","write"]
    }
  ]
}'
curl -k -X PUT "https://localhost:9200/_security/user/ingest" -H "Content-Type: application/json" -u elastic:changeme -d '{
  "roles" : ["ingest-role"],
  "full_name" : "Ingest User",
  "email" : "[email protected]",
  "metadata" : {
    "intelligence" : 7
  }
}'

Test authentication :

curl -k -u ingest:changeme https://localhost:9200/_cluster/health

About

An end-to-end fully secure Elasticsearch cluster with Kibana and run with Docker. Using official images.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published