docker安装elk 包含用户名和密码

安装elk

和之前相同，可查看之前文章安装elk

如果需要在之前的版本(运行了一段时间)添加用户名和密码。会报错

  kibana   FATAL  [circuit_breaking_exception] [parent] Data too large

解决方法是：把挂载的es的数据删除

需要修改的配置文件

elasticsearch/Dockerfile

ARG ELK_VERSION

# https://github.com/elastic/elasticsearch-docker
FROM docker.elastic.co/elasticsearch/elasticsearch:7.5.1

# Add your elasticsearch plugins setup here
# Example: RUN elasticsearch-plugin install analysis-icu

 elasticsearch/config/elasticsearch.yml

---
## Default Elasticsearch configuration from Elasticsearch base image.
## https://github.com/elastic/elasticsearch/blob/master/distribution/docker/src/docker/config/elasticsearch.yml
#
cluster.name: "docker-cluster"
network.host: 0.0.0.0

## Use single node discovery in order to disable production mode and avoid bootstrap checks
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
#
#path.data: /data/elasticsearch/data/
#path.logs: /data/elasticsearch/log/
#path.plugins: /data/elasticsearch/plugin/

discovery.type: single-node
http.port: 9200
## X-Pack settings
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-xpack.html
#
action.auto_create_index: .security,.monitoring*,.watches,.triggered_watches,.watcher-history*,*
#xpack.license.self_generated.type: trial
#xpack.security.enabled: true
#xpack.monitoring.collection.enabled: true

xpack.security.enabled: true
xpack.ml.enabled: true
xpack.license.self_generated.type: trial

主要添加后面几行

xpack.security.enabled: true
xpack.ml.enabled: true
xpack.license.self_generated.type: trial

kibana/Dockerfile

ARG ELK_VERSION

# https://github.com/elastic/kibana-docker
FROM docker.elastic.co/kibana/kibana:7.5.1

# Add your kibana plugins setup here
# Example: RUN kibana-plugin install <name|url>

 kibana/config/kibana.yml

---
## Default Kibana configuration from Kibana base image.
## https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/templates/kibana_yml.template.js
#
server.name: kibana
server.host: "0"
#elasticsearch.url: http://elasticsearch:9200
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
#xpack.monitoring.ui.container.elasticsearch.enabled: true
xpack.security.enabled: true
## X-Pack security credentials
#
elasticsearch.username: elastic
elasticsearch.password: elastic

 logstash/Dockerfile

ARG ELK_VERSION

# https://github.com/elastic/logstash-docker
FROM docker.elastic.co/logstash/logstash:7.5.1

# Add your logstash plugins setup here
# Example: RUN logstash-plugin install logstash-filter-json

 logstash/pipeline/logstash.conf

output {
   if "xx"==[source]{
	elasticsearch {
        hosts => "elasticsearch:9200"
        user => "elastic"
        password => "elastic"
        index => "xx-%{+YYYY.MM.dd}" 
	    }
    }
}

总结：

关键就是把elasticsearch、kibana、logstash版本设置相同。elasticsearch开启xpack，kibana和logstash设置用户名和密码