安装目标
使用docker安装elastic search和kibana,版本均为7.17.1
安装es
- docker pull#
去dockerhub看具体版本,这里用7.17.1
docker pull elasticsearch:7.17.1 docker pull kibana:7.17.1
- 临时安装生成文件#
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms256m -Xmx256m" elasticsearch:7.17.1
参数说明
-d 后台启动
–name 起别名即:NAMES
-p 9200:9200 将端口映射出来
elasticsearch的9200端口是供外部访问使用;9300端口是供内部访问使用集群间通讯
-e “discovery.type=single-node"单节点启动
-e ES_JAVA_OPTS=”-Xms256m -Xmx256m" 限制内存大小
确保成功启动
docker ps
- 设置外部数据卷#
mkdir -p /data/elasticsearch/{config,data,logs,plugins} yml
将容器内文件拷贝出来
docker cp elasticsearch:/usr/share/elasticsearch/config /data/elasticsearch docker cp elasticsearch:/usr/share/elasticsearch/logs /data/elasticsearch docker cp elasticsearch:/usr/share/elasticsearch/data /data/elasticsearch docker cp elasticsearch:/usr/share/elasticsearch/plugins /data/elasticsearch
设置elasticsearch.yml的内容
vi /data/elasticsearch/config/elasticsearch.yml
确保有以下几个配置,原有的配置可以不改动
cluster.name: "docker-cluster" network.hosts:0.0.0.0 # 跨域 http.cors.allow-origin: "*" http.cors.enabled: true http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
- 停止并删除临时容器#
docker stop elasticsearch docker rm elasticsearch
- 重新起容器并挂载外部文件夹#
docker run -d --name elasticsearch \ -p 9200:9200 \ -p 9300:9300 \ -e "discovery.type=single-node" \ -e ES_JAVA_OPTS="-Xms256m -Xmx256m" \ -v /data/elasticsearch/logs:/usr/share/elasticsearch/logs \ -v /data/elasticsearch/data:/usr/share/elasticsearch/data \ -v /data/elasticsearch/plugins:/usr/share/elasticsearch/plugins \ -v /data/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \ elasticsearch:7.17.1
等docker容器起来一分钟左右,再访问9200 端口,会返回
[root@iZuf6ai62xce7wexx4wwi9Z config]# curl "http://localhost:9200" { "name" : "6a1036c69d59", "cluster_name" : "docker-cluster", "cluster_uuid" : "0zgLiGhESGKQYTYy9gH4iA", "version" : { "number" : "7.17.1", "build_flavor" : "default", "build_type" : "docker", "build_hash" : "e5acb99f822233d62d6444ce45a4543dc1c8059a", "build_date" : "2022-02-23T22:20:54.153567231Z", "build_snapshot" : false, "lucene_version" : "8.11.1", "minimum_wire_compatibility_version" : "6.8.0", "minimum_index_compatibility_version" : "6.0.0-beta1" }, "tagline" : "You Know, for Search" } [root@iZuf6ai62xce7wexx4wwi9Z config]#
安装kibana
- 运行临时容器#
docker run -d --name kibana -p 5601:5601 kibana:7.17.1
- 创建本地挂载文件#
mkdir -p /data/kibana/config docker cp kibana:/usr/share/kibana/config /data/kibana/
在本地就能看到拷贝出来的kibana.yml文件,
vim /data/kibana/config/kibana.yml
修改配置为
# # ** THIS IS AN AUTO-GENERATED FILE ** # # Default Kibana configuration for docker target server.host: "0" server.shutdownTimeout: "5s" elasticsearch.hosts: [ "http://localhost:9200" ] # 记得修改ip monitoring.ui.container.elasticsearch.enabled: true i18n.locale: "zh-CN"
- 停掉临时容器并重新启动#
停掉旧的
docker stop kibana docker rm kibana
重新启动挂载了地址的新的容器
docker run -d --name kibana -p 5601:5601 -v /data/kibana/config:/usr/share/kibana/config kibana:7.17.1
- 进入elasticsearch容器获取token#
docker exec -it {elastic_search_container_id} /bin/bash bin/elasticsearch-create-enrollment-token --scope kibana
拷贝token到kibana的ui上输入
5. 进入kibana容器获取验证码#
进入kibana容器获取token
docker exec -it kibana /bin/bash # 执行生成验证码命令 bin/kibana-verification-code
- 重置elastic密码#
进入es容器
docker exec -it {elastic_search_container_id} /bin/bash bin/elasticsearch-reset-password --username elastic -i
后面就使用elastic账户和密码登录kibana
为es和kibana设置密码
es开启x-pack
vim /data/elasticsearch/config/elasticsearch.yml
增加以下xpack.security.enabled
cluster.name: "docker-cluster-01" network.host: 0.0.0.0 http.cors.enabled: true http.cors.allow-origin: "*" http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type # 此处开启xpack xpack.security.enabled: true
重启es容器
docker restart elasticsearch
进入es容器修改密码
docker exec -ti elasticsearch /bin/bash /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
然后会分别让重置以下的密码,这里重置成123456
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user. You will be prompted to enter passwords as the process progresses. Please confirm that you would like to continue [y/N]y Enter password for [elastic]: passwords must be at least [6] characters long Try again. Enter password for [elastic]: Reenter password for [elastic]: Enter password for [apm_system]: Reenter password for [apm_system]: Enter password for [kibana_system]: Reenter password for [kibana_system]: Enter password for [logstash_system]: Reenter password for [logstash_system]: Enter password for [beats_system]: Reenter password for [beats_system]: Enter password for [remote_monitoring_user]: Reenter password for [remote_monitoring_user]: Changed password for user [apm_system] Changed password for user [kibana_system] Changed password for user [kibana] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [remote_monitoring_user] Changed password for user [elastic]
重置完毕之后带上用户就可以访问了
[root@k8s-master ~]# curl localhost:9200 -u elastic Enter host password for user 'elastic': { "name" : "cd52e7fbacd1", "cluster_name" : "docker-cluster", "cluster_uuid" : "0S-V9zElSie_zXtcDRssAQ", "version" : { "number" : "8.1.2", "build_flavor" : "default", "build_type" : "docker", "build_hash" : "31df9689e80bad366ac20176aa7f2371ea5eb4c1", "build_date" : "2022-03-29T21:18:59.991429448Z", "build_snapshot" : false, "lucene_version" : "9.0.0", "minimum_wire_compatibility_version" : "7.17.0", "minimum_index_compatibility_version" : "7.0.0" }, "tagline" : "You Know, for Search" } [root@k8s-master ~]#
修改kibana的密码#
修改配置文件
vi /data/kibana/config/kibana.yml
# # ** THIS IS AN AUTO-GENERATED FILE ** # # Default Kibana configuration for docker target server.host: "0" server.shutdownTimeout: "5s" elasticsearch.hosts: [ "http://172.17.0.3:9200" ] monitoring.ui.container.elasticsearch.enabled: true i18n.locale: "zh-CN" # 此处设置elastic的用户名和密码 elasticsearch.username: elastic elasticsearch.password: "123456"
重启容器
docker restart kibana 安装elastic-head
docker run -d \ --name=elasticsearch-head \ -p 9100:9100 \ mobz/elasticsearch-head:5-alpine
连接集群 不能连localhost:9200,而是
http://{ip}:9200/
后续带x-pack的认证信息的访问
url上带上用户名密码
http://{ip}:9100/?auth_user=elastic&auth_password=123456
