elasticsearch6.8版本docker部署配置xpack认证
1、docker-compose.yml
这里的volume挂载中config的挂载挂载方式:
先#注释掉config的挂载,然后启动es,将config整个目录copy到宿主机的config目录中,修改文件权限。然后去掉注释,重新启动就可以成功挂载
version: '3' services: elasticsearch6_n0: image: elasticsearch:6.8.10 container_name: elasticsearch6_n0 privileged: true environment: - cluster.name=elasticsearch6-cluster - node.name=node0 - node.master=true - node.data=true - bootstrap.memory_lock=true - http.cors.enabled=true - http.cors.allow-origin=* - "ES_JAVA_OPTS=-Xms6g -Xmx6g" - "discovery.zen.ping.unicast.hosts=elasticsearch6_n0,elasticsearch6_n1,elasticsearch6_n2" - "discovery.zen.minimum_master_nodes=2" ulimits: memlock: soft: -1 hard: -1 volumes: - ./data/node0:/usr/share/elasticsearch/data - ./logs/node0:/usr/share/elasticsearch/logs - ./config:/usr/share/elasticsearch/config ports: - 9200:9200 networks: - esnet elasticsearch6_n1: image: elasticsearch:6.8.10 container_name: elasticsearch6_n1 privileged: true environment: - cluster.name=elasticsearch6-cluster - node.name=node1 - node.master=true - node.data=true - bootstrap.memory_lock=true - http.cors.enabled=true - http.cors.allow-origin=* - "ES_JAVA_OPTS=-Xms6g -Xmx6g" - "discovery.zen.ping.unicast.hosts=elasticsearch6_n0,elasticsearch6_n1,elasticsearch6_n2" - "discovery.zen.minimum_master_nodes=2" ulimits: memlock: soft: -1 hard: -1 volumes: - ./data/node1:/usr/share/elasticsearch/data - ./logs/node1:/usr/share/elasticsearch/logs - ./config:/usr/share/elasticsearch/config ports: - 9201:9200 networks: - esnet elasticsearch6_n2: image: elasticsearch:6.8.10 container_name: elasticsearch6_n2 privileged: true environment: - cluster.name=elasticsearch6-cluster - node.name=node1 - node.master=true - node.data=true - bootstrap.memory_lock=true - http.cors.enabled=true - http.cors.allow-origin=* - "ES_JAVA_OPTS=-Xms6g -Xmx6g" - "discovery.zen.ping.unicast.hosts=elasticsearch6_n0,elasticsearch6_n1,elasticsearch6_n2" - "discovery.zen.minimum_master_nodes=2" ulimits: memlock: soft: -1 hard: -1 volumes: - ./data/node2:/usr/share/elasticsearch/data - ./logs/node2:/usr/share/elasticsearch/logs - ./config:/usr/share/elasticsearch/config ports: - 9202:9200 networks: - esnet kibana: image: kibana:6.8.10 container_name: kibana6 environment: - ELASTICSEARCH_HOSTS=http://elasticsearch6_n0:9200 volumes: - ./kibana/config:/usr/share/kibana/config ports: - 5602:5601 networks: - esnet networks: esnet: driver: bridge
2、elasticsearch.yml
cluster.name: "docker-cluster" network.host: 0.0.0.0 xpack.security.transport.ssl.keystore.type: PKCS12 xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.type: PKCS12 xpack.security.audit.enabled: true xpack.security.enabled: true xpack.security.transport.ssl.enabled: true
3、kibana.yml
# # ** THIS IS AN AUTO-GENERATED FILE ** # # Default Kibana configuration for docker target server.name: kibana server.host: "0" elasticsearch.hosts: [ "http://elasticsearch:9200" ] xpack.monitoring.ui.container.elasticsearch.enabled: true elasticsearch.username: "kibana" elasticsearch.password: "xxxxxxxx" #输入你自己的密码
4、生成ca证书
docker-compose启动docker
docker exec进入其中一个节点容器之后
执行./bin/elasticsearch-certutil ca命令生成ca证书: elastic-stack-ca.p12
执行./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12生成cert: elastic-certificates.p12
通过docker cp将elastic-certificates.p12拷贝到容器外挂载的config目录,用于认证
5、重启es集群然后设置密码
docker-compose重启docker
./bin/elasticsearch-setup-passwords interactive命令进行密码设置
至此完成设置,此时打开kibana,可看到需要输入用户名密码,建议用elastic用户登录
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· SQL Server 2025 AI相关能力初探
· AI编程工具终极对决:字节Trae VS Cursor,谁才是开发者新宠?
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南