close

Docker Compose for Elasticsearch & Kibana: Setup & Configuration

In this article, we will explore how to deploy Elasticsearch and Kibana using Docker Compose. These are two key components of the ELK Stack(Elasticsearch, Logstash, Kibana), helping you search, analyze, and visualize data effectively. Below are the detailed configurations and how each component works.

1. Elasticsearch

a. Basic Configuration

Elasticsearch is configured to run in a Docker container with the following parameters:

  • Image: The official Elasticsearch image, version 8.17.2, is used.

  • Single-node mode: Enabled via the environment variable discovery.type=single-node.

  • Security: X-Pack security is enabled(xpack.security.enabled=true), and the password for the elastic user is set to YVG6PKplG6ugGOw.

  • Network: Elasticsearch listens on all network interfaces(network.host=0.0.0.0).

  • JVM Memory: Configured with -Xms1g (initial memory) and -Xmx1g (maximum memory).

b. Ports and Volumes

  • Ports: Port 9200 (HTTP) and 9300 (internal communication) are mapped from the container to the host.

  • Volumes: Elasticsearch data is stored in the elasticsearch-data volume.

c. Healthcheck

A healthcheck is set up to monitor Elasticsearch's status by calling the /_cluster/health API with the elastic user. If the API fails to respond, the container will restart.

2. Kibana

a. Basic Configuration

Kibana is configured to connect to Elasticsearch and run in a Docker container with the following parameters:

  • Image: The official Kibana image, version 8.17.2, is used.

  • Elasticsearch Connection: The Elasticsearch address is set to http://elasticsearch:9200.

  • Authentication: Kibana uses the kibana_user with the password YVG6PKplG6ugGOw to connect to Elasticsearch.

b. Ports and Networks

  • Ports: Port 5601 is mapped from the container to the host to access the Kibana interface.

  • Networks: Kibana is connected to the elk-network.

c. Dependency on Elasticsearch

Kibana only starts after Elasticsearch is ready, ensuring a successful connection between the two services.

3. Volume and Network

a. Volume

  • elasticsearch-data: This volume is used to store Elasticsearch data, ensuring data persistence even if the container is deleted.

b. Network

  • elk-network: A bridge network is created to connect Elasticsearch and Kibana services.

4. How to Use

a. Starting the Services

To start Elasticsearch and Kibana, run the following command:

docker-compose up -d

b. Creating a Kibana User(If Needed)

If you want to use a dedicated user for Kibana, you can create one with the following command:

docker exec -it elasticsearch /bin/elasticsearch-users useradd kibana_user -p you_password-r kibana_system
ج. إنشاء Token(في حالة استخدام الرموز)

لاستخدام كلمة مرور tokenبدلاً من كلمة مرور، يمكنك إنشاء واحدة باستخدام الأمر التالي:

docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-service-tokens create elastic/kibana kibana-token

5. استكشاف الأخطاء وإصلاحها

  • إذا واجهت أخطاء، فيمكنك التحقق من سجلات الحاوية باستخدام:

    docker logs elasticsearch 
docker logs kibana

  • لإعادة التشغيل Kibana:

    docker-compose down kibana && docker-compose up -d kibana

المحتوى الكامل Docker Composeللملف

فيما يلي المحتوى الكامل للملف  docker-compose-els.yml :

version: '3.7'  
  
services:  
  elasticsearch:  
    image: docker.elastic.co/elasticsearch/elasticsearch:8.17.2  
    container_name: elasticsearch  
    environment:  
   - discovery.type=single-node  
   - xpack.security.enabled=true  
   - ELASTIC_PASSWORD=you_password  
   - network.host=0.0.0.0  
   - ES_JAVA_OPTS=-Xms1g -Xmx1g  
    ports:  
   - '9200:9200'  
   - '9300:9300'  
    volumes:  
   - elasticsearch-data:/usr/share/elasticsearch/data  
    ulimits:  
      memlock:  
        soft: -1  
        hard: -1  
    networks:  
   - elk-network  
  
    healthcheck:  
      test: ["CMD-SHELL", "curl -u elastic:YVG6PKplG6ugGOw --silent --fail localhost:9200/_cluster/health || exit 1"]  
      interval: 10s  
      retries: 5  
      start_period: 30s  
      timeout: 5s  
  
  kibana:  
    image: docker.elastic.co/kibana/kibana:8.17.2  
    container_name: kibana
    ports:  
   - '5601:5601'  
    environment:  
   - ELASTICSEARCH_HOSTS=http://elasticsearch:9200  
   - ELASTICSEARCH_USERNAME=kibana_user  
   - ELASTICSEARCH_PASSWORD=you_password  
    networks:  
   - elk-network  
    depends_on:  
      elasticsearch:  
        condition: service_healthy  
  
volumes:
  elasticsearch-data:  
    driver: local  
  
networks:  
  elk-network:  
    driver: bridge

خاتمة

باستخدام هذا Docker Composeالتكوين، يمكنك بسهولة نشر Elasticsearchوتلبية Kibanaاحتياجاتك في البحث عن البيانات وتحليلها وتصورها. خصّص هذا التكوين ووسّعه ليناسب متطلبات مشروعك المحددة!