close

Docker Compose for Elasticsearch & Kibana: Setup & Configuration

In this article, we will explore how to deploy Elasticsearch and Kibana using Docker Compose. These are two key components of the ELK Stack (Elasticsearch, Logstash, Kibana), helping you search, analyze, and visualize data effectively. Below are the detailed configurations and how each component works.

1. Elasticsearch

a. Basic Configuration

Elasticsearch is configured to run in a Docker container with the following parameters:

  • Image: The official Elasticsearch image, version 8.17.2, is used.

  • Single-node mode: Enabled via the environment variable discovery.type=single-node.

  • Security: X-Pack security is enabled (xpack.security.enabled=true), and the password for the elastic user is set to YVG6PKplG6ugGOw.

  • Network: Elasticsearch listens on all network interfaces (network.host=0.0.0.0).

  • JVM Memory: Configured with -Xms1g (initial memory) and -Xmx1g (maximum memory).

b. Ports and Volumes

  • Ports: Port 9200 (HTTP) and 9300 (internal communication) are mapped from the container to the host.

  • Volumes: Elasticsearch data is stored in the elasticsearch-data volume.

c. Healthcheck

A healthcheck is set up to monitor Elasticsearch's status by calling the /_cluster/health API with the elastic user. If the API fails to respond, the container will restart.

2. Kibana

a. Basic Configuration

Kibana is configured to connect to Elasticsearch and run in a Docker container with the following parameters:

  • Image: The official Kibana image, version 8.17.2, is used.

  • Elasticsearch Connection: The Elasticsearch address is set to http://elasticsearch:9200.

  • Authentication: Kibana uses the kibana_user with the password YVG6PKplG6ugGOw to connect to Elasticsearch.

b. Ports and Networks

  • Ports: Port 5601 is mapped from the container to the host to access the Kibana interface.

  • Networks: Kibana is connected to the elk-network.

c. Dependency on Elasticsearch

Kibana only starts after Elasticsearch is ready, ensuring a successful connection between the two services.

3. Volume and Network

a. Volume

  • elasticsearch-data: This volume is used to store Elasticsearch data, ensuring data persistence even if the container is deleted.

b. Network

  • elk-network: A bridge network is created to connect Elasticsearch and Kibana services.

4. How to Use

a. Starting the Services

To start Elasticsearch and Kibana, run the following command:

docker-compose up -d

b. Creating a Kibana User (If Needed)

If you want to use a dedicated user for Kibana, you can create one with the following command:

docker exec -it elasticsearch /bin/elasticsearch-users useradd kibana_user -p you_password-r kibana_system
c. Creating a Token (If Using Tokens)

To use a token instead of a password, you can create one with the following command:

docker exec -it elasticsearch /usr/share/elasticsearch/bin/elasticsearch-service-tokens create elastic/kibana kibana-token

5. Troubleshooting

  • If you encounter errors, you can check the container logs using:

    docker logs elasticsearch 
docker logs kibana

  • To restart Kibana:

    docker-compose down kibana && docker-compose up -d kibana

Full Content of the Docker Compose File

Below is the full content of the docker-compose-els.yml file:

version: '3.7'

services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:8.17.2
    container_name: elasticsearch
    environment:
      - discovery.type=single-node
      - xpack.security.enabled=true
      - ELASTIC_PASSWORD=you_password
      - network.host=0.0.0.0
      - ES_JAVA_OPTS=-Xms1g -Xmx1g
    ports:
      - '9200:9200'
      - '9300:9300'
    volumes:
      - elasticsearch-data:/usr/share/elasticsearch/data
    ulimits:
      memlock:
        soft: -1
        hard: -1
    networks:
      - elk-network

    healthcheck:
      test: ["CMD-SHELL", "curl -u elastic:YVG6PKplG6ugGOw --silent --fail localhost:9200/_cluster/health || exit 1"]
      interval: 10s
      retries: 5
      start_period: 30s
      timeout: 5s

  kibana:
    image: docker.elastic.co/kibana/kibana:8.17.2
    container_name: kibana
    ports:
      - '5601:5601'
    environment:
      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
      - ELASTICSEARCH_USERNAME=kibana_user
      - ELASTICSEARCH_PASSWORD=you_password
    networks:
      - elk-network
    depends_on:
      elasticsearch:
        condition: service_healthy

volumes:
  elasticsearch-data:
    driver: local

networks:
  elk-network:
    driver: bridge

Conclusion

With this Docker Compose configuration, you can easily deploy Elasticsearch and Kibana to serve your data search, analysis, and visualization needs. Customize and extend this configuration to fit the specific requirements of your project!