安装目标

使用docker安装elastic searchkibana,版本均为7.17.1

安装es

1. docker pull

去dockerhub看具体版本,这里用7.17.1

docker pull elasticsearch:7.17.1
docker pull kibana:7.17.1

2. 临时安装生成文件

 docker run -d --name elasticsearch  -p 9200:9200 -p 9300:9300 -e  "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms256m -Xmx256m" elasticsearch:7.17.1

参数说明

  • -d 后台启动
  • –name 起别名即:NAMES
  • -p 9200:9200 将端口映射出来
    elasticsearch的9200端口是供外部访问使用;9300端口是供内部访问使用集群间通讯
  • -e "discovery.type=single-node"单节点启动
  • -e ES_JAVA_OPTS="-Xms256m -Xmx256m" 限制内存大小

确保成功启动

docker ps

3. 设置外部数据卷

  1. 执行
mkdir -p /data/elasticsearch/{config,data,logs,plugins}
yml
  1. 将容器内文件拷贝出来
docker cp elasticsearch:/usr/share/elasticsearch/config /data/elasticsearch
docker cp elasticsearch:/usr/share/elasticsearch/logs /data/elasticsearch
docker cp elasticsearch:/usr/share/elasticsearch/data /data/elasticsearch
docker cp elasticsearch:/usr/share/elasticsearch/plugins /data/elasticsearch
  1. 设置elasticsearch.yml的内容
vi /data/elasticsearch/config/elasticsearch.yml
  • 确保有以下几个配置,原有的配置可以不改动
cluster.name: "docker-cluster"
network.hosts:0.0.0.0
# 跨域
http.cors.allow-origin: "*"
http.cors.enabled: true
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

4. 停止并删除临时容器

docker stop elasticsearch
docker rm elasticsearch

5. 重新起容器并挂载外部文件夹

docker run -d --name elasticsearch \
-p 9200:9200 \
-p 9300:9300 \
-e "discovery.type=single-node" \
-e ES_JAVA_OPTS="-Xms256m -Xmx256m" \
-v /data/elasticsearch/logs:/usr/share/elasticsearch/logs \
-v /data/elasticsearch/data:/usr/share/elasticsearch/data \
-v /data/elasticsearch/plugins:/usr/share/elasticsearch/plugins \
-v /data/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
elasticsearch:7.17.1

等docker容器起来一分钟左右,再访问9200 端口,会返回

[root@iZuf6ai62xce7wexx4wwi9Z config]# curl "http://localhost:9200"
{
  "name" : "6a1036c69d59",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "0zgLiGhESGKQYTYy9gH4iA",
  "version" : {
    "number" : "7.17.1",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "e5acb99f822233d62d6444ce45a4543dc1c8059a",
    "build_date" : "2022-02-23T22:20:54.153567231Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}
[root@iZuf6ai62xce7wexx4wwi9Z config]#

安装kibana

1. 运行临时容器

docker run -d --name kibana -p 5601:5601 kibana:7.17.1

2. 创建本地挂载文件

mkdir -p /data/kibana/config
docker cp kibana:/usr/share/kibana/config /data/kibana/

在本地就能看到拷贝出来的kibana.yml文件,

vim /data/kibana/config/kibana.yml

修改配置为

#
# ** THIS IS AN AUTO-GENERATED FILE **
#

# Default Kibana configuration for docker target
server.host: "0"
server.shutdownTimeout: "5s"
elasticsearch.hosts: [ "http://localhost:9100" ] # 记得修改ip
monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: "zh-CN"

3. 停掉临时容器并重新启动

  1. 停掉旧的
docker stop kibana
docker rm kibana
  1. 重新启动挂载了地址的新的容器
docker run -d --name kibana -p 5601:5601 -v /data/kibana/config:/usr/share/kibana/config kibana:7.17.1

4. 进入elasticsearch容器获取token

  1. 访问kibana发现需要token

  2. 进入es容器获取token

docker exec -it {elastic_search_container_id} /bin/bash
bin/elasticsearch-create-enrollment-token --scope kibana
  1. 拷贝token到kibana的ui上输入

5. 进入kibana容器获取验证码

  1. 进入kibana容器获取token
docker exec -it kibana /bin/bash

# 执行生成验证码命令
bin/kibana-verification-code

6. 重置elastic密码

进入es容器

docker exec -it {elastic_search_container_id} /bin/bash
bin/elasticsearch-reset-password --username elastic -i

后面就使用elastic账户和密码登录kibana

为es和kibana设置密码

  1. es开启x-pack
vim /data/elasticsearch/config/elasticsearch.yml

增加以下xpack.security.enabled

cluster.name: "docker-cluster-01"
network.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

# 此处开启xpack
xpack.security.enabled: true

重启es容器

docker restart elasticsearch
  1. 进入es容器修改密码
docker exec -ti elasticsearch /bin/bash
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive

然后会分别让重置以下的密码,这里重置成123456

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
passwords must be at least [6] characters long
Try again.
Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
  1. 重置完毕之后带上用户就可以访问了
[root@k8s-master ~]# curl localhost:9200 -u elastic
Enter host password for user 'elastic':
{
  "name" : "cd52e7fbacd1",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "0S-V9zElSie_zXtcDRssAQ",
  "version" : {
    "number" : "8.1.2",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "31df9689e80bad366ac20176aa7f2371ea5eb4c1",
    "build_date" : "2022-03-29T21:18:59.991429448Z",
    "build_snapshot" : false,
    "lucene_version" : "9.0.0",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}
[root@k8s-master ~]#

修改kibana的密码

  1. 修改配置文件
vi /data/kibana/config/kibana.yml
#
# ** THIS IS AN AUTO-GENERATED FILE **
#

# Default Kibana configuration for docker target
server.host: "0"
server.shutdownTimeout: "5s"
elasticsearch.hosts: [ "http://172.17.0.3:9200" ]
monitoring.ui.container.elasticsearch.enabled: true
i18n.locale: "zh-CN"
# 此处设置elastic的用户名和密码
elasticsearch.username: elastic
elasticsearch.password: "123456"

  1. 重启容器
docker restart kibana

安装elastic-head

docker run -d \
--name=elasticsearch-head \
-p 9100:9100 \
mobz/elasticsearch-head:5-alpine
  1. 连接集群 不能连localhost:9200,而是
http://{ip}:9200/
  1. 后续带x-pack的认证信息的访问
  • url上带上用户名密码
http://{ip}:9100/?auth_user=elastic&auth_password=123456
04-10 23:23