docker安装elasticsearch和kibana

发布于:2025-06-29 ⋅ 阅读:(14) ⋅ 点赞:(0)

elasticsearch版本和kibana版本需保持一致。这里我使用的都是8.18.2

安装elasticsearch

docker-compose.yml

networks:
    es-net: 
        external: true
services:
    elasticsearch:
        container_name: es01
        deploy:
            resources:
                limits:
                    cpus: 0
                    memory: 0
        environment:
            - discovery.type=single-node
            - ELASTIC_PASSWORD=elastic
            - xpack.security.enabled=abc123
            - ES_JAVA_OPTS=-Xlog:disable -Xlog:gc=debug:stderr -Xms512m -Xmx512m
        image: elasticsearch:8.18.2
        labels:
            createdBy: Apps
        networks:
            - 1panel-network
        ports:
            - 9200:9200
            - 9300:9300
        restart: always
        ulimits:
            memlock:
                hard: -1
                soft: -1
            nofile:
                hard: 65536
                soft: 65536
        volumes:
            - ./data/data:/usr/share/elasticsearch/data
            - ./data/backup:/usr/share/elasticsearch/backup
            - ./data/conf/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml


docker compose down
docker compose up -d

安装kibana

doceker-compose.yml

networks:
    es-net:
        external: true
services:
    kibana:
        container_name: kibana01
        deploy:
            resources:
                limits:
                    cpus: 0
                    memory: 0
        environment:
            - ELASTICSEARCH_HOSTS=http://es01:9200  # 通过服务名连接ES
            # - SERVER_HOST=0.0.0.0                   # 允许外部访问(默认已启用)
            - I18N_LOCALE=zh-CN                      # 中文界面
            # 若ES启用安全认证:
            # - ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}
            # - ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD}
            - ELASTICSEARCH_SERVICEACCOUNTTOKEN=AAEAAWV***IRzJTdldvVDRn
            
        image: kibana:8.18.2
        labels:
            createdBy: Apps
        networks:
            - es-net
        ports:
            - 5601:5601
        restart: always
        ulimits:
            memlock:
                hard: -1
                soft: -1
            nofile:
                hard: 65536
                soft: 65536
        # volumes:
        #     - ./kibana-config/kibana.yml:/usr/share/kibana/config/kibana.yml

Elasticsearch 8.0 起,Kibana 不再允许使用 elastic 用户写入系统索引,因为这存在安全风险。可以参考https://www.elastic.co/guide/en/elasticsearch/reference/8.0/service-accounts.html
解决方案:使用服务账号令牌(Service Account Token)
进入你的kibana容器

bin/elasticsearch-service-tokens create elastic/kibana kibana-token
  • Elasticsearch 限定只能使用预定义的服务账号主账号名(principal),因此不能使用kibana作为账号名,而应使用elastic/kibana
  • elastic/kibana 是内置的服务账号(principal)
  • kibana-token 是你自定义的令牌名(token name)
    运行后你会得到类似结果:
SERVICE_TOKEN elastic/kibana/kibana-token = AAEAAWV***IRzJTdldvVDRn

其中AAEAAWV***IRzJTdldvVDRn就是你得到的token

可以配置kibana.yml


volumes:
 - ./kibana-config/kibana.yml:/usr/share/kibana/config/kibana.yml

elasticsearch.hosts: ["http://elasticsearch:9200"]
elasticsearch.serviceAccountToken: "AAEAAWV***IRzJTdldvVDRn"

也可以直接添加环境变量

environment:
  - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
  - ELASTICSEARCH_SERVICEACCOUNTTOKEN=AAEAAWV***IRzJTdldvVDRn

使用

浏览器访问http://you_server_host:5601,进入kibana的登入界面
账号和密码是elastic的账号密码

elastic
abc123

网站公告

今日签到

点亮在社区的每一天
去签到

热门文章

最新发布