iac
/
docker-elk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: Render notes and warnings using GitHub admonitions 

https://github.com/github/feedback/discussions/16925
This commit is contained in:
Antoine Cotten 2022-05-21 12:14:56 +02:00
parent 4319be7cd0
commit 1557e27bff
No known key found for this signature in database
GPG Key ID: 94637E68D4A79DD0
2 changed files with 45 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
README.md
View File

@ -11,10 +11,11 @@ the visualization power of Kibana.
![Animated demo](https://user-images.githubusercontent.com/3299086/155972072-0c89d6db-707a-47a1-818b-5f976565f95a.gif) ![Animated demo](https://user-images.githubusercontent.com/3299086/155972072-0c89d6db-707a-47a1-818b-5f976565f95a.gif)
*:information_source: The Docker images backing this stack include [X-Pack][xpack] with [paid features][paid-features] > **Note**
enabled by default (see [How to disable paid features](#how-to-disable-paid-features) to disable them). **The [trial > The Docker images backing this stack include [X-Pack][xpack] with [paid features][paid-features] enabled by default
license][trial-license] is valid for 30 days**. After this license expires, you can continue using the free features > (see [How to disable paid features](#how-to-disable-paid-features) to disable them). **The [trial
seamlessly, without losing any data.* > license][trial-license] is valid for 30 days**. After this license expires, you can continue using the free features
> seamlessly, without losing any data.
Based on the official Docker images from Elastic: Based on the official Docker images from Elastic:
@ -79,8 +80,9 @@ own_. [sherifabdlnaby/elastdocker][elastdocker] is one example among others of p
* [Docker Compose][compose-install] version **1.26.0** or newer (including [Compose V2][compose-v2]) * [Docker Compose][compose-install] version **1.26.0** or newer (including [Compose V2][compose-v2])
* 1.5 GB of RAM * 1.5 GB of RAM
*:information_source: Especially on Linux, make sure your user has the [required permissions][linux-postinstall] to > **Note**
interact with the Docker daemon.* > Especially on Linux, make sure your user has the [required permissions][linux-postinstall] to interact with the Docker
> daemon.
By default, the stack exposes the following ports: By default, the stack exposes the following ports:
@ -91,9 +93,10 @@ By default, the stack exposes the following ports:
* 9300: Elasticsearch TCP transport * 9300: Elasticsearch TCP transport
* 5601: Kibana * 5601: Kibana
**:warning: Elasticsearch's [bootstrap checks][booststap-checks] were purposely disabled to facilitate the setup of the > **Warning**
Elastic stack in development environments. For production setups, we recommend users to set up their host according to > Elasticsearch's [bootstrap checks][booststap-checks] were purposely disabled to facilitate the setup of the Elastic
the instructions from the Elasticsearch documentation: [Important System Configuration][es-sys-config].** > stack in development environments. For production setups, we recommend users to set up their host according to the
> instructions from the Elasticsearch documentation: [Important System Configuration][es-sys-config].
### Docker Desktop ### Docker Desktop
@ -110,8 +113,9 @@ instructions from the [documentation][mac-filesharing] to add more locations.
## Usage ## Usage
**:warning: You must rebuild the stack images with `docker-compose build` whenever you switch branch or update the > **Warning**
[version](#version-selection) of an already existing stack.** > You must rebuild the stack images with `docker-compose build` whenever you switch branch or update the
> [version](#version-selection) of an already existing stack.
### Bringing up the stack ### Bringing up the stack
@ -122,8 +126,8 @@ Compose:
$ docker-compose up $ docker-compose up
``` ```
*:information_source: You can also run all services in the background (detached mode) by appending the `-d` flag to the > **Note**
above command.* > You can also run all services in the background (detached mode) by appending the `-d` flag to the above command.
Give Kibana about a minute to initialize, then access the Kibana web UI by opening <http://localhost:5601> in a web Give Kibana about a minute to initialize, then access the Kibana web UI by opening <http://localhost:5601> in a web
browser and use the following (default) credentials to log in: browser and use the following (default) credentials to log in:
@ -131,20 +135,22 @@ browser and use the following (default) credentials to log in:
* user: *elastic* * user: *elastic*
* password: *changeme* * password: *changeme*
*:information_source: Upon the initial startup, the `elastic`, `logstash_internal` and `kibana_system` Elasticsearch > **Note**
users are intialized with the values of the passwords defined in the [`.env`](.env) file (_"changeme"_ by default). The > Upon the initial startup, the `elastic`, `logstash_internal` and `kibana_system` Elasticsearch users are intialized
first one is the [built-in superuser][builtin-users], the other two are used by Kibana and Logstash respectively to > with the values of the passwords defined in the [`.env`](.env) file (_"changeme"_ by default). The first one is the
communicate with Elasticsearch. This task is only performed during the _initial_ startup of the stack. To change users' > [built-in superuser][builtin-users], the other two are used by Kibana and Logstash respectively to communicate with
passwords _after_ they have been initialized, please refer to the instructions in the next section.* > Elasticsearch. This task is only performed during the _initial_ startup of the stack. To change users' passwords
> _after_ they have been initialized, please refer to the instructions in the next section.
### Initial setup ### Initial setup
#### Setting up user authentication #### Setting up user authentication
*:information_source: Refer to [Security settings in Elasticsearch][es-security] to disable authentication.* > **Note**
> Refer to [Security settings in Elasticsearch][es-security] to disable authentication.
**:warning: Starting with Elastic v8.0.0, it is no longer possible to run Kibana using the bootstraped privileged > **Warning**
`elastic` user.** > Starting with Elastic v8.0.0, it is no longer possible to run Kibana using the bootstraped privileged `elastic` user.
The _"changeme"_ password set by default for all aforementioned users is **unsecure**. For increased security, we will The _"changeme"_ password set by default for all aforementioned users is **unsecure**. For increased security, we will
reset the passwords of all aforementioned Elasticsearch users to random secrets. reset the passwords of all aforementioned Elasticsearch users to random secrets.
@ -176,10 +182,10 @@ reset the passwords of all aforementioned Elasticsearch users to random secrets.
Its value isn't used by any core component, but [extensions](#how-to-enable-the-provided-extensions) use it to Its value isn't used by any core component, but [extensions](#how-to-enable-the-provided-extensions) use it to
connect to Elasticsearch. connect to Elasticsearch.
*:information_source: In case you don't plan on using any of the provided > **Note**
[extensions](#how-to-enable-the-provided-extensions), or prefer to create your own roles and users to authenticate > In case you don't plan on using any of the provided [extensions](#how-to-enable-the-provided-extensions), or
these services, it is safe to remove the `ELASTIC_PASSWORD` entry from the `.env` file altogether after the stack > prefer to create your own roles and users to authenticate these services, it is safe to remove the
has been initialized.* > `ELASTIC_PASSWORD` entry from the `.env` file altogether after the stack has been initialized.
Replace the password of the `logstash_internal` user inside the `.env` file with the password generated in the Replace the password of the `logstash_internal` user inside the `.env` file with the password generated in the
previous step. Its value is referenced inside the Logstash pipeline file (`logstash/pipeline/logstash.conf`). previous step. Its value is referenced inside the Logstash pipeline file (`logstash/pipeline/logstash.conf`).
@ -195,7 +201,8 @@ reset the passwords of all aforementioned Elasticsearch users to random secrets.
$ docker-compose up -d logstash kibana $ docker-compose up -d logstash kibana
``` ```
*:information_source: Learn more about the security of the Elastic stack at [Secure the Elastic Stack][sec-cluster].* > **Note**
> Learn more about the security of the Elastic stack at [Secure the Elastic Stack][sec-cluster].
#### Injecting data #### Injecting data
@ -238,8 +245,9 @@ To use a different version of the core Elastic components, simply change the ver
file. If you are upgrading an existing stack, remember to rebuild all container images using the `docker-compose build` file. If you are upgrading an existing stack, remember to rebuild all container images using the `docker-compose build`
command. command.
**:warning: Always pay attention to the [official upgrade instructions][upgrade] for each individual component before > **Warning**
performing a stack upgrade.** > Always pay attention to the [official upgrade instructions][upgrade] for each individual component before performing a
> stack upgrade.
Older major versions are also supported on separate branches: Older major versions are also supported on separate branches:
@ -249,8 +257,9 @@ Older major versions are also supported on separate branches:
## Configuration ## Configuration
*:information_source: Configuration is not dynamically reloaded, you will need to restart individual components after > **Note**
any configuration change.* > Configuration is not dynamically reloaded, you will need to restart individual components after any configuration
> change.
### How to configure Elasticsearch ### How to configure Elasticsearch

10
extensions/enterprise-search/README.md
View File

@ -31,8 +31,9 @@ secret_management.encryption_keys:
secret_management.encryption_keys: [my_first_encryption_key, my_second_encryption_key, ...] secret_management.encryption_keys: [my_first_encryption_key, my_second_encryption_key, ...]
``` ```
> :information_source: To generate a strong encryption key, for example using the AES-256 cipher, you can use the > **Note**
> OpenSSL utility or any other online/offline tool of your choice: > To generate a strong encryption key, for example using the AES-256 cipher, you can use the OpenSSL utility or any
> other online/offline tool of your choice:
> >
> ```console > ```console
> $ openssl enc -aes-256 -P > $ openssl enc -aes-256 -P
@ -100,8 +101,9 @@ enterprise-search:
ENT_SEARCH_DEFAULT_PASSWORD: {{some strong password}} ENT_SEARCH_DEFAULT_PASSWORD: {{some strong password}}
``` ```
> :warning: The default Enterprise Search password can only be set during the initial boot. Once the password is > **Warning**
> persisted in Elasticsearch, it can only be changed via the Elasticsearch API. > The default Enterprise Search password can only be set during the initial boot. Once the password is persisted in
> Elasticsearch, it can only be changed via the Elasticsearch API.
For more information, please refer to [User Management and Security][enterprisesearch-security]. For more information, please refer to [User Management and Security][enterprisesearch-security].