iac
/
docker-elk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to v7.8.0

This commit is contained in:
Antoine Cotten 2020-06-24 16:34:49 +02:00
parent 155c33cc91
commit c0dcc2489b
No known key found for this signature in database
GPG Key ID: 94637E68D4A79DD0
8 changed files with 34 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@ -1 +1 @@
ELK_VERSION=7.7.1
ELK_VERSION=7.8.0

6
.travis.yml
View File

@ -19,7 +19,7 @@ before_script:
- docker-compose build
# Use built-in users with passwords set by 'elasticsearch-setup-passwords.exp'
- sed -i -e 's/\(elasticsearch.username:\) elastic/\1 kibana/g' -e 's/\(elasticsearch.password:\) changeme/\1 testpasswd/g' kibana/config/kibana.yml
- sed -i -e 's/\(elasticsearch.username:\) elastic/\1 kibana_system/g' -e 's/\(elasticsearch.password:\) changeme/\1 testpasswd/g' kibana/config/kibana.yml
- sed -i -e 's/\(xpack.monitoring.elasticsearch.username:\) elastic/\1 logstash_system/g' -e 's/\(xpack.monitoring.elasticsearch.password:\) changeme/\1 testpasswd/g' logstash/config/logstash.yml
- sed -i 's/\(password =>\) "changeme"/\1 "testpasswd"/g' logstash/pipeline/logstash.conf
- sed -i -e 's/\(elasticsearch.password:\) changeme/\1 testpasswd/g' -e 's/\(secret_management.encryption_keys:\)/\1 [test-encrypt]/g' extensions/enterprise-search/config/enterprise-search.yml
@ -40,12 +40,16 @@ script:
# Extensions
# Enterprise Search
- "sed -i '$ a xpack.security.authc.api_key.enabled: true' elasticsearch/config/elasticsearch.yml"
- docker-compose restart elasticsearch
- docker-compose -f docker-compose.yml -f extensions/enterprise-search/enterprise-search-compose.yml up -d enterprise-search
- sleep 30
- .travis/run-tests-enterprise-search.sh
- docker-compose -f docker-compose.yml -f extensions/enterprise-search/enterprise-search-compose.yml ps
- docker-compose -f docker-compose.yml -f extensions/enterprise-search/enterprise-search-compose.yml logs enterprise-search
- docker-compose -f docker-compose.yml -f extensions/enterprise-search/enterprise-search-compose.yml stop enterprise-search
- "sed -i '/xpack.security.authc.api_key.enabled: true/d' elasticsearch/config/elasticsearch.yml"
- docker-compose restart elasticsearch
# APM Server
- docker-compose -f docker-compose.yml -f extensions/apm-server/apm-server-compose.yml up -d apm-server
- .travis/run-tests-apm-server.sh

2
.travis/elasticsearch-setup-passwords.exp
View File

@ -1,7 +1,7 @@
#!/usr/bin/expect -f
# List of expected users with dummy password
set user "(elastic|apm_system|kibana|logstash_system|beats_system|remote_monitoring_user)"
set user "(elastic|apm_system|kibana_system|logstash_system|beats_system|remote_monitoring_user)"
set password "testpasswd"
# Find elasticsearch container id

4
.travis/lib/testing.sh
View File

@ -24,8 +24,8 @@ function poll_ready {
local cid
local output
# retry for max 120s (24*5s)
for _ in $(seq 1 24); do
# retry for max 180s (36*5s)
for _ in $(seq 1 36); do
cid="$(docker ps -q -f label="$label")"
if [ -z "${cid:-}" ]; then
echo "Container exited"

2
.travis/run-tests-core.sh
View File

@ -16,7 +16,7 @@ log 'Waiting for readiness of Elasticsearch'
poll_ready elasticsearch 'http://localhost:9200/' 'elastic:testpasswd'
log 'Waiting for readiness of Kibana'
poll_ready kibana 'http://localhost:5601/api/status' 'kibana:testpasswd'
poll_ready kibana 'http://localhost:5601/api/status' 'kibana_system:testpasswd'
log 'Waiting for readiness of Logstash'
poll_ready logstash 'http://localhost:9600/_node/pipelines/main?pretty'

9
README.md
View File

@ -1,7 +1,7 @@
# Elastic stack (ELK) on Docker
[![Join the chat at https://gitter.im/deviantony/docker-elk](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/deviantony/docker-elk?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
[![Elastic Stack version](https://img.shields.io/badge/ELK-7.7.1-blue.svg?style=flat)](https://github.com/deviantony/docker-elk/issues/508)
[![Elastic Stack version](https://img.shields.io/badge/ELK-7.8.0-blue.svg?style=flat)](https://github.com/deviantony/docker-elk/issues/515)
[![Build Status](https://api.travis-ci.org/deviantony/docker-elk.svg?branch=master)](https://travis-ci.org/deviantony/docker-elk)
Run the latest version of the [Elastic stack][elk-stack] with Docker and Docker Compose.
@ -170,8 +170,9 @@ Remove the `ELASTIC_PASSWORD` environment variable from the `elasticsearch` serv
3. Replace usernames and passwords in configuration files
Use the `kibana` user inside the Kibana configuration file (`kibana/config/kibana.yml`) and the `logstash_system` user
inside the Logstash configuration file (`logstash/config/logstash.yml`) in place of the existing `elastic` user.
Use the `kibana_system` user (`kibana` for releases <7.8.0) inside the Kibana configuration file
(`kibana/config/kibana.yml`) and the `logstash_system` user inside the Logstash configuration file
(`logstash/config/logstash.yml`) in place of the existing `elastic` user.
Replace the password for the `elastic` user inside the Logstash pipeline file (`logstash/pipeline/logstash.conf`).
@ -237,7 +238,7 @@ Create an index pattern via the Kibana API:
```console
$ curl -XPOST -D- 'http://localhost:5601/api/saved_objects/index-pattern' \
-H 'Content-Type: application/json' \
-H 'kbn-version: 7.7.1' \
-H 'kbn-version: 7.8.0' \
-u elastic:<your generated elastic password> \
-d '{"attributes":{"title":"logstash-*","timeFieldName":"@timestamp"}}'
```

6
docker-stack.yml
View File

@ -3,7 +3,7 @@ version: '3.3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.7.1
image: docker.elastic.co/elasticsearch/elasticsearch:7.8.0
ports:
- "9200:9200"
- "9300:9300"
@ -23,7 +23,7 @@ services:
replicas: 1
logstash:
image: docker.elastic.co/logstash/logstash:7.7.1
image: docker.elastic.co/logstash/logstash:7.8.0
ports:
- "5000:5000"
- "9600:9600"
@ -41,7 +41,7 @@ services:
replicas: 1
kibana:
image: docker.elastic.co/kibana/kibana:7.7.1
image: docker.elastic.co/kibana/kibana:7.8.0
ports:
- "5601:5601"
configs:

16
extensions/enterprise-search/README.md
View File

@ -44,6 +44,19 @@ secret_management.encryption_keys: [my_first_encryption_key, my_second_encryptio
> key=<generated AES key>
> ```
### Enable Elasticsearch's API key service
Enterprise Search requires Elasticsearch's built-in [API key service][es-security] to be enabled in order to start.
Unless Elasticsearch is configured to enable TLS on the HTTP interface (disabled by default), this service is disabled
by default.
To enable it, modify the Elasticsearch configuration file in [`elasticsearch/config/elasticsearch.yml`][config-es] and
add the following setting:
```yaml
xpack.security.authc.api_key.enabled: true
```
### Start the server
To include Enterprise Search in the stack, run Docker Compose from the root of the repository with an additional command
@ -117,3 +130,6 @@ Docker container: [Running Enterprise Search Using Docker][enterprisesearch-dock
[enterprisesearch-config]: https://www.elastic.co/guide/en/enterprise-search/current/configuration.html
[enterprisesearch-docker]: https://www.elastic.co/guide/en/enterprise-search/current/docker.html
[enterprisesearch-docs]: https://www.elastic.co/guide/en/enterprise-search/current/index.html
[es-security]: https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html#api-key-service-settings
[config-es]: ../../elasticsearch/config/elasticsearch.yml