Setup Elasticsearch and Kibana (ELK) Stack on Docker

How to setup Elasticsearch and Kibana (ELK or Elastic Stack) on Docker in Digital Ocean?

In this article, I would explain simply using the steps and commands you require to setup your Elasticsearch with Kibana on Docker using containers. I would be using Docker on Digital Ocean but you can use wherever you prefer.

Once a Docker is up and running, we would first pull the images of Elasticsearch and Kibana.

docker pull
docker pull

We will create a network for our Elastic stack

docker network create elastic

We will now start Elasticsearch

docker run --name es01 --net elastic -p 9200:9200 -it

A password is generated for the elastic user and output to the terminal, plus enrollment tokens for enrolling Kibana and adding additional nodes to your cluster.

If you run into an error for Virtual Memory, run the following command

sysctl -w vm.max_map_count=262144

After initial run, you can stop the container and run it in detached mode

docker start es01 -d

We will copy the certificate for later testing curl for Elasticsearch accessibility

docker cp es01:/usr/share/elasticsearch/config/certs/http_ca.crt .

Run the following command to check if Elasticsearch is up and running and accessible

curl --cacert http_ca.crt -u elastic https://localhost:9200

The above command should return a response like this

  \"name\" : \"Cp8oag6\",
  \"cluster_name\" : \"docker-cluster\",
  \"cluster_uuid\" : \"AT69_T_DTp-1qgIJlatQqA\",
  \"version\" : {
    \"number\" : \"8.1.2\",
    \"build_flavor\" : \"default\",
    \"build_type\" : \"docker\",
    \"build_hash\" : \"f27399d\",
    \"build_date\" : \"2021-11-04T12:35:26.989068569Z\",
    \"build_snapshot\" : false,
    \"lucene_version\" : \"9.0.0\",
    \"minimum_wire_compatibility_version\" : \"7.16.0\",
    \"minimum_index_compatibility_version\" : \"7.0.0\"
  \"tagline\" : \"You Know, for Search\"

Start Kibana by using the following command

docker run --name kibana --net elastic -p 5601:5601

Once Kibana is up and running, it is accessible using http://<your_ip_address>:5601

It would ask for the username and password. The username is elastic and password was created during the run session of Elasticsearch. After initial login, it would ask for Enrollment token, which was also created during the run session of Elasticsearch. Copy and paste the token.

Your Elasticsearch stack should be up and running. You can other configurations for log shippers such as Filebeat, which I would explain in another article.

Article referred to: Running ELK on Docker






Leave a Reply

Your email address will not be published. Required fields are marked *