Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Deploying Elasticsearch, Kibana, and Logstash Using Docker

Tech 1

Create a dedicated Docker network for the stack:

docker network create elk-net

Elasticsearch

Pull an image (example uses 8.11.1; adjust if desired):

docker pull docker.elastic.co/elasticsearch/elasticsearch:8.11.1

olenames for configuration and plugins. First, start a temporary container to extract default files:

docker run -d --name es-temp --net elk-net -p 9200:9200 -p 9300:9300 \
  -e ES_JAVA_OPTS="-Xms512m -Xmx512m" \
  -e "discovery.type=single-node" \
  docker.elastic.co/elasticsearch/elasticsearch:8.11.1

Copy the entire config directory to your host:

mkdir -p /opt/elasticsearch/config
docker cp es-temp:/usr/share/elasticsearch/config/. /opt/elasticsearch/config/

halt the temporary instance:

docker stop es-temp && docker rm es-temp

Now deploy the persistent Elasticsearch node with the copied config and a plugins mount:

docker run -d --name elasticsearch --net elk-net \
  -p 9200:9200 -p 9300:9300 \
  -e ES_JAVA_OPTS="-Xms512m -Xmx512m" \
  -e "discovery.type=single-node" \
  -v /opt/elasticsearch/config:/usr/share/elasticsearch/config \
  -v /opt/elasticsearch/plugins:/usr/share/elasticsearch/plugins \
  docker.elastic.co/elasticsearch/elasticsearch:8.11.1

The node may still refuse external connections due to security settings. Edit elasticsearch.yml inside the container or the mounted config file:

# In /opt/elasticsearch/config/elasticsearch.yml
xpack.security.enabled: false

Ifke access inside the container, use docker exec -u 0 -it elasticsearch bash and16

apt-get update && apt-get install -y vim

Then restart the container:

docker restart elasticsearch

The API should now be reachbale at http://<host>:9200.

For recent versions (8.14+), when security remains enabled, a Kibana enrollment token may be required. Generate it inside the Elasticsearch container:

elasticsearch-create-enrollment-token --scope kibana

You may encounter a certificate error like No subject alternative names matching IP address. In that case,13 a self‑signed trust or, for development purposes, disable xpack.security.enabled and use plain HTTP.

Kibana

Pull the matching version:

docker pull docker.elastic.co/kibana/kibana:8.11.1

obi the same approach to obtain the configuration:

docker run -d --name kibana-temp -p 5601:5601 docker.elastic.co/kibana/kibana:8.11.1
mkdir -p /opt/kibana/config
docker cp kibana-temp:/usr/share/kibana/config/. /opt/kibana/config/

Stop and remove the temporary container:

docker stop kibana-temp && docker rm kibana-temp

Modify kibana.yml if needed. Common options:

csp.strict: false

Ensure32 ownerhip for the persistent data directory:

mkdir -p /opt/kibana/data
chmod -R 777 /opt/kibana

Launch Kibana attached to the same network:

docker run -d --name kibana --net elk-net \
  -p 5601:5601 \
  -v /opt/kibana/config:/usr/share/kibana/config \
  -v /opt/kibana/data:/usr/share/kibana/data \
  docker.elastic.co/kibana/kibana:8.11.1

24 the UI at http://<host>:5601. Validate Elasticsearch connectivity by checking http://<host>:9200/.kibana.

If the container fails with EACCES regarding the UUID file, ensure the data directory is writable as shown above.

Logstash

lier,8 a temporary container to harvest configuration:

docker run -d --name logstash-temp docker.elastic.co/logstash/logstash:8.11.1
mkdir -p /opt/logstash/config /opt/logstash/pipeline
docker cp logstash-temp:/usr/share/logstash/config/. /opt/logstash/config/
docker stop logstash-temp && docker rm logstash-temp

Grant full access:

chmod -R 777 /opt/logstash

Start the final Logstash instance:

docker run -d --name logstash --net elk-net \
  -p 9600:9600 -p 5044:5044 \
  -v /opt/logstash/config:/usr/share/logstash/config \
  -v /opt/logstash/pipeline:/usr/share/logstash/pipeline \
  docker.elastic.co/logstash/logstash:8.11.1

Adding Elasticsearch Plugins (example: IK analyzer)

Download the plugin archive compatible with your Elasticsearch version and place it under /opt/elasticsearch/plugins/ik. Then2 the plugin-descriptor.properties inside to match your Elasticsearch version (e.g., version=8.11.1). Restart the Elasticsearch container:

docker restart elasticsearch

Troubleshooting

  • Container exits immediately: Missing or incorrect mount paths. Confirm you have copied the configuration before mounting.
  • too many levels of symbolic links: Oftan solved by restarting the Docker daemon.
  • Permission errors inside containers: Use docker exec -u 0 or mount 777 directories for development setups.
Tags: dockerelasticsearchkibanalogstashelk
Back to List

Prev: Dynamic CSV Export for Large Datasets Using LinkedHashMap in Java

Next: Implementing Multi-Level Navigation in HarmonyOS with Navbar and TabBar

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top