ELK (Kibana and ElasticSearch) with Docker and SSL/TLS/HTTPS Certs

Git Location: https://github.com/shankysharma86/Automations.git Through this video we are going to look at the implementation of elk stack with SSL certs implemented to it. We will use docker platform to spin ELK containers, 1 container for Kibana and 3 for ES nodes and openssl to generate the root certificate and certificates for kibana and Elasticsearch nodes We'll use docker platform to spin one container for Kibana and three containers for elasticsearch nodes and openssl to generate the root certificate and certificates for kibana as well as for elasticsearch nodes. The goal is to run elasticsearch cluster with Kibana and elasticsearch nodes into docker containers and implement self-signed ssl certificates with each docker container for secured data transit between the elastic search nodes, elastic search and Kibana, the browser such as chrome safari and Kibana and any data push into the elasticsearch. At the end of the session you will be able to generate the open ssl Root and Self-signed search for the localhost or your own domains. We will also learn to run ELK stack cluster with docker containers and also securing your cluster with ssl certificates. We'll take a look at the docker-compose.yml file and the certgen.sh shell script. The docker compose yml is a little bit customized to be used on mac as well as on linux environment and then the certgen.sh script is basically going to facilitate the generation of root cert and in fact the search for Kibana and elasticsearch and it will also add the root cert into a trusted list onto either mac or linux environment. git clone https://github.com/shankysharma86/Automations.git sudo bash ./certgen.sh "yourpassword" Firstly, we can take a look at the docker-compose.yml file which is made to spin 3 containers for elastic search and 1 container for Kibana, all on one single network with ssl enabled. The little customization we were talking about is addition of ulimit - no file option into it. nofile is basically an option for the maximum number of files that a process can run concurrently. Then memory lock as-in what amount of memory any process can lock so basically by providing -1 we have provided kind of the maximum memory that is available. Okay, so into this docker compose file we see two search http as well as transport. Transport ssl will be used when elastic search nodes will communicate within each other, whereas http is being used when you hit https://localhost:9200 or when you push the data into elasticsearch using any one of the beat or maybe logstash. We are going to use four environment variables when we invoke the docker-compose VERSION, ESCERTSDIR, KIBCERTSDIR and HOSTCERTSDIR -- Elk-stack: This automation will generate self-signed certificates for localhost using OpenSSL, add root cert to the trusted list and spin Elasticserch and Kibana containers with SSL implemented. Certgen.sh script is made to work with MacOS as well as Amazon linux OS. After cloning git repo into local follow below commands 1. Chmod +x ./elkcerts/certgen.sh 2. sudo bash ./elkcerts/certgen.sh "mycertpassword" Thanks for watching this video: Linkedin: https://www.linkedin.com/in/shashanksharma-devops/