Elastic search released the latest version of its stack. There are of course a lot of cool new things, but we also feel that they, one step after the other push people to a licence model. I have no problem with that but it makes the life of people that want to keep a licence free stack more difficult.

It started by removing the docker images from docker hub. Of course they are still providing docker images but now the images include the X Pack system by default. The X Pack will work for a period of time but then the free licence will be finished and some of the X Pack functionalities will disappear. It includes for example all the user management system that can be used to secure the stack.

If you don’t want the X Pack, it is still possible, but you will have to build your own images or remove the X Pack from the ones provided by elastic. This is not difficult but it is probably the beginning of a less open source product. Somehow, this is logical, Elastic made a wonderful work in order to get the product to this level and they deserve to get money for it.

For us as developers, it is still interesting to get a licence free stack in order to check the system. It is also important to keep images that do not break the compatibility with the previous version of the stack. (The ones built from docker hub without security)

So, you will find below a docker-compose file that can be used to build an elastic search stack without any of the plugins that will stop working at the end of the licence which includes:

  • Shield
  • Machine Learning
  • Graph
  • Watcher
  • Reporter

The stack includes a basic system that monitors docker and elastic search and sends back the stats to elastic. (Will not work on windows computers) If you want to secure the stack, put it behind a nginx container configured as a reverse proxy as explained here.

It also includes a few additional visualisations and the wonderful cerebro application to monitor the system.

Services:

  • Cerebro on port 9000 to check the status of elastic search nodes
  • Portainer on port 9001 to check the container status
  • Elastic Search on port 9200
  • Kibana on port 5601
  • MonitorDocker container to keep the history of the states of your containers
  • ElasticSupervisor container to keep the history of the growth of your cluster data
COMPOSE ELK5

version: '2'
services:
##############################
  portainer:
    image: portainer/portainer:1.11.4
    container_name: portainer
    ports:
      - 9001:9000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

##############################
  monitordocker:
    image: snuids/monitordocker:v0.3
    container_name: monitordocker
    links:
      - esnode1
    environment:
      - ELASTIC_ADDRESS=esnode1:9200
      - PYTHONUNBUFFERED=0
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always

##############################
  elasticsupervisor:
    image: snuids/elasticsupervisor:v0.2e
    container_name: elasticsupervisor
    links:
      - esnode1
    environment:
      - ELASTIC_ADDRESS=esnode1:9200
      - PYTHONUNBUFFERED=0
    restart: always

##############################
  cerebro:
    image: snuids/cerebro:v0.6.3
    container_name: cerebro
    ports:
      - 9000:9000
    links:
      - esnode1

##############################
  esnode1:
    image: snuids/elk-es-nox:v5.4.0 
    ports:
      - "9200:9200"
      - "9300:9300"
    container_name: esnode1


##############################
  kibana:
    image: snuids/elk-kib-nox-add:v5.4.0b
    ports:
      - "5601:5601"
    environment:
      - ELASTICSEARCH_URL=http://esnode1:9200
    container_name: kibana
    links:
      - esnode1