docker-elk: New install cannot authenticate, Compose keeps quotes in passwords read from the `.env` file
Problem description
I run docker compose everything completes. I check the logs to verify set up is complete. I can go to the ,env files and see the password for elastic is changeme and when I go to log in on the page it tells me the password is invalid. I have cleaned out all images for all docker sessions and started right from scratch and still get the same thing. I can go into the elastic config and change to no security and it brings it up so that i can do stuff but I don’t see a way to create new users when I do this. I have tried changing the default password to other passwords to no avail. I still get an authentication failed when trying to log in.
Extra information
Stack configuration
maineac@elastiflow:~/docker/docker-elk$ git diff diff --git a/elasticsearch/config/elasticsearch.yml b/elasticsearch/config/elasticsearch.yml index 3e82379…f03613b 100644 — a/elasticsearch/config/elasticsearch.yml +++ b/elasticsearch/config/elasticsearch.yml @@ -8,5 +8,5 @@ network.host: 0.0.0.0
X-Pack settings
see https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html
-xpack.license.self_generated.type: trial +xpack.license.self_generated.type: basic xpack.security.enabled: true maineac@elastiflow:~/docker/docker-elk$
Docker setup
$ docker version
maineac@elastiflow:~/docker/docker-elk$ sudo docker version
[sudo] password for maineac:
Client:
Version: 20.10.7
API version: 1.41
Go version: go1.13.8
Git commit: 20.10.7-0ubuntu5~20.04.2
Built: Mon Nov 1 00:34:17 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server:
Engine:
Version: 20.10.7
API version: 1.41 (minimum version 1.12)
Go version: go1.13.8
Git commit: 20.10.7-0ubuntu5~20.04.2
Built: Fri Oct 22 00:45:53 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.5-0ubuntu3~20.04.1
GitCommit:
runc:
Version: 1.0.1-0ubuntu2~20.04.1
GitCommit:
docker-init:
Version: 0.19.0
GitCommit:
$ docker-compose version
maineac@elastiflow:~/docker/docker-elk$ sudo docker-compose version
docker-compose version 1.25.0, build unknown
docker-py version: 4.1.0
CPython version: 3.8.10
OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020
maineac@elastiflow:~/docker/docker-elk$
Container logs
$ docker-compose logs
maineac@elastiflow:~/docker/docker-elk$ sudo docker-compose logs
Attaching to docker-elk_logstash_1, docker-elk_kibana_1, docker-elk_setup_1, docker-elk_elasticsearch_1
kibana_1 | [2022-02-25T00:10:30.146+00:00][INFO ][plugins-service] Plugin "metricsEntities" is disabled.
kibana_1 | [2022-02-25T00:10:30.309+00:00][INFO ][http.server.Preboot] http server running at http://0.0.0.0:5601
kibana_1 | [2022-02-25T00:10:30.471+00:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
kibana_1 | [2022-02-25T00:10:30.588+00:00][WARN ][config.deprecation] The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set "xpack.reporting.roles.enabled" to "false" to adopt the future behavior before upgrading.
kibana_1 | [2022-02-25T00:10:31.083+00:00][INFO ][plugins-system.standard] Setting up [107] plugins: [translations,licensing,globalSearch,globalSearchProviders,features,licenseApiGuard,usageCollection,taskManager,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,share,embeddable,uiActionsEnhanced,screenshotMode,screenshotting,banners,telemetry,newsfeed,mapsEms,fieldFormats,expressions,dataViews,charts,esUiShared,bfetch,data,savedObjects,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,customIntegrations,home,searchprofiler,painlessLab,grokdebugger,management,watcher,licenseManagement,advancedSettings,spaces,security,savedObjectsTagging,reporting,lists,ingestPipelines,fileUpload,encryptedSavedObjects,dataEnhanced,cloud,snapshotRestore,eventLog,actions,alerting,triggersActionsUi,transform,stackAlerts,ruleRegistry,visualizations,canvas,visTypeXy,visTypeVislib,visTypeVega,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypePie,visTypeMetric,visTypeMarkdown,expressionTagcloud,expressionMetricVis,savedObjectsManagement,console,graph,fleet,indexManagement,remoteClusters,crossClusterReplication,indexLifecycleManagement,dashboard,maps,dashboardEnhanced,visualize,visTypeTimeseries,rollup,indexPatternFieldEditor,lens,cases,timelines,discover,osquery,observability,discoverEnhanced,dataVisualizer,ml,uptime,securitySolution,infra,upgradeAssistant,monitoring,logstash,enterpriseSearch,apm,indexPatternManagement]
kibana_1 | [2022-02-25T00:10:31.120+00:00][INFO ][plugins.taskManager] TaskManager is identified by the Kibana UUID: c5c26ebe-6709-4fc3-ade2-335596339e75
kibana_1 | [2022-02-25T00:10:31.376+00:00][WARN ][plugins.security.config] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1 | [2022-02-25T00:10:31.377+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
kibana_1 | [2022-02-25T00:10:31.423+00:00][WARN ][plugins.security.config] Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1 | [2022-02-25T00:10:31.424+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
kibana_1 | [2022-02-25T00:10:31.455+00:00][WARN ][plugins.reporting.config] Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1 | [2022-02-25T00:10:31.457+00:00][WARN ][plugins.reporting.config] Found 'server.host: "0.0.0.0"' in Kibana configuration. Reporting is not able to use this as the Kibana server hostname. To enable PNG/PDF Reporting to work, 'xpack.reporting.kibanaServer.hostname: localhost' is automatically set in the configuration. You can prevent this message by adding 'xpack.reporting.kibanaServer.hostname: localhost' in kibana.yml.
kibana_1 | [2022-02-25T00:10:31.474+00:00][WARN ][plugins.encryptedSavedObjects] Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1 | [2022-02-25T00:10:31.501+00:00][WARN ][plugins.actions] APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1 | [2022-02-25T00:10:31.529+00:00][WARN ][plugins.alerting] APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command.
kibana_1 | [2022-02-25T00:10:31.568+00:00][INFO ][plugins.ruleRegistry] Installing common resources shared between all indices
kibana_1 | [2022-02-25T00:10:32.750+00:00][INFO ][plugins.screenshotting.config] Chromium sandbox provides an additional layer of protection, and is supported for Linux Ubuntu 20.04 OS. Automatically enabling Chromium sandbox.
kibana_1 | [2022-02-25T00:10:35.727+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. connect ECONNREFUSED 172.28.0.2:9200
kibana_1 | [2022-02-25T00:10:37.918+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/x-pack/plugins/screenshotting/chromium/headless_shell-linux_x64/headless_shell
kibana_1 | [2022-02-25T00:10:44.350+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception: [security_exception] Reason: unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
kibana_1 | [2022-02-25T00:10:50.557+00:00][INFO ][savedobjects-service] Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations...
kibana_1 | [2022-02-25T00:10:50.557+00:00][INFO ][savedobjects-service] Starting saved objects migrations
kibana_1 | [2022-02-25T00:10:51.602+00:00][INFO ][savedobjects-service] [.kibana] INIT -> CREATE_NEW_TARGET. took: 38ms.
kibana_1 | [2022-02-25T00:10:51.637+00:00][INFO ][savedobjects-service] [.kibana_task_manager] INIT -> CREATE_NEW_TARGET. took: 71ms.
kibana_1 | [2022-02-25T00:10:51.943+00:00][INFO ][savedobjects-service] [.kibana] CREATE_NEW_TARGET -> MARK_VERSION_INDEX_READY. took: 341ms.
kibana_1 | [2022-02-25T00:10:51.947+00:00][INFO ][savedobjects-service] [.kibana_task_manager] CREATE_NEW_TARGET -> MARK_VERSION_INDEX_READY. took: 310ms.
kibana_1 | [2022-02-25T00:10:52.058+00:00][INFO ][savedobjects-service] [.kibana] MARK_VERSION_INDEX_READY -> DONE. took: 115ms.
kibana_1 | [2022-02-25T00:10:52.058+00:00][INFO ][savedobjects-service] [.kibana] Migration completed after 494ms
kibana_1 | [2022-02-25T00:10:52.112+00:00][INFO ][savedobjects-service] [.kibana_task_manager] MARK_VERSION_INDEX_READY -> DONE. took: 165ms.
kibana_1 | [2022-02-25T00:10:52.112+00:00][INFO ][savedobjects-service] [.kibana_task_manager] Migration completed after 546ms
kibana_1 | [2022-02-25T00:10:52.593+00:00][INFO ][plugins-system.preboot] Stopping all plugins.
kibana_1 | [2022-02-25T00:10:52.595+00:00][INFO ][plugins-system.standard] Starting [107] plugins: [translations,licensing,globalSearch,globalSearchProviders,features,licenseApiGuard,usageCollection,taskManager,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,share,embeddable,uiActionsEnhanced,screenshotMode,screenshotting,banners,telemetry,newsfeed,mapsEms,fieldFormats,expressions,dataViews,charts,esUiShared,bfetch,data,savedObjects,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,customIntegrations,home,searchprofiler,painlessLab,grokdebugger,management,watcher,licenseManagement,advancedSettings,spaces,security,savedObjectsTagging,reporting,lists,ingestPipelines,fileUpload,encryptedSavedObjects,dataEnhanced,cloud,snapshotRestore,eventLog,actions,alerting,triggersActionsUi,transform,stackAlerts,ruleRegistry,visualizations,canvas,visTypeXy,visTypeVislib,visTypeVega,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypePie,visTypeMetric,visTypeMarkdown,expressionTagcloud,expressionMetricVis,savedObjectsManagement,console,graph,fleet,indexManagement,remoteClusters,crossClusterReplication,indexLifecycleManagement,dashboard,maps,dashboardEnhanced,visualize,visTypeTimeseries,rollup,indexPatternFieldEditor,lens,cases,timelines,discover,osquery,observability,discoverEnhanced,dataVisualizer,ml,uptime,securitySolution,infra,upgradeAssistant,monitoring,logstash,enterpriseSearch,apm,indexPatternManagement]
kibana_1 | [2022-02-25T00:10:55.134+00:00][INFO ][plugins.fleet] Beginning fleet setup
kibana_1 | [2022-02-25T00:10:55.168+00:00][INFO ][plugins.monitoring.monitoring] config sourced from: production cluster
kibana_1 | [2022-02-25T00:10:58.732+00:00][INFO ][http.server.Kibana] http server running at http://0.0.0.0:5601
kibana_1 | [2022-02-25T00:10:59.290+00:00][INFO ][plugins.monitoring.monitoring.kibana-monitoring] Starting monitoring stats collection
kibana_1 | [2022-02-25T00:11:00.708+00:00][INFO ][status] Kibana is now degraded
kibana_1 | [2022-02-25T00:11:00.977+00:00][INFO ][plugins.ruleRegistry] Installed common resources shared between all indices
kibana_1 | [2022-02-25T00:11:00.978+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.uptime.alerts
kibana_1 | [2022-02-25T00:11:00.979+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-security.alerts
kibana_1 | [2022-02-25T00:11:00.979+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .preview.alerts-security.alerts
kibana_1 | [2022-02-25T00:11:00.979+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.logs.alerts
kibana_1 | [2022-02-25T00:11:00.980+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.metrics.alerts
kibana_1 | [2022-02-25T00:11:00.980+00:00][INFO ][plugins.ruleRegistry] Installing resources for index .alerts-observability.apm.alerts
kibana_1 | [2022-02-25T00:11:01.140+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.logs.alerts
kibana_1 | [2022-02-25T00:11:01.209+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.metrics.alerts
kibana_1 | [2022-02-25T00:11:01.313+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.uptime.alerts
kibana_1 | [2022-02-25T00:11:01.442+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-observability.apm.alerts
kibana_1 | [2022-02-25T00:11:01.521+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .alerts-security.alerts
kibana_1 | [2022-02-25T00:11:02.481+00:00][INFO ][plugins.ruleRegistry] Installed resources for index .preview.alerts-security.alerts
kibana_1 | [2022-02-25T00:11:02.771+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T00:11:05.242+00:00][INFO ][status] Kibana is now available (was degraded)
kibana_1 | [2022-02-25T00:11:05.273+00:00][INFO ][plugins.reporting.store] Creating ILM policy for managing reporting indices: kibana-reporting
kibana_1 | [2022-02-25T00:11:39.727+00:00][INFO ][plugins.fleet] Fleet setup completed
kibana_1 | [2022-02-25T00:11:39.739+00:00][INFO ][plugins.securitySolution] Dependent plugin setup complete - Starting ManifestTask
kibana_1 | [2022-02-25T00:18:50.305+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T00:19:12.805+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T00:20:05.378+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T00:20:06.697+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T00:20:14.409+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T00:20:28.769+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T00:20:32.313+00:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
kibana_1 | [2022-02-25T02:11:04.692+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T04:11:05.138+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T06:11:05.598+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T08:11:06.094+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T10:11:06.549+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T12:11:07.028+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T14:11:07.473+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T16:11:07.942+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T18:11:08.424+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T20:11:08.852+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-25T22:11:09.335+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T00:11:09.774+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T02:11:10.219+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T04:11:10.723+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T06:11:11.191+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T08:11:11.699+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T10:11:12.125+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T12:11:12.573+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
kibana_1 | [2022-02-26T14:11:13.078+00:00][INFO ][plugins.securitySolution.endpoint:metadata-check-transforms-task:0.0.1] no endpoint metadata transforms found
logstash_1 | Using bundled JDK: /usr/share/logstash/jdk
logstash_1 | OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
logstash_1 | Sending Logstash logs to /usr/share/logstash/logs which is now configured via log4j2.properties
logstash_1 | [2022-02-25T00:10:40,161][INFO ][logstash.runner ] Log4j configuration path used is: /usr/share/logstash/config/log4j2.properties
logstash_1 | [2022-02-25T00:10:40,173][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"8.0.0", "jruby.version"=>"jruby 9.2.20.1 (2.5.8) 2021-11-30 2a2962fbd1 OpenJDK 64-Bit Server VM 11.0.13+8 on 11.0.13+8 +indy +jit [linux-x86_64]"}
logstash_1 | [2022-02-25T00:10:40,176][INFO ][logstash.runner ] JVM bootstrap flags: [-Xms1g, -Xmx1g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djruby.compile.invokedynamic=true, -Djruby.jit.threshold=0, -Djruby.regexp.interruptible=true, -XX:+HeapDumpOnOutOfMemoryError, -Djava.security.egd=file:/dev/urandom, -Dlog4j2.isThreadContextMapInheritable=true, --add-opens=java.base/java.security=ALL-UNNAMED, --add-opens=java.base/java.io=ALL-UNNAMED, --add-opens=java.base/java.nio.channels=ALL-UNNAMED, --add-opens=java.base/sun.nio.ch=ALL-UNNAMED, --add-opens=java.management/sun.management=ALL-UNNAMED, -Dls.cgroup.cpuacct.path.override=/, -Dls.cgroup.cpu.path.override=/, -Xmx256m, -Xms256m]
logstash_1 | [2022-02-25T00:10:40,217][INFO ][logstash.settings ] Creating directory {:setting=>"path.queue", :path=>"/usr/share/logstash/data/queue"}
logstash_1 | [2022-02-25T00:10:40,231][INFO ][logstash.settings ] Creating directory {:setting=>"path.dead_letter_queue", :path=>"/usr/share/logstash/data/dead_letter_queue"}
logstash_1 | [2022-02-25T00:10:40,732][INFO ][logstash.agent ] No persistent UUID file found. Generating new UUID {:uuid=>"b5e50944-be28-45d7-a3ae-e717e78847bc", :path=>"/usr/share/logstash/data/uuid"}
logstash_1 | [2022-02-25T00:10:42,668][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600, :ssl_enabled=>false}
logstash_1 | [2022-02-25T00:10:44,494][INFO ][org.reflections.Reflections] Reflections took 107 ms to scan 1 urls, producing 120 keys and 417 values
logstash_1 | [2022-02-25T00:10:46,045][INFO ][logstash.javapipeline ] Pipeline `main` is configured with `pipeline.ecs_compatibility: v8` setting. All plugins in this pipeline will default to `ecs_compatibility => v8` unless explicitly configured otherwise.
logstash_1 | [2022-02-25T00:10:46,171][INFO ][logstash.outputs.elasticsearch][main] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//elasticsearch:9200"]}
logstash_1 | [2022-02-25T00:10:47,015][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://logstash_internal:xxxxxx@elasticsearch:9200/]}}
logstash_1 | [2022-02-25T00:10:47,657][WARN ][logstash.outputs.elasticsearch][main] Restored connection to ES instance {:url=>"http://logstash_internal:xxxxxx@elasticsearch:9200/"}
logstash_1 | [2022-02-25T00:10:47,679][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch version determined (8.0.0) {:es_version=>8}
logstash_1 | [2022-02-25T00:10:47,682][WARN ][logstash.outputs.elasticsearch][main] Detected a 6.x and above cluster: the `type` event field won't be used to determine the document _type {:es_version=>8}
logstash_1 | [2022-02-25T00:10:47,801][INFO ][logstash.outputs.elasticsearch][main] Config is compliant with data streams. `data_stream => auto` resolved to `true`
logstash_1 | [2022-02-25T00:10:47,806][INFO ][logstash.outputs.elasticsearch][main] Config is compliant with data streams. `data_stream => auto` resolved to `true`
logstash_1 | [2022-02-25T00:10:47,811][WARN ][logstash.outputs.elasticsearch][main] Elasticsearch Output configured with `ecs_compatibility => v8`, which resolved to an UNRELEASED preview of version 8.0.0 of the Elastic Common Schema. Once ECS v8 and an updated release of this plugin are publicly available, you will need to update this plugin to resolve this warning.
logstash_1 | [2022-02-25T00:10:47,895][INFO ][logstash.outputs.elasticsearch][main] Using a default mapping template {:es_version=>8, :ecs_compatibility=>:v8}
logstash_1 | [2022-02-25T00:10:47,940][INFO ][logstash.javapipeline ][main] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>8, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>1000, "pipeline.sources"=>["/usr/share/logstash/pipeline/logstash.conf"], :thread=>"#<Thread:0x13382a40 run>"}
logstash_1 | [2022-02-25T00:10:48,034][INFO ][logstash.outputs.elasticsearch][main] Installing Elasticsearch template {:name=>"ecs-logstash"}
logstash_1 | [2022-02-25T00:10:49,150][INFO ][logstash.javapipeline ][main] Pipeline Java execution initialization time {"seconds"=>1.2}
logstash_1 | [2022-02-25T00:10:49,297][INFO ][logstash.inputs.beats ][main] Starting input listener {:address=>"0.0.0.0:5044"}
logstash_1 | [2022-02-25T00:10:49,548][INFO ][logstash.javapipeline ][main] Pipeline started {"pipeline.id"=>"main"}
logstash_1 | [2022-02-25T00:10:49,572][INFO ][logstash.inputs.tcp ][main][c15c0e9d24530a53e2530254c037deff8c49a2140c6b89c577cbcde717c01af0] Starting tcp input listener {:address=>"0.0.0.0:5000", :ssl_enable=>false}
logstash_1 | [2022-02-25T00:10:49,650][INFO ][org.logstash.beats.Server][main][27dfbb7f38dfc5bffbd7ce11deb78daf39a131fcbb4eceab2c6a1d7100069751] Starting server on port: 5044
logstash_1 | [2022-02-25T00:10:49,711][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>[]}
setup_1 | -------- Fri Feb 25 00:10:03 UTC 2022 --------
setup_1 | [+] Waiting for availability of Elasticsearch
setup_1 | ⠿ Elasticsearch is running
setup_1 | [+] Role 'logstash_writer'
setup_1 | ⠿ Creating/updating
setup_1 | [+] User 'kibana_system'
setup_1 | ⠿ User exists, setting password
setup_1 | [+] User 'logstash_internal'
setup_1 | ⠿ User does not exist, creating
elasticsearch_1 | Created elasticsearch keystore in /usr/share/elasticsearch/config/elasticsearch.keystore
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:21.919Z", "log.level": "INFO", "message":"version[8.0.0], pid[7], build[default/docker/1b6a7ece17463df5ff54a3e1302d825889aa1161/2022-02-03T16:47:57.507843096Z], OS[Linux/5.4.0-100-generic/amd64], JVM[Eclipse Adoptium/OpenJDK 64-Bit Server VM/17.0.1/17.0.1+12]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:21.927Z", "log.level": "INFO", "message":"JVM home [/usr/share/elasticsearch/jdk], using bundled JDK [true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:21.927Z", "log.level": "INFO", "message":"JVM arguments [-Xshare:auto, -Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -Djava.security.manager=allow, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -XX:+ShowCodeDetailsInExceptionMessages, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j2.formatMsgNoLookups=true, -Djava.locale.providers=SPI,COMPAT, --add-opens=java.base/java.io=ALL-UNNAMED, -XX:+UseG1GC, -Djava.io.tmpdir=/tmp/elasticsearch-17864427426443201495, -XX:+HeapDumpOnOutOfMemoryError, -XX:+ExitOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -Des.cgroups.hierarchy.override=/, -Xmx256m, -Xms256m, -XX:MaxDirectMemorySize=134217728, -XX:G1HeapRegionSize=4m, -XX:InitiatingHeapOccupancyPercent=30, -XX:G1ReservePercent=15, -Des.path.home=/usr/share/elasticsearch, -Des.path.conf=/usr/share/elasticsearch/config, -Des.distribution.flavor=default, -Des.distribution.type=docker, -Des.bundled_jdk=true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:25.331Z", "log.level": "WARN", "message":"SLF4J: Failed to load class \"org.slf4j.impl.StaticLoggerBinder\".", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"stderr","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:25.333Z", "log.level": "WARN", "message":"SLF4J: Defaulting to no-operation (NOP) logger implementation", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"stderr","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:25.333Z", "log.level": "WARN", "message":"SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"stderr","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:27.457Z", "log.level": "INFO", "message":"loaded module [aggs-matrix-stats]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:27.457Z", "log.level": "INFO", "message":"loaded module [analysis-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
elasticsearch_1 | {"@timestamp":"2022-02-25T00:10:27.458Z", "log.level": "INFO", "message":"loaded module [constant-keyword]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"4c280bf74c9b","elasticsearch.cluster.name":"docker-cluster"}
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 16
@mAineAc- thanks for checking! Compose indeed did the wrong thing here:
I believe the conclusion is that we want to recommend users to use Compose ≥ 1.26.0, because we do recommend people to use quotes in order to avoid issues with passwords containing special characters, as seen in #667.
For people using Compose 1.22.0 to 1.25.5, the setup should be considered “unsupported but known to be working”, with the recommendation to remove surrounding quotes from values in the
.envfile: