在Docker映像中运行Kibana会产生非根错误

时间:2020-03-06 05:41:50

标签: docker docker-compose kibana elastic-stack

尝试使用Docker-Compose在Docker中设置ELK stack(v7.6.0)时遇到问题。

Elastic Search&Logstash启动正常,但是Kibana立即存在,泊坞窗记录了该容器的报告:

Kibana should not be run as root.  Use --allow-root to continue.

这些元素的docker-compose看起来像这样:

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.6.0
    environment:
      - discovery.type=single-node
    ports:
      - 9200:9200
    mem_limit: 2gb

  kibana:
    image: docker.elastic.co/kibana/kibana:7.6.0
    environment:
      - discovery.type=single-node
    ports:
      - 5601:5601
    depends_on:
      - elasticsearch

  logstash:
    image: docker.elastic.co/logstash/logstash:7.6.0
    ports:
      - "5000:5000/tcp"
      - "5000:5000/udp"
      - "9600:9600"
    mem_limit: 2gb
    depends_on:
      - elasticsearch

如何禁用以root用户身份运行错误或将应用程序设置为不以root用户身份运行?

3 个答案:

答案 0 :(得分:0)

我刚刚运行了这个docker镜像,并且一切正常,我共享了我的docker-compose文件:

version: '3.7'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.6.0
    container_name: elasticsearch
    environment:
       - node.name=node
       - cluster.name=elasticsearch-default
       - bootstrap.memory_lock=true
       - discovery.type=single-node
       - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
    ports:
      - "9200:9200"
    expose: 
      - "9200"
    networks:
      - "esnet"

  kibana:
    image: docker.elastic.co/kibana/kibana:7.6.0
    container_name: kibana
    ports:
      - "5601:5601"
    expose: 
      - "5601"
    networks:
      - "esnet"
    depends_on: 
      - elasticsearch

 logstash:
   image: docker.elastic.co/logstash/logstash:7.6.0
   ports:
     - "5000:5000/tcp"
     - "5000:5000/udp"
     - "9600:9600
   depends_on: 
     - elasticsearch
   networks:
     - "esnet"
networks: 
  esnet:

答案 1 :(得分:0)

我有同样的问题。我确实通过将ENTRYPOINT添加到Dockerfile的末尾来手动运行它。

ARG ELK_VERSION  
FROM docker.elastic.co/kibana/kibana:${ELK_VERSION}
ENTRYPOINT ["./bin/kibana", "--allow-root"]

docker-compose.yml 

version: '3.2'
# Elastic stack (ELK) on Docker https://github.com/deviantony/docker-elk
services:
  elasticsearch:
    build:
      context: elasticsearch/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - type: volume
        source: elasticsearch
        target: /usr/share/elasticsearch/data
    ports:
      - "9200:9200"
      - "9300:9300"
    environment:
      ES_JAVA_OPTS: "-Xmx256m -Xms256m"
      ELASTIC_PASSWORD: changeme
      discovery.type: single-node
    networks:
      - elk

  logstash:
    build:
      context: logstash/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - type: bind
        source: ./logstash/pipeline
        target: /usr/share/logstash/pipeline
        read_only: true
    ports:
      - "5002:5002/tcp"
      - "5002:5002/udp"
      - "9600:9600"
    environment:
      LS_JAVA_OPTS: "-Xmx256m -Xms256m"
    networks:
      - elk
    depends_on:
      - elasticsearch

  kibana:
    build:
      context: kibana/ ##############  Dockerfile ##############
      args:
        ELK_VERSION: $ELK_VERSION
    ports:
      - "5601:5601"
    networks:
      - elk
    depends_on:
      - elasticsearch

networks:
  elk:
    driver: nat

volumes:
  elasticsearch:

答案 2 :(得分:0)

如果您没有单独的 Kibana Dockerfile 并且您只想在 docker-compose 中设置启动参数,则语法如下:

kibana:
    container_name: kibana
    image: docker.elastic.co/kibana/kibana:7.9.2
    ports:
      - 5601:5601
    depends_on:
      - elasticsearch
    environment:
      - ELASTICSEARCH_URL=http://localhost:9200
    networks:
      - elastic
    entrypoint: ["./bin/kibana", "--allow-root"]

这解决了在 Windows 容器上运行它的问题。
话虽如此,我不知道为什么不应以 root 身份执行 Kibana。

相关问题
最新问题