Welcome
Are you new to Elastic and looking to sharpen your skills in a controlled environment? If so, creating a practice environment using Docker can be a quick and easy way to get started. With your own Elastic training environment, you can experiment with different configurations, test out new features, and learn at your own pace without worrying about messing up a production environment.
In this post, you'll learn how to quickly create an Elastic environment using Docker. In the end, you'll be able to start Elasticsearch and Kibana with just one command. This guide is perfect for anyone new to Elastic and Docker, and includes everything you need to get started. Get ready to take your Elastic training to the next level!
Definitions For New Users
Docker: A platform for building, packaging, and deploying applications in a lightweight and portable way. It enables you to create containers, which are isolated environments that contain all of the necessary software and dependencies for your application to run.
Elasticsearch: A search and analytics engine that allows you to store, search, and analyze large volumes of data in real-time.
Kibana: A data visualization and exploration tool that works in conjunction with Elasticsearch. It provides a convenient web application that allows you to visualize and explore data stored in Elasticsearch.
Install Docker
If you don't have Docker installed yet, the easiest way to get started is by downloading and installing Docker Desktop. You can find a detailed installation guide for your specific operating system on the Docker Docs website. Simply click your platform from the list below and follow the link to the installation instructions.
Once you have Docker up and running, you'll be ready to create your own Docker-Compose file for Elastic and start your training.
Windows
Install Docker Desktop on Windows
Follow the "Install interactively" section in the Instructions.
Mac
Make sure you select the proper version for your Mac (Intel chip or Apple silicon).
Linux
Install Docker Desktop on Linux
Follow the guide appropriate for your Linux distro.
Create the Docker Compose File
To begin, create a project folder (e.g., a folder named "elastic" on your desktop). Next, open a text editor and copy/paste the Docker Compose code provided below. Save the file as docker-compose.yml within the project folder you just created.
version: "2.0"
services:
elasticsearch:
container_name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:8.6.2
environment:
# Disables security features. Do not use for production!
- "xpack.security.enabled=false"
# Prevents changing vm.max_map_count
- "discovery.type=single-node"
ports:
- 9200:9200
kibana:
container_name: kibana
image: docker.elastic.co/kibana/kibana:8.6.2
environment:
- ELASTICSEARCH_HOSTS=http://elasticsearch:9200
depends_on:
- elasticsearch
ports:
- 5601:5601This compose file creates the Elasticsearch and Kibana containers. Environment variables are set in the Elasticsearch container that removes logins from Kibana and makes it more convenient for local practice. However, this reduces the application's security, so this compose file should not be used for production. It is intended for private practice.
Open a Terminal
You will need to open a terminal and navigate to the location of your docker-compose file. On most operating systems you should be able to open the project folder, right-click anywhere inside of it to bring up the context menu, and select an "open terminal" option. Otherwise, you will need to open a command prompt/terminal window and use the cd command to navigate to the project folder.
Start the Docker Containers
Use the following command to start your containers:
docker compose up -dThe docker compose up command will start the containers and the -d flag will "detach" the containers from your terminal window. You can remove the -d flag to see the container log output in your terminal, but you will lose access to your terminal while the containers are running.
Access Kibana
After the containers start, go to http://localhost:5601 and wait for Kibana to load (it may take a minute depending on your computer). Depending on how quickly you access the Kibana page after it becomes available, you may see a prompt for a Kibana access token. If this occurs, keep refreshing the page and it should disappear.
Stop the Docker Containers
When you are done with your practice, you can stop the containers with the terminal. Open your terminal and navigate to the saved location of the docker-compose.yml file. Run the following command:
docker compose downThis command will stop the containers and remove them. Additionally, it will cleanup the network and various other resources created by docker.
Congratulations!
You now have a fully functional Elastic training environment up and running! With Docker and this guide, you've been able to set up a controlled environment where you can experiment and learn at your own pace. I hope this tutorial has been helpful and has inspired you to begin your Elastic training journey. Elastic is a powerful and versatile tool with many use cases, so there's always more to learn. Happy practicing!
What's Next?
I will be writing additional posts to go over the following, but for now I will list out some practice ideas:
- Install a Beat agent to ship data to Elasticsearch
- Manually upload data to Elasticsearch via Kibana or Elasticsearch's API
- Use Elasticsearch's API to manually retrieve and parse search results
- Create visualizations with Kibana Lenses and Dashboards
- Pracitce queries in Kibana with KQL and Lucene
- Use Jupyter Notebooks to pull from the Elasticsearch API and perform additional analysis and enrichment.
