Dockerfile
#
# ** THIS IS AN AUTO-GENERATED FILE **
#
################################################################################
# Build stage 0
# Extract Kibana and make various file manipulations.
################################################################################
# https://artifacts.elastic.co/downloads/kibana/kibana-7.13.4-linux-aarch64.tar.gz
# https://artifacts.elastic.co/downloads/kibana/kibana-6.8.2-linux-aarch64.tar.gz
FROM aarch64/centos:7 AS prep_files
RUN cd /opt && curl --retry 8 -s -L -O https://artifacts.elastic.co/downloads/kibana/kibana-6.8.2-linux-x86_64.tar.gz && cd -
RUN mkdir /usr/share/kibana
WORKDIR /usr/share/kibana
RUN tar --strip-components=1 -zxf /opt/kibana-6.8.2-linux-x86_64.tar.gz
# Ensure that group permissions are the same as user permissions.
# This will help when relying on GID-0 to run Kibana, rather than UID-1000.
# OpenShift does this, for example.
# REF: https://docs.openshift.org/latest/creating_images/guidelines.html
RUN chmod -R g=u /usr/share/kibana
RUN find /usr/share/kibana -type d -exec chmod g+s {} \;
################################################################################
# Build stage 1
# Copy prepared files from the previous stage and complete the image.
################################################################################
FROM aarch64/centos:7
EXPOSE 5601
# Add Reporting dependencies.
RUN yum update -y && yum install -y fontconfig freetype && yum clean all
# Bring in Kibana from the initial stage.
COPY --from=prep_files --chown=1000:0 /usr/share/kibana /usr/share/kibana
WORKDIR /usr/share/kibana
RUN ln -s /usr/share/kibana /opt/kibana
ENV ELASTIC_CONTAINER true
ENV PATH=/usr/share/kibana/bin:$PATH
# Set some Kibana configuration defaults.
COPY --chown=1000:0 config/kibana.yml /usr/share/kibana/config/kibana.yml
# Add the launcher/wrapper script. It knows how to interpret environment
# variables and translate them to Kibana CLI options.
COPY --chown=1000:0 bin/kibana-docker /usr/local/bin/
# Ensure gid 0 write permissions for OpenShift.
RUN chmod g+ws /usr/share/kibana && find /usr/share/kibana -gid 0 -and -not -perm /g+w -exec chmod g+w {} \;
# Provide a non-root user to run the process.
RUN groupadd --gid 1000 kibana && useradd --uid 1000 --gid 1000 --home-dir /usr/share/kibana --no-create-home kibana
USER kibana
LABEL org.label-schema.schema-version="1.0" org.label-schema.vendor="Elastic" org.label-schema.name="kibana" org.label-schema.version="6.8.2" org.label-schema.url="https://www.elastic.co/products/kibana" org.label-schema.vcs-url="https://github.com/elastic/kibana" license="Elastic License"
# ENV SG_VERSION 6.5.4-17
ENV SG_VERSION 6.8.2-25
#更换node为arm64架构的
# 装search-guard插件
RUN rm -rf /usr/share/kibana/node/* \
&& curl -sL https://nodejs.org/dist/v10.15.2/node-v10.15.2-linux-arm64.tar.gz | tar -C /usr/share/kibana/node/ --strip-components=1 -xzf - \
&& chmod +x /usr/local/bin/kibana-docker \
# && curl -o search-guard-6-6.8.2-25.5.zip https://maven.search-guard.com/search-guard-release/com/floragunn/search-guard-6/6.8.2-25.5/search-guard-6-6.8.2-25.5.zip \
# && bin/kibana-plugin install file://search-guard-6-6.8.2-25.5.zip
&& bin/kibana-plugin install "https://repo1.maven.org/maven2/com/floragunn/search-guard-kibana-plugin-6/6.8.2-19.0/search-guard-kibana-plugin-6-6.8.2-19.0.zip"
CMD ["sh","/usr/local/bin/kibana-docker"]
kibana.yml
xpack.security.enabled: false
server.host: 0.0.0.0
elasticsearch.url: "http://XXXX:9200"
elasticsearch.username: "admin"
elasticsearch.password: "XXXX"
searchguard.auth.type: "basicauth"
searchguard.cookie.secure: false
kibana-docker
exec /usr/share/kibana/bin/kibana --cpu.cgroup.path.override=/ --cpuacct.cgroup.path.override=/ ${longopts} "$@"
|