logo
icon

Elasticsearch Single Node with Kibana (v9)

Production-ready single-node Elasticsearch with Kibana, using official images. Password and SSL enabled by default.

template cover
Deployed28 times
PublisherzeaburZeabur
Created2025-12-27
SourceView Source
Tags
SearchAnalyticsElasticsearchKibanaSingle Node

Services

service icon

elasticsearch

docker.elastic.co/elasticsearch/elasticsearch-wolfi:9.2.3
service icon

kibana

docker.elastic.co/kibana/kibana-wolfi:9.2.3

Elasticsearch Single Node with Kibana

This template deploys a single-node Elasticsearch + Kibana stack using official Elastic images. Password authentication is enabled out of the box, and HTTPS is provided by Zeabur's edge for the public domains.

Features

  • Single-node Elasticsearch with built-in security (username + password)
  • Kibana connects to Elasticsearch via a service-account token over in-cluster HTTP
  • Auto-generated password for the elastic user
  • HTTPS access via Zeabur edge for both Elasticsearch and Kibana domains
  • Suitable for development and small single-node deployments

Note: Inter-service traffic between Kibana and Elasticsearch is plain HTTP inside the project network. The cluster is single-node, so transport-layer TLS is disabled. If you need full end-to-end TLS or a multi-node cluster, use a different template.

Usage

ELK does not provide a one-click deployment. Follow these steps to finish setting up Kibana:

  1. Deploy the stack.
  2. Open the Terminal on the elasticsearch service and create a service-account token for Kibana: 
    $ ./bin/elasticsearch-service-tokens create elastic/kibana kibana
SERVICE_TOKEN elastic/kibana/kibana = <your-service-token>
  3. Set the printed token as the ELASTICSEARCH_SERVICEACCOUNTTOKEN environment variable on the kibana service.
  4. Restart the kibana service.
  5. Open the Terminal on the kibana service and generate the encryption keys: 
    $ bin/kibana-encryption-keys generate
    The output prints three values that should be set as environment variables on the kibana service:
    • XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY — encrypts stored objects (dashboards, visualizations)
    • XPACK_REPORTING_ENCRYPTIONKEY — encrypts saved reports
    • XPACK_SECURITY_ENCRYPTIONKEY — encrypts session information
  6. Set those three environment variables on the kibana service.
  7. Restart the kibana service.
  8. Access Elasticsearch at https://<your-elasticsearch-domain> (Zeabur edge terminates TLS — no port suffix needed).
  9. Access Kibana at https://<your-kibana-domain> — the web-based visualization interface.

Note: On first load, the browser DevTools console may show a single red CSP error like Refused to execute inline script ... script-src 'self'. This is expected — Kibana intentionally probes whether the browser enforces strict CSP, and immediately logs ^ A single error about an inline script not firing due to content security policy is expected! right after. Kibana continues to load and works normally.

Default Credentials

Check the instructions section of the Kibana service to see the auto-generated credentials.

Log in to Kibana with the elastic username and the auto-generated password to explore, visualize, and manage your Elasticsearch data.

Official Docs