bitnami/kibana Docker 镜像 - 轩辕镜像
bitnami/kibana自动构建
Bitnami提供的Kibana安全镜像,用于部署和运行安全加固的Kibana环境。
36 收藏0 次下载
Bitnami Secure Image for Kibana
What is Kibana?
Kibana is an open source, browser based analytics and search dashboard for Elasticsearch. Kibana strives to be easy to get started with, while also being flexible and powerful.
Overview of Kibana Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
TL;DR
Docker Compose
consoledocker run --name kibana bitnami/kibana:latest
Why use Bitnami Secure Images?
Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise OS Photon Linux. Why choose BSI images?
- Hardened secure images of popular open source software with Near-Zero Vulnerabilities
- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores
- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM)
- Software supply chain provenance attestation through in-toto
- First class support for the internet’s favorite Helm charts
Each image comes with valuable security metadata. You can view the metadata in our public catalog here. Note: Some data is only available with commercial subscriptions to BSI.
!Alt text !Alt text
If you are looking for our previous generation of images based on Debian Linux, please see the Bitnami Legacy registry.
Why use a non-root container?
Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers in our docs.
Supported tags and respective Dockerfile links
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.
You can see the equivalence between the different tags by taking a look at the tags-info.yaml file present in the branch folder, i.e bitnami/ASSET/BRANCH/DISTRO/tags-info.yaml.
Subscribe to project updates by watching the bitnami/containers GitHub repo.
Get this image
The recommended way to get the Bitnami Kibana Docker Image is to pull the prebuilt image from the Docker Hub Registry.
consoledocker pull bitnami/kibana:latest
To use a specific version, you can pull a versioned tag. You can view the list of available versions in the Docker Hub Registry.
consoledocker pull bitnami/kibana:[TAG]
If you wish, you can also build the image yourself by cloning the repository, changing to the directory containing the Dockerfile and executing the docker build command. Remember to replace the APP, VERSION and OPERATING-SYSTEM path placeholders in the example command below with the correct values.
consolegit clone [***] cd bitnami/APP/VERSION/OPERATING-SYSTEM docker build -t bitnami/APP:latest .
How to use this image
Run the application manually
If you want to run the application manually instead of using the chart, these are the basic steps you need to run:
-
Create a new network for the application and the database:
consoledocker network create kibana_network -
Run the Elasticsearch container:
consoledocker run -d -p 9200:9200 --name elasticsearch --net=kibana_network bitnami/elasticsearch -
Run the Kibana container:
consoledocker run -d -p 5601:5601 --name kibana --net=kibana_network \ -e KIBANA_ELASTICSEARCH_URL=elasticsearch \ bitnami/kibana
Then you can access your application at [***]
Persisting your application
If you remove the container all your data and configurations will be lost, and the next time you run the image the application will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.
For persistence you should mount a volume at the /bitnami path. Additionally you should mount a volume for persistence of the Elasticsearch data.
The above examples define docker volumes namely elasticsearch_data and kibana_data. The Kibana application state will persist as long as these volumes are not removed.
To avoid inadvertent removal of these volumes you can mount host directories as data volumes. Alternatively you can make use of volume plugins to host the volume data.
consoledocker run -v /path/to/kibana-persistence:/bitnami/kibana bitnami/kibana:latest
NOTE: As this is a non-root container, the mounted files and directories must have the proper permissions for the UID
1001.
Connecting to other containers
Using Docker container networking, a Kibana server running inside a container can easily be accessed by your application containers.
Containers attached to the same network can communicate with each other using the container name as the hostname.
Using the Command Line
Step 1: Create a network
consoledocker network create app-tier --driver bridge
Step 2: Launch the Kibana server instance
Use the --network app-tier argument to the docker run command to attach the Kibana container to the app-tier network.
consoledocker run -d --name kibana-server \ --network app-tier \ bitnami/kibana:latest
Step 3: Launch your application container
consoledocker run -d --name myapp \ --network app-tier \ YOUR_APPLICATION_IMAGE
IMPORTANT:
- Please update the YOUR_APPLICATION_IMAGE_ placeholder in the above snippet with your application image
- In your application container, use the hostname
kibana-serverto connect to the Kibana server
Configuration
Environment variables
Customizable environment variables
| Name | Description | Default Value |
|---|---|---|
KIBANA_ELASTICSEARCH_URL | Elasticsearch URL. Provide Client node url in the case of a cluster | elasticsearch |
KIBANA_ELASTICSEARCH_PORT_NUMBER | Elasticsearch port | 9200 |
KIBANA_HOST | Kibana host | 0.0.0.0 |
KIBANA_PORT_NUMBER | Kibana port | 5601 |
KIBANA_WAIT_READY_MAX_RETRIES | Max retries to wait for Kibana to be ready | 30 |
KIBANA_INITSCRIPTS_START_SERVER | Whether to start the Kibana server before executing the init scripts | yes |
KIBANA_FORCE_INITSCRIPTS | Whether to force the execution of the init scripts | no |
KIBANA_DISABLE_STRICT_CSP | Disable strict Content Security Policy (CSP) for Kibana | no |
KIBANA_CERTS_DIR | Path to certificates folder. | ${SERVER_CONF_DIR}/certs |
KIBANA_SERVER_ENABLE_TLS | Enable TLS for inbound connections via HTTPS. | false |
KIBANA_SERVER_KEYSTORE_LOCATION | Path to Keystore | ${SERVER_CERTS_DIR}/server/kibana.keystore.p12 |
KIBANA_SERVER_KEYSTORE_PASSWORD | Password for the Elasticsearch keystore containing the certificates or password-protected PEM key. | nil |
KIBANA_SERVER_TLS_USE_PEM | Configure Kibana server TLS settings using PEM certificates. | false |
KIBANA_SERVER_CERT_LOCATION | Path to PEM node certificate. | ${SERVER_CERTS_DIR}/server/tls.crt |
KIBANA_SERVER_KEY_LOCATION | Path to PEM node key. | ${SERVER_CERTS_DIR}/server/tls.key |
KIBANA_SERVER_KEY_PASSWORD | Password for the Elasticsearch node PEM key. | nil |
KIBANA_PASSWORD | Kibana password. | nil |
KIBANA_ELASTICSEARCH_ENABLE_TLS | Enable TLS for Elasticsearch communications. | false |
KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE | Elasticsearch TLS verification mode. | full |
KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION | Path to Elasticsearch Truststore. | ${SERVER_CERTS_DIR}/elasticsearch/elasticsearch.truststore.p12 |
KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD | Password for the Elasticsearch truststore. | nil |
KIBANA_ELASTICSEARCH_TLS_USE_PEM | Configure Elasticsearch TLS settings using PEM certificates. | false |
KIBANA_ELASTICSEARCH_CA_CERT_LOCATION | Path to Elasticsearch CA certificate. | ${SERVER_CERTS_DIR}/elasticsearch/ca.crt |
KIBANA_DISABLE_STRICT_CSP | Disable strict Content Security Policy (CSP) for Kibana | no |
KIBANA_CREATE_USER | Enable the creation of the kibana_system user, if it doesnt exists | false |
KIBANA_ELASTICSEARCH_PASSWORD | Password for the elastic superuser. Required if KIBANA_CREATE_USER is enabled | nil |
KIBANA_SERVER_PUBLICBASEURL | Publicly available URL that end-users access Kibana at | nil |
KIBANA_XPACK_SECURITY_ENCRYPTIONKEY | Encryption key so that sessions are not invalidated | nil |
KIBANA_XPACK_REPORTING_ENCRYPTIONKEY | Static encryption key for reporting | nil |
KIBANA_NEWSFEED_ENABLED | Control whether to enable the newsfeed system for the Kibana UI notification center | true |
KIBANA_ELASTICSEARCH_REQUESTTIMEOUT | Time in milliseconds to wait for responses from the back end or Elasticsearch | 30000 |
Read-only environment variables
| Name | Description | Value |
|---|---|---|
SERVER_FLAVOR | Server flavor. Valid values: kibana or opensearch-dashboards. | kibana |
BITNAMI_VOLUME_DIR | Directory where to mount volumes | /bitnami |
KIBANA_VOLUME_DIR | Kibana persistence directory | ${BITNAMI_VOLUME_DIR}/kibana |
KIBANA_BASE_DIR | Kibana installation directory | ${BITNAMI_ROOT_DIR}/kibana |
KIBANA_CONF_DIR | Kibana configuration directory | ${SERVER_BASE_DIR}/config |
KIBANA_DEFAULT_CONF_DIR | Kibana default configuration directory | ${SERVER_BASE_DIR}/config.default |
KIBANA_LOGS_DIR | Kibana logs directory | ${SERVER_BASE_DIR}/logs |
KIBANA_TMP_DIR | Kibana temporary directory | ${SERVER_BASE_DIR}/tmp |
KIBANA_BIN_DIR | Kibana executable directory | ${SERVER_BASE_DIR}/bin |
KIBANA_PLUGINS_DIR | Kibana plugins directory | ${SERVER_BASE_DIR}/plugins |
KIBANA_DEFAULT_PLUGINS_DIR | Kibana default plugins directory | ${SERVER_BASE_DIR}/plugins.default |
KIBANA_DATA_DIR | Kibana data directory | ${SERVER_VOLUME_DIR}/data |
KIBANA_MOUNTED_CONF_DIR | Directory for including custom configuration files (that override the default generated ones) | ${SERVER_VOLUME_DIR}/conf |
KIBANA_CONF_FILE | Path to Kibana configuration file | ${SERVER_CONF_DIR}/kibana.yml |
KIBANA_LOG_FILE | Path to the Kibana log file | ${SERVER_LOGS_DIR}/kibana.log |
KIBANA_PID_FILE | Path to the Kibana pid file | ${SERVER_TMP_DIR}/kibana.pid |
KIBANA_INITSCRIPTS_DIR | Path to the Kibana container init scripts directory | /docker-entrypoint-initdb.d |
KIBANA_DAEMON_USER | Kibana system user | kibana |
KIBANA_DAEMON_GROUP | Kibana system group | kibana |
When you start the kibana image, you can adjust the configuration of the instance by passing one or more environment variables on the docker run command line.
Specifying Environment Variables on the Docker command line
consoledocker run -d -e KIBANA_ELASTICSEARCH_URL=elasticsearch --name kibana bitnami/kibana:latest
Initializing a new instance
When the container is executed for the first time, it will execute the files with extension .sh, located at /docker-entrypoint-initdb.d.
In order to have your custom files inside the docker image you can mount them as a volume.
Configuration file
The image looks for configurations in /bitnami/kibana/conf/. As mentioned in Persisting your application you can mount a volume at /bitnami and copy/edit the configurations in the /path/to/kibana-persistence/kibana/conf/. The default configurations will be populated to the conf/ directory if it's empty.
Step 1: Run the Kibana image
Run the Kibana image, mounting a directory from your host.
consoledocker run --name kibana -v /path/to/kibana-persistence:/bitnami bitnami/kibana:latest
Step 2: Edit the configuration
Edit the configuration on your host using your favorite editor.
consolevi /path/to/kibana-persistence/kibana/conf/kibana.conf
Step 3: Restart Kibana
After changing the configuration, restart your Kibana container for changes to take effect.
consoledocker restart kibana
Refer to the configuration manual for the complete list of configuration options.
FIPS configuration in Bitnami Secure Images
The Bitnami Kibana Docker image from the Bitnami Secure Images catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables:
OPENSSL_FIPS: whether OpenSSL runs in FIPS mode or not.yes(default),no.
Logging
The Bitnami Kibana Docker image sends the container logs to the stdout. To view the logs:
consoledocker logs kibana
You can configure the containers logging driver using the --log-driver option if you wish to consume the container logs differently. In the default configuration docker uses the json-file driver.
Maintenance
Upgrade this image
Bitnami provides up-to-date versions of Kibana, including security patches, soon after they are made upstream. We recommend that you follow these steps to upgrade your container.
Step 1: Get the updated image
consoledocker pull bitnami/kibana:latest
Step 2: Stop and backup the currently running container
Stop the currently running container using the command
consoledocker stop kibana
Next, take a snapshot of the persistent volume /path/to/kibana-persistence using:
consolersync -a /path/to/kibana-persistence /path/to/kibana-persistence.bkp.$(date +%Y%m%d-%H.%M.%S)
Additionally, snapshot the Elasticsearch data
You can use these snapshots to restore the application state should the upgrade fail.
Step 3: Remove the currently running container
consoledocker rm -v kibana
Step 4: Run the new image
Re-create your container from the new image, restoring your backup if necessary.
consoledocker run --name kibana bitnami/kibana:latest
Notable Changes
Starting January 16, 2024
- The
docker-compose.yamlfile has been removed, as it was solely intended for internal testing purposes.
6.8.15-debian-10-r12 & 7.10.2-debian-10-r62 & 7.12.0-debian-10-r0
- The size of the container image has been decreased.
- The configuration logic is now based on Bash scripts in the rootfs/ folder.
- Kibana 7.12.0 version or later are licensed under the Elastic License that is not currently accepted as an Open Source license by the Open Source Initiative (OSI).
- Kibana 7.12.0 version or later are including x-pack plugin installed by default. Follow official documentation to use it.
6.5.1-r3 & 5.6.13-r20
- The Kibana container has been migrated to a non-root user approach. Previously the container ran as the
rootuser and the Kibana daemon was started as thekibanauser. From now on, both the container and the Kibana daemon run as user1001. As a consequence, the data directory must be writable by that user. You can revert this behavior by changingUSER 1001toUSER rootin the Dockerfile.
4.5.4-r1
ELASTICSEARCH_URLparameter has been renamed toKIBANA_ELASTICSEARCH_URL.ELASTICSEARCH_PORTparameter has been renamed toKIBANA_ELASTICSEARCH_PORT.
Contributing
We'd love for you to contribute to this container. You can request new features by creating an issue or submitting a pull request with your contribution.
Issues
If you encountered a problem running this container, you can file an issue. For us to provide better support, be sure to fill the issue template.
License
Copyright © 2026 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
<[***]>
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
kibana
官方
Kibana作为Elastic Stack的核心组件,能够将Elasticsearch中索引的各类数据——包括结构化数据(如交易记录、系统指标、用户行为日志)和非结构化数据(如文本文档、邮件内容、社交媒体评论)——进行整合、处理、分析与可视化,它通过提供多样化的可视化组件(如折线图、柱状图、热力图、仪表盘、地理空间地图等)、灵活的查询工具和交互式探索功能,将复杂分散的数据转化为具有清晰逻辑结构和实用洞察的直观内容,帮助用户深入理解数据模式、实时监控业务动态、快速发现潜在问题,并基于数据驱动做出明智决策,从而充分释放Elasticsearch索引数据的价值。
2824100M+ pulls
上次更新:3 天前
bitnamicharts/kibana
认证
Bitnami提供的Kibana Helm chart,用于在Kubernetes环境中快速部署和管理Kibana,具备预配置、易用特性,支持日志分析与数据可视化。
500K+ pulls
上次更新:5 个月前
rancher/kibana
认证
暂无描述
10K+ pulls
上次更新:7 年前
elastic/kibana
由Elastic公司官方维护的Kibana Docker镜像是Elastic Stack生态中的核心可视化组件,专为简化数据探索与分析流程设计,提供容器化部署方案,支持用户快速搭建Kibana服务,实现对Elasticsearch存储数据的实时监控、日志分析、指标可视化及报表生成等功能,确保镜像的安全性、稳定性及与Elastic Stack其他组件的无缝兼容,满足企业级数据可视化需求。
511M+ pulls
上次更新:10 天前
phenompeople/kibana
Kibana gives shape to any kind of data — structured and unstructured — indexed in Elasticsearch.
1M+ pulls
上次更新:1 年前
ibmcom/kibana
IBM Cloud Private-CE(社区版)AMD64架构Kibana组件的Docker镜像,该组件不适合单独使用,是基于Kubernetes的免费容器管理解决方案IBM Cloud Private-CE(社区版)的一部分。
150K+ pulls
上次更新:7 年前
轩辕镜像配置手册
探索更多轩辕镜像的使用方法,找到最适合您系统的配置方式
登录仓库拉取
通过 Docker 登录认证访问私有仓库
Linux
在 Linux 系统配置镜像服务
Windows/Mac
在 Docker Desktop 配置镜像
Docker Compose
Docker Compose 项目配置
K8s Containerd
Kubernetes 集群配置 Containerd
K3s
K3s 轻量级 Kubernetes 镜像加速
Dev Containers
VS Code Dev Containers 配置
MacOS OrbStack
MacOS OrbStack 容器配置
宝塔面板
在宝塔面板一键配置镜像
群晖
Synology 群晖 NAS 配置
飞牛
飞牛 fnOS 系统配置镜像
极空间
极空间 NAS 系统配置服务
爱快路由
爱快 iKuai 路由系统配置
绿联
绿联 NAS 系统配置镜像
威联通
QNAP 威联通 NAS 配置
Podman
Podman 容器引擎配置
Singularity/Apptainer
HPC 科学计算容器配置
其他仓库配置
ghcr、Quay、nvcr 等镜像仓库
专属域名拉取
无需登录使用专属域名
需要其他帮助?请查看我们的 常见问题Docker 镜像访问常见问题解答 或 提交工单
镜像拉取常见问题
轩辕镜像免费版与专业版有什么区别?
免费版仅支持 Docker Hub 访问,不承诺可用性和速度;专业版支持更多镜像源,保证可用性和稳定速度,提供优先客服响应。
轩辕镜像支持哪些镜像仓库?
专业版支持 docker.io、gcr.io、ghcr.io、registry.k8s.io、nvcr.io、quay.io、mcr.microsoft.com、docker.elastic.co 等;免费版仅支持 docker.io。
流量耗尽错误提示
当返回 402 Payment Required 错误时,表示流量已耗尽,需要充值流量包以恢复服务。
410 错误问题
通常由 Docker 版本过低导致,需要升级到 20.x 或更高版本以支持 V2 协议。
manifest unknown 错误
先检查 Docker 版本,版本过低则升级;版本正常则验证镜像信息是否正确。
镜像拉取成功后,如何去掉轩辕镜像域名前缀?
使用 docker tag 命令为镜像打上新标签,去掉域名前缀,使镜像名称更简洁。
用户好评
来自真实用户的反馈,见证轩辕镜像的优质服务
oldzhang
运维工程师
Linux服务器
5
"Docker访问体验非常流畅,大镜像也能快速完成下载。"
咨询镜像拉取问题请 提交工单,官方技术交流群:1072982923
轩辕镜像面向开发者与科研用户,提供开源镜像的搜索和访问支持。所有镜像均来源于原始仓库,本站不存储、不修改、不传播任何镜像内容。