I'm using the same working images for elasticsearch/kibana/searchguard/jwtparams and can't access kibana front end, both services seem to be running but it has some sort of routing issue
{"type":"log","@timestamp":"2019-09-10T09:38:23Z","tags":["status","plugin:console@6.5.4","info"],"pid":1,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2019-09-10T09:38:23Z","tags":["status","plugin:metrics@6.5.4","info"],"pid":1,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
{"type":"log","@timestamp":"2019-09-10T09:38:23Z","tags":["status","plugin:elasticsearch@6.5.4","info"],"pid":1,"state":"green","message":"Status changed from yellow to green - Ready","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
{"type":"log","@timestamp":"2019-09-10T09:38:23Z","tags":["info","Sentinl","init"],"pid":1,"message":"initializing ..."}
{"type":"log","@timestamp":"2019-09-10T09:38:24Z","tags":["info","Sentinl","init"],"pid":1,"message":"Chrome bin found at: /usr/share/kibana/plugins/sentinl/node_modules/puppeteer/.local-chromium/linux-609904/chrome-linux/chrome"}
{"type":"log","@timestamp":"2019-09-10T09:38:24Z","tags":["info","Sentinl","init_indices"],"pid":1,"message":"checking watcher_alarms-2019.09.10 index ..."}
{"type":"log","@timestamp":"2019-09-10T09:38:24Z","tags":["listening","info"],"pid":1,"message":"Server running at http://0.0.0.0:5601"}
{"type":"response","@timestamp":"2019-09-10T09:38:53Z","tags":[],"pid":1,"method":"get","statusCode":302,"req":{"url":"/","method":"get","headers":{"host":"a504a8b40c89511e9afc00a6dba3af0d-1018407050.eu-central-1.elb.amazonaws.com","x-request-id":"596c4f635268062233292941ef1fb948","x-real-ip":"10.0.102.194","x-forwarded-for":"10.0.102.194","x-forwarded-host":"a504a8b40c89511e9afc00a6dba3af0d-1018407050.eu-central-1.elb.amazonaws.com","x-forwarded-port":"443","x-forwarded-proto":"https","x-original-uri":"/foo/kibana","x-scheme":"https","cache-control":"max-age=0","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 OPR/63.0.3368.66","sec-fetch-mode":"navigate","sec-fetch-user":"?1","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","sec-fetch-site":"none","accept-encoding":"gzip, deflate, br","accept-language":"en-GB,en-US;q=0.9,en;q=0.8"},"remoteAddress":"10.0.102.66","userAgent":"10.0.102.66"},"res":{"statusCode":302,"responseTime":16,"contentLength":9},"message":"GET / 302 16ms - 9.0B"}
{"type":"response","@timestamp":"2019-09-10T09:38:53Z","tags":[],"pid":1,"method":"get","statusCode":302,"req":{"url":"//login?nextUrl=%2F","method":"get","headers":{"host":"a504a8b40c89511e9afc00a6dba3af0d-1018407050.eu-central-1.elb.amazonaws.com","x-request-id":"8ff43b4b6e90bf16168fb5106b16c809","x-real-ip":"10.0.102.194","x-forwarded-for":"10.0.102.194","x-forwarded-host":"a504a8b40c89511e9afc00a6dba3af0d-1018407050.eu-central-1.elb.amazonaws.com","x-forwarded-port":"443","x-forwarded-proto":"https","x-original-uri":"/foo/kibana/login?nextUrl=%2F","x-scheme":"https","cache-control":"max-age=0","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 OPR/63.0.3368.66","sec-fetch-mode":"navigate","sec-fetch-user":"?1","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","sec-fetch-site":"none","accept-encoding":"gzip, deflate, br","accept-language":"en-GB,en-US;q=0.9,en;q=0.8"},"remoteAddress":"10.0.102.66","userAgent":"10.0.102.66"},"res":{"statusCode":302,"responseTime":2,"contentLength":9},"message":"GET //login?nextUrl=%2F 302 2ms - 9.0B"}
{"type":"response","@timestamp":"2019-09-10T09:38:54Z","tags":[],"pid":1,"method":"get","statusCode":302,"req":{"url":"//login?nextUrl=%2F%2Flogin%3FnextUrl%3D%252F","method":"get","headers":{"host":"a504a8b40c89511e9afc00a6dba3af0d-1018407050.eu-central-1.elb.amazonaws.com","x-request-id":"b8a4a89ce095627fca8bd74a6d98f699","x-real-ip":"10.0.102.194","x-forwarded-for":"10.0.102.194","x-forwarded-host":"a504a8b40c89511e9afc00a6dba3af0d-1018407050.eu-central-1.elb.amazonaws.com","x-forwarded-port":"443","x-forwarded-proto":"https","x-original-uri":"/foo/kibana/login?nextUrl=%2F%2Flogin%3FnextUrl%3D%252F","x-scheme":"https","cache-control":"max-age=0","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 OPR/63.0.3368.66","sec-fetch-mode":"navigate","sec-fetch-user":"?1","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","sec-fetch-site":"none","accept-encoding":"gzip, deflate, br","accept-language":"en-GB,en-US;q=0.9,en;q=0.8"},"remoteAddress":"10.0.102.66","userAgent":"10.0.102.66"},"res":{"statusCode":302,"responseTime":1,"contentLength":9},"message":"GET //login?nextUrl=%2F%2Flogin%3FnextUrl%3D%252F 302 1ms - 9.0B"}
here is my kibana.yaml
# Default Kibana configuration from kibana-docker.
server.name: kibana
server.host: 0.0.0.0
elasticsearch.url: http://foo-elasticsearch-loadbalancer:9200
#server.port: "80"
#server.host: foo-elasticsearch-loadbalancer
elasticsearch.ssl.certificateAuthorities: /root-ca.pem
elasticsearch.username: kibanaserver
elasticsearch.password: kibanaserver
elasticsearch.ssl.verificationMode: none
elasticsearch.requestHeadersWhitelist: ["Authorization", "sgtenant"]
server.ssl.enabled: false
server.ssl.key: /kirk-key.pem
server.ssl.certificate: /kirk.pem
searchguard.basicauth.enabled: true
searchguard.jwt.enabled: true
searchguard.auth.type: "basicauth"
# xpack.security.enabled: false
# If the token is not passed as HTTP header, but as request parameter,
# configure the parameter name here
searchguard.jwt.url_param: jwtparam
searchguard.cookie.secure: true
#logging.verbose: true
#server.defaultRoute: ""
server.basePath: /foo/kibana
server.rewriteBasePath: false
#xpack.security.enabled: false
#xpack.security.secureCookies: true
sentinl:
settings:
email:
active: true
host: 'smtp.gmail.com'
user: 'no-reply@gotbot.co.za'
password: '<secretly secret secret>'
port: 465
# domain: 'gmail.com'
ssl: true
# tls: true
# authentication: ['PLAIN', 'LOGIN', 'CRAM-MD5', 'XOAUTH2']
# timeout: 10000 # mail server connection timeout
# cert:
# key: '/full/sys/path/to/key/file'
# cert: '/full/sys/path/to/cert/file'
# ca: '/full/sys/path/to/ca/file'
report:
active: true
engine: puppeteer
`