We've deployed an elastic cluster using the recommended template in azure (https://github.com/elastic/azure-marketplace). Once created , we have 6 nodes (3 master + 3 data nodes) in a virtual network and one VM hosting kibana (this vm is public facing).
However , we want to move away from X-pack and roll out our own security measures (Using Nginx for auth for now and possibly bring in search-guard later).
To that effect , i did the below -
SSH'd into each VM and performed /usr/share/{elasticsearch|kibana}/bin/elasticsearch-plugin remove Xpack
After removing Xpack from both kibana/elasticsearch - i tried accessing the kibana url (xxxx:
) - but i still see a popup screen asking me for authentication (i can either login by elastic user or es_kibana user.
What is causing this popup to occur and how do i remove it?
Also , i just wanted to confirm if the process of authenticating using a reverse proxy in front of kibana would be sufficient enough for security (for a POC concept - not at scale) considerations. I will be adding search-guard on top of this later
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
