ECE kibana portal not accessible

Previous post got closed hence opening a new request

Dear All,
My new ECE cluster is up and running however I am getting below message when I access kibana portal directly on port serverIP:9243. I am able to access the admin console of the cluster but no the kibana.

{"ok":false,"message":"Unknown deployment."}

My ECE cluster is running on a private cloud and have 3 allocator hosts and haproxy is configured on first allocator host (192.168.1.1).
It has 3 master, 3 kibana and 3 data nodes.

Below is my sample haproxy config

global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

listen ece_coordinator_uiapi_http_12400
  bind 192.168.1.1:1240
#  bind *:12400
  #mode tcp
  mode http
  balance source
  #option tcplog
  reqadd X-Forwarded-Proto:\ http
  server allocator01_12400 192.168.1.1:12400 check
  server allocator02_12400 192.168.1.1:12400 check
  server allocator03_12400 192.168.1.1:12400 check

listen ece_coordinator_uiapi_https_12443
  bind 192.168.1.1:2443
  #bind *:12443
  #mode tcp
  mode http
  balance source
  #option tcplog
  reqadd X-Forwarded-Proto:\ https
  server allocator01_12443 192.168.1.1:12443 check
  server allocator02_12443 192.168.1.2:12443 check
  server allocator03_12443 192.168.1.3:12443 check

listen ece_proxy_elastickibana_http_9200
  bind 192.168.1.1:9100
  #bind *:9200
  #mode tcp
  mode http
  balance source
  #option tcplog
  reqadd X-Forwarded-Proto:\ http
  server allocator01_9200 192.168.1.1:9200 check
  server allocator02_9200 192.168.1.2:9200 check
  server allocator03_9200 192.168.1.3:9200 check

listen ece_proxy_elastickibana_https_9243
  bind 192.168.1.1:9223
  #bind *:9243
  #mode tcp
  mode http
  balance source
  #option tcplog
  http-request add-header X-Found-Cluster 72bbc3de0e144f378ebab582fe3ea047
  reqadd X-Forwarded-Proto:\ https
  server allocator01_9243 192.168.1.1:9243 check
  server allocator02_9243 192.168.1.2:9243 check
  server allocator03_9243 192.168.1.3:9243 check

listen stats
  bind 192.168.1.1:9090
  #bind *:9090
  mode http
  stats uri /
  stats auth user1:password

Also I tried even with 9243 directly by skipping haproxy and gives me same error.

[elastic@ecehost1 ~]$ curl -k -u elastic https://192.168.1.1:9243
Enter host password for user 'elastic':
{"ok":false,"message":"Unknown deployment."}

[elastic@ecehost1 ~]$ curl -k -u elastic https://192.168.1.1:9243/_health
Enter host password for user 'elastic':
{
  "ok": true,
  "status": 200
}

[elastic@ecehost1 ~]$ curl -u elastic https://192.168.1.1:9243
Enter host password for user 'elastic':
curl: (60) Peer's certificate issuer has been marked as not trusted by the user.
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
[elastic@ecehost1 ~]$

Health status log below:

[elastic@ecehost1 ~]$ curl -k -u elastic https://72bbc3de0e144f378ebab582fe3ea047.192.168.1.1:9243/_health
Enter host password for user 'elastic':
{
  "ok": true,
  "status": 200
}
[elastic@ecehost1 ~]$

---------------------------

{"type":"response","@timestamp":"2020-08-10T16:29:13Z","tags":["api"],"pid":32,"method":"get","statusCode":200,"req":{"url":"/api/status","method":"get","headers":{"host":"192.168.1.1:18350","user-agent":"Go-http-client/1.1","accept-encoding":"gzip"},"remoteAddress":"172.17.42.1","userAgent":"172.17.42.1"},"res":{"statusCode":200,"responseTime":42,"contentLength":9},"message":"GET /api/status 200 42ms - 9.0B"}

I also tried to hit a non-existent page just to check the server is responding and checked the logs, below are the output

[elastic@ecehost1 ~]$ curl -k -u elastic https://72bbc3de0e144f378ebab582fe3ea047.192.168.1.1:9243/apps
Enter host password for user 'elastic':
{"statusCode":404,"error":"Not Found","message":"Not Found"}
[elastic@ecehost1 ~]$

Below is the snippet log of above command

{"type":"response","@timestamp":"2020-08-10T16:30:38Z","tags":[],"pid":32,"method":"get","statusCode":404,"req":{"url":"/apps","method":"get","headers":{"host":"192.168.1.1:18350","user-agent":"curl/7.29.0","accept":"*/*","x-cloud-request-id":"vSsroRS-SMGkcI-R8dJ9jw","x-forwarded-host":"72bbc3de0e144f378ebab582fe3ea047.192.168.1.1:9243","x-found-kibana-cluster":"72bbc3de0e144f378ebab582fe3ea047"},"remoteAddress":"172.17.42.1","userAgent":"172.17.42.1"},"res":{"statusCode":404,"responseTime":300,"contentLength":9},"message":"GET /apps 404 300ms - 9.0B"}

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.