ECK in azure

Elastic Orchestration Elastic Cloud on Kubernetes (ECK)
1

Hi,

I have managed to install the ECK as explained in the quikcstart guides (Quickstart | Elastic Cloud on Kubernetes [2.8] | Elastic) but now I am trying to install with integration to Azure AD.

I changed my elasticsearch license to enterprise but I keep on getting the following error each time log in:

image
image761×529 25.5 KB

And the logs dont reveal much either:

 [2023-05-31T13:39:31.476+00:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: No ML saved objects in need of synchronization
 [2023-05-31T13:39:41.339+00:00][INFO ][http.server.Kibana] http server running at https://0.0.0.0:5601
 [2023-05-31T14:02:46.997+00:00][INFO ][plugins.security.routes] Logging in with provider "oidc1" (oidc)
 [2023-05-31T14:03:00.242+00:00][WARN ][plugins.security.authentication] Could not authenticate user with the existing session. Forcing logout.

My elasticsearch.yaml file:

apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: elasticsearch
spec:
  version: 8.5.0
  secureSettings:
  - secretName: elastic-client
  nodeSets:
  - name: elasticsearch
    count: 1
    config:
      node.store.allow_mmap: false
      xpack:
          security:
            authc:
              realms:
                oidc:
                  oidc1:
                    order: 2
                    rp.client_id: "****************"
                    rp.response_type: "code"
                    rp.requested_scopes: ["openid", "email"]
                    rp.redirect_uri: "**************:5601/api/security/oidc/callback"
                    op.issuer: "https://login.microsoftonline.com/***********/v2.0"
                    op.authorization_endpoint: "https://login.microsoftonline.com/***********/oauth2/v2.0/authorize"
                    op.token_endpoint: "https://login.microsoftonline.com/***********/oauth2/v2.0/token"
                    op.jwkset_path: "https://login.microsoftonline.com/***********/discovery/v2.0/keys"
                    op.userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo"
                    op.endsession_endpoint: "https://login.microsoftonline.com/***********/oauth2/v2.0/logout"
                    claims.principal: email
                    claims.groups: "^([^@]+)@**********\\.TLD$"

apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
  name: elasticsearch
spec:
  version: 8.5.0
  count: 1
  elasticsearchRef:
    name: elasticsearch
  http:
    tls:
      certificate:
        secretName: cert
  config:
    xpack.security.authc.providers:
      oidc.oidc1:
        order: 0
        realm: oidc1
        description: "Log in with Azure"
      basic.basic1:
        order: 1

I've set up the app as kibana & got the secret for the azure AD:

apiVersion: v1
data:
  key1: ***************************************
kind: Secret
metadata:
  name: "xpack.security.authc.realms.oidc.oidc1.rp.client.secret"
  namespace: elastic

What have I missed?
How would I be able to reveal more in the logs file?

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.