Elastic Enterprise Search is starting successfully but URL doesn't works

Hi! I'm new here and I'm new with elastic too.
I'm trying to run enterprise search version 7.10.2 on elasticsearch 7.10.2 and kibana 7.10.2.
I think this is fine because this on app-server.log:

Success! Elastic Enterprise Search is starting successfully.

In a few moments, you'll be able to login at the following address:

But when I try to access URL it not response from elastic neither:

Kibana is running OK, elastic is running OK and enterprise-search too.

I don't know where is the problem.

Please someone could help me?

Hey rams1!

It will help to know if you're managing your own instances or trying Enterprise Search on Cloud. Based on your description, my guess is you're managing your own instances. Also, based on your screenshot, it looks like Kibana is unable to access Enterprise Search.

Two things could help further debug the issue you're running into:

  1. Confirm the server that is hosting Kibana has network access to the server hosting Enterprise Search, in the event that those are two unique servers.
  2. Confirm that you can navigate directly to the Enterprise Search app, independent of Kibana. In your screenshot, you're representing this as http://IP:3002.

Based on what I can currently see, my guess would be that Enterprise Search is not accessible over a network.

Ross

Hello Ross!

Yes, I'm working own instances and now it's only 1 server with all installed: elastic, kibana and enterprise search.

I can't navigate to Enterprise Search app neither.

Thank's,
Rams1

Hi rams1,

How are you running enterprise-search + elasticsearch? Are you using the docker images, Linux or MacOS packages, ECK, or something else?

We can dive further into troubleshooting with this information.

Thanks!

Hi Scrilling.

I'm working with CentOS7 and installed all individually, first elasticsearch, then kibana and the last enterprise-search using this help: Download Elastic Enterprise Search | Elastic

I have Java8.

Thanks!

Hi rams,

The official download docs instruct to set ent_search.auth.source to standard, but it looks like the Kibana integration requires that elasticsearch-native or SAML is used.

This previous thread may be of use: Connect Kibana Workplace Search - #4 by Sean_Story

Can you please try that and let me know if it resolves your issue? If not, can you please post your configuration yml files for Elasticsearch, Kibana, and Enterprise Search?

Thank you!

Hi Scrilling,

First of all I'm not sure if I have to use: ent_search.auth.source o ent_search.auth.elastic.source I have tried both with elasticsearch-native but It doesn't works. I have the same result.


This is my elasticsearch.yml:

---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster:

cluster.name: elasticsearchcluster

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

node.name: master01

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

path.data: /var/lib/elasticsearch

Path to log files:

path.logs: /var/log/elasticsearch

---------------------------------- Network -----------------------------------

Set the bind address to a specific IP (IPv4 or IPv6):

network.host: 0.0.0.0

Set a custom port for HTTP:

http.port: 9200

--------------------------------- Discovery ----------------------------------

discovery.seed_hosts: ["myIP"]

Bootstrap the cluster using an initial set of master-eligible nodes:

cluster.initial_master_nodes: ["master01"]

Transport layer

xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.transport.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.transport.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca/ca.crt" ]

HTTP layer

xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.http.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca/ca.crt" ]
xpack.security.enabled: true


This is the kibana.yml:

Kibana is served by a back end server. This setting specifies the port to use.

server.port: 5601
server.host: "myIP"

The URLs of the Elasticsearch instances to use for all your queries.

elasticsearch.hosts: ["https://myIP:9200"]

App Search configuracio

enterpriseSearch.host: 'http://myIP:3002'

Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.

These settings enable SSL for outgoing requests from the Kibana server to the browser.

server.ssl.enabled: true

Enables you to specify a file where Kibana stores log output.

logging.dest: /var/log/kibana.log

Set the value of this setting to true to suppress all logging output.

logging.silent: false

Set the value of this setting to true to suppress all logging output other than error messages.

logging.quiet: false

Elasticsearch from/to Kibana

elasticsearch.ssl.certificateAuthorities: ["/etc/kibana/certs/ca/ca.crt"]
elasticsearch.ssl.certificate: "/etc/kibana/certs/kibana.crt"
elasticsearch.ssl.key: "/etc/kibana/certs/kibana.key"

Browser from/to Kibana

server.ssl.certificate: "/etc/kibana/certs/kibana.crt"
server.ssl.key: "/etc/kibana/certs/kibana.key"

xpack.security.enabled: true
elasticsearch.username: elastic
elasticsearch.password: ExV.......


And this is the enterprsie-search.yml:

---------------------------------- Secrets ----------------------------------

Encryption keys to protect your application secrets. This field is required.

secret_management.encryption_keys: [c63819da4669701559067edc2c110e63bbdb9012c14738add9d36438f0f21d14]

------------------------------- Elasticsearch -------------------------------

allow_es_settings_modification: true

Elasticsearch credentials:

elasticsearch.username: elastic
elasticsearch.password: Ex....

Elasticsearch full cluster URL:

elasticsearch.host: https://myIP:9200

Elasticsearch SSL settings:

elasticsearch.ssl.enabled: true
elasticsearch.ssl.certificate: "/usr/share/enterprise-search/certs/enterprise-search.crt"
elasticsearch.ssl.certificate_authority: "/usr/share/enterprise-search/certs/ca/ca.crt"
elasticsearch.ssl.key: "/usr/share/enterprise-search/certs/enterprise-search.key"
elasticsearch.ssl.key_passphrase: PlQrgSofx0ubFJGDUzrI
elasticsearch.ssl.verify: false

------------------------------- Hosting & Network ---------------------------

ent_search.external_url: http://myIP:3002
ent_search.listen_host: myIP
ent_search.listen_port: 3002

------------------------------ Authentication -------------------------------

ent_search.auth.source: elasticsearch-native #standard

---------------------------------- TLS/SSL ----------------------------------

Configure TLS/SSL encryption.

ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/usr/share/enterprise-search/certs/enterprise-search.key"
ent_search.ssl.keystore.password: XXXXXXX

---------------------------------- Session ----------------------------------

Set a session key to persist user sessions through process restarts.

secret_session_key: 4ccb10475b2574d49ea3e67965f4d5c0e7f64e3d83adb9cfaa49817f5eeac4480fd552f658247ca4c789d989c73e67ba5ec0edebd4f09dfcd7d2268d1710ff6f

Thanks,
rams

Ah, I see you are using TLS. The enterprise search plugin for Kibana does not yet support TLS configuration. Open issue is here: Support additional TLS options for Enterprise Search · Issue #76669 · elastic/kibana · GitHub. For what it’s worth, the existing integration is very minimal, simply redirecting the user to the Enterprise Search application. You should be able to access Enterprise Search directly at port 3002. Something that jumped out at me from your configuration is that you have TLS enabled for all services, but the value for ent_search.external_url uses http rather than https.

If that doesn’t turn out to be the issue, I did some digging in our internal forums and found that some users have seen weirdness on CentOS7 when installing with the rpm package. Just in case, export the ENT_SEARCH_CONFIG_PATH environment variable to the location of your enterprise-search.yml file. Additionally, let’s make sure the enterprise search server is functioning. Please run curl -X GET https://myIP:3002/api/ent/v1/internal/health -H "Content-Type: application/json" -u elastic:ES_PASSWORD and post the results + any related activity in the application server log.