Enterprise Search could not connect to Kibana

Elastic Search
,
1

Hi, I try to setup enterprise search in docker-compose, but idk why enterprisesearch isnt able to connect to Kibana. There is my complete docker-compose.yml :

services:
  setup:
    container_name: setup
    image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION}
    volumes:
      - certs:/usr/share/elasticsearch/config/certs
    user: "0"
    command: >
      bash -c '
        if [ x${ELASTIC_PASSWORD} == x ]; then
          echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
          exit 1;
        elif [ x${KIBANA_PASSWORD} == x ]; then
          echo "Set the KIBANA_PASSWORD environment variable in the .env file";
          exit 1;
        fi;
        if [ ! -f config/certs/ca.zip ]; then
          echo "Creating CA";
          bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
          unzip config/certs/ca.zip -d config/certs;
        fi;
        if [ ! -f config/certs/certs.zip ]; then
          echo "Creating certs";
          echo -ne \
          "instances:\n"\
          "  - name: es01\n"\
          "    dns:\n"\
          "      - es01\n"\
          "      - localhost\n"\
          "    ip:\n"\
          "      - 127.0.0.1\n"\
          > config/certs/instances.yml;
          bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
          unzip config/certs/certs.zip -d config/certs;
        fi;
        echo "Setting file permissions"
        chown -R root:root config/certs;
        find . -type d -exec chmod 750 \{\} \;;
        find . -type f -exec chmod 640 \{\} \;;
        echo "Waiting for Elasticsearch availability";
        until curl -s --cacert config/certs/ca/ca.crt https://es01:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
        echo "Setting kibana_system password";
        until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es01:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
        echo "All done!";
      '
    healthcheck:
      test: ["CMD-SHELL", "[ -f config/certs/es01/es01.crt ]"]
      interval: 1s
      timeout: 5s
      retries: 120
    networks:
      - esnet

  es01:
    container_name: es01
    depends_on:
      setup:
        condition: service_healthy
    image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION}
    volumes:
      - certs:/usr/share/elasticsearch/config/certs
      - esdata01:/usr/share/elasticsearch/data
    ports:
      - ${ES_PORT}:9200
    environment:
      - node.name=es01
      - cluster.name=${CLUSTER_NAME}
      - cluster.initial_master_nodes=es01
      # - cluster.initial_master_nodes=es01,es02,es03
      # - cluster.initial_master_nodes=es01,es02
      # - discovery.seed_hosts=es02,es03
      # - discovery.seed_hosts=es02
      # - discovery.type=single-node
      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
      - bootstrap.memory_lock=true
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.key=certs/es01/es01.key
      - xpack.security.http.ssl.certificate=certs/es01/es01.crt
      - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.key=certs/es01/es01.key
      - xpack.security.transport.ssl.certificate=certs/es01/es01.crt
      - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.license.self_generated.type=${LICENSE}
    mem_limit: ${ES_MEM_LIMIT}
    ulimits:
      memlock:
        soft: -1
        hard: -1
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
        ]
      interval: 10s
      timeout: 10s
      retries: 120
    networks:
      - esnet

  kibana:
    container_name: kibana
    depends_on:
      es01:
        condition: service_healthy
    image: docker.elastic.co/kibana/kibana:${STACK_VERSION}
    volumes:
      - certs:/usr/share/kibana/config/certs
      - kibanadata:/usr/share/kibana/data
    ports:
      - ${KIBANA_PORT}:5601
    environment:
      - SERVERNAME=kibana
      - ELASTICSEARCH_HOSTS=https://es01:9200
      - ELASTICSEARCH_USERNAME=kibana_system
      - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
      - ENTERPRISESEARCH_HOST=http://enterprisesearch:${ENTERPRISE_SEARCH_PORT}
    mem_limit: ${KB_MEM_LIMIT}
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
        ]
      interval: 10s
      timeout: 10s
      retries: 120
    networks:
      - esnet
  
  enterprisesearch:
    container_name: enterprisesearch
    depends_on:
      es01:
        condition: service_healthy
      kibana:
        condition: service_healthy
    image: docker.elastic.co/enterprise-search/enterprise-search:${STACK_VERSION}
    volumes:
      - certs:/usr/share/enterprise-search/config/certs
      - enterprisesearchdata:/usr/share/enterprise-search/config
    ports:
      - ${ENTERPRISE_SEARCH_PORT}:3002
    environment:
      - SERVERNAME=enterprisesearch
      - secret_management.encryption_keys=[${ENCRYPTION_KEYS}]
      - allow_es_settings_modification=true
      - elasticsearch.host=https://es01:9200
      - elasticsearch.username=elastic
      - elasticsearch.password=${ELASTIC_PASSWORD}
      - elasticsearch.ssl.enabled=true
      - elasticsearch.ssl.certificate_authority=/usr/share/enterprise-search/config/certs/ca/ca.crt
      - kibana.external_url=http://kibana:5601
    mem_limit: ${AP_MEM_LIMIT}
    healthcheck:
      test:
        [
            "CMD-SHELL",
            "curl -s -I http://localhost:3002 | grep -q 'HTTP/1.1 302 Found'",
        ]
      interval: 10s
      timeout: 10s
      retries: 120
    networks:
      - esnet
  
  nginx:
    container_name: nginx
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'  # HTTP
      - '443:443' # HTTPS
      - '81:81'  # Admin Web Port
    volumes:
      - nginx-data:/data
      - nginx-letsencrypt:/etc/letsencrypt
      - nginx-snippets:/snippets:ro
    environment:
      TZ: 'Europe/Berlin'
    networks:
      - esnet

volumes:
  certs:
    driver: local
    name: certs
  esdata01:
    driver: local
    name: esdata01
  kibanadata:
    driver: local
    name: kibanadata
  enterprisesearchdata:
    driver: local
    name: enterprisesearchdata
  nginx-data:
    driver: local
    name: nginx-data
  nginx-letsencrypt:
    driver: local
    name: nginx-letsencrypt
  nginx-snippets:
    driver: local
    name: nginx-snippets

networks:
  esnet:
    driver: bridge
    name: esnet

I think the problem is enterprisesearch try to access Kibana from localhost instead of kibana.

There is enterprisesearch logs :

enterprisesearch  | Custom Enterprise Search configuration file detected, not overwriting it (any settings passed via environment will be ignored)
enterprisesearch  | Found java executable in PATH
enterprisesearch  | Java version detected: 11.0.23 (major version: 11)
enterprisesearch  | Enterprise Search is starting...
enterprisesearch  | [2024-09-12T09:38:09.894+00:00][7][4004][app-server][INFO]: Elastic Enterprise Search version=8.15.0, JRuby version=9.3.14.0, Ruby version=2.6.8, Rails version=6.1.7.7
enterprisesearch  | [2024-09-12T09:38:11.321+00:00][7][4004][app-server][INFO]: Performing pre-flight checks for Elasticsearch running on https://es01:9200...
enterprisesearch  | WARNING: An illegal reflective access operation has occurred
enterprisesearch  | WARNING: Illegal reflective access by org.jruby.javasupport.binding.ConstantField (file:/usr/share/enterprise-search/lib/war/lib/jruby-core-9.3.14.0-complete.jar) to field sun.security.x509.X509CertImpl.SIG
enterprisesearch  | WARNING: Please consider reporting this to the maintainers of org.jruby.javasupport.binding.ConstantField
enterprisesearch  | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
enterprisesearch  | WARNING: All illegal access operations will be denied in a future release
enterprisesearch  | [2024-09-12T09:38:11.973+00:00][7][4004][app-server][INFO]: Elasticsearch cluster is ready
enterprisesearch  | [2024-09-12T09:38:11.975+00:00][7][4004][app-server][INFO]: Successfully connected to Elasticsearch
enterprisesearch  | [2024-09-12T09:38:12.035+00:00][7][4004][app-server][INFO]: Successfully loaded Elasticsearch plugin information for all nodes
enterprisesearch  | [2024-09-12T09:38:12.048+00:00][7][4004][app-server][INFO]: Elasticsearch running with an active basic license
enterprisesearch  | [2024-09-12T09:38:12.084+00:00][7][4004][app-server][INFO]: Elasticsearch API key service is enabled
enterprisesearch  | [2024-09-12T09:38:12.098+00:00][7][4004][app-server][INFO]: Elasticsearch will be used for authentication
enterprisesearch  | [2024-09-12T09:38:12.100+00:00][7][4004][app-server][INFO]: Elasticsearch looks healthy and configured correctly to run Enterprise Search
enterprisesearch  | [2024-09-12T09:38:12.102+00:00][7][4004][app-server][INFO]: Performing pre-flight checks for Kibana running on http://localhost:5601...
enterprisesearch  | [2024-09-12T09:38:12.132+00:00][7][4004][app-server][WARN]: Failed to connect to Kibana backend. Make sure it is running and healthy.
enterprisesearch  | [2024-09-12T09:38:12.135+00:00][7][4004][app-server][ERROR]: Could not connect to Kibana backend after 0 seconds.
enterprisesearch  | [2024-09-12T09:38:12.136+00:00][7][4004][app-server][WARN]: Enterprise Search is unable to connect to Kibana. Ensure it is running at http://localhost:5601 for user elastic.
enterprisesearch  | [2024-09-12T09:38:17.561+00:00][7][4004][app-server][INFO]: Elastic APM agent is disabled

Do u have some idea ? I really dont know how to fix it

Thx !

2

Well I can connect Enterprise Search to Kibana using kibana.host instead of kibana.external_url. But Enterprise Search container stop after connecting without error or warning, just stop...

3

From Elasticsearch to Elastic Search

4

Added elastic-app-search and removed elastic-stack-security

5

Hi @lxup,

Indeed you needed to update kibana.host to point to correct url.

Regarding container stopping - not sure why it could happen. Can you share any logs from Enterprise Search? Are you allocating correct amount of resources to the image? (at least 2GB)

6

Sry for wrong tags its my first post here.

And yes but the example from Enterprise Search here : Run Enterprise Search server using Docker images | Enterprise Search documentation [8.15] | Elastic

Never use kibana.host, only kibana. external_url, probably a mistake :sweat_smile:

I found the problem with Enterprise Search, Ive increase RAM to 2GB instead of 1GB

7

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.