Hi
I have a cluster with two nodes and two nginx
I configured ssl tls and https between 2nodes and kibana, but unfortunately my kibana does not open
I followed step by step with the bellow link:
This is my instance.yml
for each node:
#add the instance information to yml file
instances:
- name: 'elk1'
dns: [ 'node1.elastic.test.com' ]
- name: "elk2"
dns: [ 'node2.elastic.test.com' ]
- name: 'my-kibana'
dns: [ 'kibana.local' ]
- name: 'logstash'
dns: [ 'logstash.local' ]
Also my /etc/hosts
is:
172.22.34.36 node1.elastic.test.com node1 elk1
172.22.34.37 node2.elastic.test.com node1 elk2
127.0.0.1 kibana.local logstash.local
My certs contain:
drwxr-xr-x. 2 root root 32 May 3 09:00 ca
drwxr-xr-x. 2 root root 36 May 3 09:00 elk1
drwxr-xr-x. 2 root root 36 May 3 09:00 elk2
drwxr-xr-x. 2 root root 44 May 3 09:00 logstash
drwxr-xr-x. 2 root root 46 May 3 09:00 my-kibana
This is my elasticsearch.yml
of elk1:
cluster.name: logServer
node.name: elk1
node.master: true
node.data: true
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: node1.elastic.test.com
http.port: 9200
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.key: certs/elk1.key
xpack.security.http.ssl.certificate: certs/elk1.crt
xpack.security.http.ssl.certificate_authorities: certs/ca.crt
xpack.security.transport.ssl.key: certs/elk1.key
xpack.security.transport.ssl.certificate: certs/elk1.crt
xpack.security.transport.ssl.certificate_authorities: certs/ca.crt
discovery.seed_hosts: [ "node1.elastic.test.com","node2.elastic.test.com" ]
cluster.initial_master_nodes: [ "elk1" ]
And this is the elasticsearch.yml
of elk2:
cluster.name: logServer
node.name: elk2
node.data: true
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: node2.elastic.test.com
http.port: 9200
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.key: certs/elk2.key
xpack.security.http.ssl.certificate: certs/elk2.crt
xpack.security.http.ssl.certificate_authorities: certs/ca.crt
xpack.security.transport.ssl.key: certs/elk2.key
xpack.security.transport.ssl.certificate: certs/elk2.crt
xpack.security.transport.ssl.certificate_authorities: certs/ca.crt
discovery.seed_hosts: [ "node1.elastic.test.com","node2.elastic.test.com" ]
I generated CA and server certificates with the bellow command:
bin/elasticsearch-certutil cert --keep-ca-key --pem --in ~/tmp/cert_blog/instance.yml --out ~/tmp/cert_blog/certs.zip
And after that, set built-in user password:
bin/elasticsearch-setup-passwords auto -u "https://node1.elastic.test.com:9200"
I've also enabled TLS for kibana too, and this is my kibana.yml
that is on elk1 server:
server.port: 5601
server.host: "kibana.local"
server.name: "my-kibana"
server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/config/certs/my-kibana.crt
server.ssl.key: /etc/kibana/config/certs/my-kibana.key
elasticsearch.hosts: ["https://node1.elastic.test.com:9200","https://node2.elastic.test.com:9200"]
elasticsearch.username: "kibana"
elasticsearch.password: "RvRWiTcWaHQyxPT771oZ"
elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/config/certs/ca.crt" ]
Everything seems to be ok, and the result of netstat -tnlp
on elk1 is:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 13042/master
tcp 0 0 127.0.0.1:5601 0.0.0.0:* LISTEN 1074/node
tcp 0 0 0.0.0.0:22022 0.0.0.0:* LISTEN 12798/sshd
tcp6 0 0 ::1:25 :::* LISTEN 13042/master
tcp6 0 0 127.0.0.1:9600 :::* LISTEN 1073/java
tcp6 0 0 :::22022 :::* LISTEN 12798/sshd
tcp6 0 0 172.22.34.36:9200 :::* LISTEN 12801/java
tcp6 0 0 172.22.34.36:9300 :::* LISTEN 12801/java
tcp6 0 0 :::5044 :::* LISTEN 1073/java
tcp6 0 0 :::5045 :::* LISTEN 1073/java
I also configured nginx.conf
for each nginx node:
events {
worker_connections 1024;
}
http {
upstream kibana {
server 172.22.34.36:5601;
}
server {
listen 0.0.0.0:80;
server_name kibana.local;
error_log /var/log/nginx/kibana.error.log;
access_log /var/log/nginx/kibana.access.log;
return 301 https://kibana.local$request_uri;
location / {
rewrite ^/(.*) /$1 break;
proxy_ignore_client_abort on;
proxy_pass http://kibana;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
upstream kibanaredirect {
server 172.22.34.36:5601;
}
After all, I can not still access to kibana and my cluster...
Where is the problem?