How can I change the default Elasticsearch port that Kibana listens?

Elastic Stack Kibana
1

I already have an instance of Logstash, Elasticsearch and Kibana running on my computer with the version 7.4.2... I'd like to run a different instance of them with the version 7.14.0... So, in these new instances, I've changed Kibana to run on port 5602 and Elasticsearch to run on port 9201. I did it by changing the following line on the kibana.yml file

elasticsearch.hosts: ["http://localhost:9201"]

And the line on elasticsearch.yml file:

http.port: 9201

In this way, I thought I'd be able to run Kibana with the Elasticsearch running on port 9201 (not the default one). However, when I run Kibana I see the message "Kibana server is not ready yet" on the browser and on the terminal I see the following error:

This version of Kibana (v7.14.0) is incompatible with the following Elasticsearch nodes in your cluster: v7.4.2 @ 127.0.0.1:9200 (127.0.0.1)"}

I don't get why Kibana is still looking to my Elasticsearch that's running on the port 9200... Shouldn't those changes that I made on the yml files fix this problem? What extra procedure am I missing for making Kibana read only the Elasticsearch running on the port 9201?

2

Can you please share your Kibana config and log files?

3

I haven't changed much besides changing the Elasticsearch port location. My kibana.yml file is the following :

# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5602

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"

# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""

# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# This setting was effectively always `false` before Kibana 6.3 and will
# default to `true` starting in Kibana 7.0.
#server.rewriteBasePath: false

# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""

# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576

# The Kibana server's name.  This is used for display purposes.
#server.name: "log-server"

# The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["http://localhost:9201"]

# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"

# The default application to load.
#kibana.defaultAppId: "home"

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "kibana_system"
#elasticsearch.password: "pass"

# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key

# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500

# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000

# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]

# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}

# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000

# Logs queries sent to Elasticsearch. Requires logging.verbose set to true.
#elasticsearch.logQueries: false

# Specifies the path where Kibana creates the process ID file.
#pid.file: /run/kibana/kibana.pid

# Enables you to specify a file where Kibana stores log output.
#logging.dest: stdout

# Set the value of this setting to true to suppress all logging output.
#logging.silent: false

# Set the value of this setting to true to suppress all logging output other than error messages.
#logging.quiet: false

# Set the value of this setting to true to log all events, including system usage information
# and all requests.
#logging.verbose: false

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000.
#ops.interval: 5000

# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English - en , by default , Chinese - zh-CN .
#i18n.locale: "en"

And the last 20 lines of logs is:

{"type":"log","@timestamp":"2021-08-18T17:02:56-03:00","tags":["error","savedobjects-service"],"pid":58775,"message":"Unable to retrieve version information from Elasticsearch nodes. connect ECONNREFUSED 127.0.0.1:9201"}
{"type":"log","@timestamp":"2021-08-18T17:03:16-03:00","tags":["error","savedobjects-service"],"pid":58775,"message":"This version of Kibana (v7.14.0) is incompatible with the following Elasticsearch nodes in your cluster: v7.4.2 @ 127.0.0.1:9200 (127.0.0.1)"}
{"type":"log","@timestamp":"2021-08-18T17:03:30-03:00","tags":["info","plugins-system"],"pid":58775,"message":"Stopping all plugins."}
{"type":"log","@timestamp":"2021-08-18T17:03:30-03:00","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":58775,"message":"Monitoring stats collection is stopped"}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["info","plugins-service"],"pid":28753,"message":"Plugin \"metricsEntities\" is disabled."}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["warning","config","deprecation"],"pid":28753,"message":"plugins.scanDirs is deprecated and is no longer used"}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["warning","config","deprecation"],"pid":28753,"message":"Config key [monitoring.cluster_alerts.email_notifications.email_address] will be required for email notifications to work in 8.0.\""}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["warning","config","deprecation"],"pid":28753,"message":"\"xpack.reporting.roles\" is deprecated. Granting reporting privilege through a \"reporting_user\" role will not be supported starting in 8.0. Please set \"xpack.reporting.roles.enabled\" to \"false\" and grant reporting privileges to users using Kibana application privileges **Management > Security > Roles**."}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["info","http","server","NotReady"],"pid":28753,"message":"http server running at http://0.0.0.0:5602"}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["info","plugins-system"],"pid":28753,"message":"Setting up [106] plugins: [translations,taskManager,licensing,globalSearch,globalSearchProviders,banners,licenseApiGuard,code,usageCollection,xpackLegacy,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,securityOss,share,screenshotMode,telemetry,newsfeed,mapsEms,mapsLegacy,legacyExport,kibanaLegacy,embeddable,uiActionsEnhanced,expressions,charts,esUiShared,bfetch,data,savedObjects,visualizations,visTypeXy,visTypeVislib,visTypeTimelion,features,visTypeTagcloud,visTypeTable,visTypePie,visTypeMetric,visTypeMarkdown,tileMap,regionMap,presentationUtil,timelion,home,searchprofiler,painlessLab,grokdebugger,graph,visTypeVega,management,watcher,licenseManagement,indexPatternManagement,advancedSettings,discover,discoverEnhanced,dashboard,dashboardEnhanced,visualize,visTypeTimeseries,savedObjectsManagement,spaces,security,transform,savedObjectsTagging,lens,reporting,canvas,lists,ingestPipelines,fileUpload,maps,dataVisualizer,encryptedSavedObjects,dataEnhanced,timelines,dashboardMode,cloud,upgradeAssistant,snapshotRestore,fleet,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,enterpriseSearch,eventLog,actions,alerting,triggersActionsUi,stackAlerts,ruleRegistry,osquery,ml,cases,securitySolution,observability,uptime,infra,monitoring,logstash,console,apmOss,apm]"}
{"type":"log","@timestamp":"2021-08-18T17:03:49-03:00","tags":["info","plugins","taskManager"],"pid":28753,"message":"TaskManager is identified by the Kibana UUID: cf5a0178-7785-44dc-9e6f-b1832bdf7c3d"}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["warning","plugins","security","config"],"pid":28753,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["warning","plugins","security","config"],"pid":28753,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["warning","plugins","reporting","config"],"pid":28753,"message":"Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["info","plugins","reporting","config"],"pid":28753,"message":"Chromium sandbox provides an additional layer of protection, and is supported for Linux Ubuntu 18.04 OS. Automatically enabling Chromium sandbox."}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["warning","plugins","encryptedSavedObjects"],"pid":28753,"message":"Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["warning","plugins","actions","actions"],"pid":28753,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-08-18T17:03:52-03:00","tags":["warning","plugins","alerting","plugins","alerting"],"pid":28753,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}
{"type":"log","@timestamp":"2021-08-18T17:03:57-03:00","tags":["info","plugins","ruleRegistry"],"pid":28753,"message":"Write is disabled, not installing assets"}
{"type":"log","@timestamp":"2021-08-18T17:03:57-03:00","tags":["info","savedobjects-service"],"pid":28753,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
{"type":"log","@timestamp":"2021-08-18T17:03:58-03:00","tags":["error","savedobjects-service"],"pid":28753,"message":"This version of Kibana (v7.14.0) is incompatible with the following Elasticsearch nodes in your cluster: v7.4.2 @ 127.0.0.1:9200 (127.0.0.1)"}

I have an Elasticsearch instance running on the port 9200... But I also have a different instance running on the port 9201 and my kibana.yml seems to be looking to the one on port 9200 (which is not the one that I'd like to use).

4

Can you check that?

5

I'm not sure how... When I run curl localhost:9201 I see:

{
  "name" : "osiris",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "uwIgsKxbTJqr74Wj8o2lwg",
  "version" : {
    "number" : "7.14.0",
    "build_flavor" : "default",
    "build_type" : "tar",
    "build_hash" : "dd5a0a2acaa2045ff9624f3729fc8a6f40835aa1",
    "build_date" : "2021-07-29T20:49:32.864135063Z",
    "build_snapshot" : false,
    "lucene_version" : "8.9.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

So it seems everything is fine with Elasticsearch... I've sent some data to it with Logstash as well and I haven't received any errors. Is there any other reason why Elasticsearch may reject the Kibana conection when my Elasticsearch is up and running?

Additional information 1

Also, I've realized that after taking out the line server.host: "0.0.0.0" this connect ECONNREFUSED 127.0.0.1:9201 error disappears. However, when I open localhost:5602 on my browser I still see the message Kibana server is not ready yet

{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["info","plugins-service"],"pid":16980,"message":"Plugin
\"metricsEntities\" is disabled."}                                                                                      
{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["warning","config","deprecation"],"pid":16980,"message":
"plugins.scanDirs is deprecated and is no longer used"}                                                                 
{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["warning","config","deprecation"],"pid":16980,"message":
"Config key [monitoring.cluster_alerts.email_notifications.email_address] will be required for email notifications to w
ork in 8.0.\""}                                                                                                         
{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["warning","config","deprecation"],"pid":16980,"message":
"\"xpack.reporting.roles\" is deprecated. Granting reporting privilege through a \"reporting_user\" role will not be su
pported starting in 8.0. Please set \"xpack.reporting.roles.enabled\" to \"false\" and grant reporting privileges to us
ers using Kibana application privileges **Management > Security > Roles**."}                                            
{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["info","http","server","NotReady"],"pid":16980,"message"
:"http server running at http://localhost:5602"}                                                                        
{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["info","plugins-system"],"pid":16980,"message":"Setting
up [106] plugins: [translations,taskManager,licensing,globalSearch,globalSearchProviders,banners,licenseApiGuard,code,u
sageCollection,xpackLegacy,telemetryCollectionManager,telemetryCollectionXpack,kibanaUsageCollection,securityOss,share,
screenshotMode,telemetry,newsfeed,mapsEms,mapsLegacy,legacyExport,kibanaLegacy,embeddable,uiActionsEnhanced,expressions
,charts,esUiShared,bfetch,data,savedObjects,visualizations,visTypeXy,visTypeVislib,visTypeTimelion,features,visTypeTagc
loud,visTypeTable,visTypePie,visTypeMetric,visTypeMarkdown,tileMap,regionMap,presentationUtil,timelion,home,searchprofi
ler,painlessLab,grokdebugger,graph,visTypeVega,management,watcher,licenseManagement,indexPatternManagement,advancedSett
ings,discover,discoverEnhanced,dashboard,dashboardEnhanced,visualize,visTypeTimeseries,savedObjectsManagement,spaces,se
curity,transform,savedObjectsTagging,lens,reporting,canvas,lists,ingestPipelines,fileUpload,maps,dataVisualizer,encrypt
edSavedObjects,dataEnhanced,timelines,dashboardMode,cloud,upgradeAssistant,snapshotRestore,fleet,indexManagement,rollup
,remoteClusters,crossClusterReplication,indexLifecycleManagement,enterpriseSearch,eventLog,actions,alerting,triggersAct
ionsUi,stackAlerts,ruleRegistry,osquery,ml,cases,securitySolution,observability,uptime,infra,monitoring,logstash,consol
e,apmOss,apm]"}                                                                                                         
{"type":"log","@timestamp":"2021-08-19T00:51:05-03:00","tags":["info","plugins","taskManager"],"pid":16980,"message":"T
askManager is identified by the Kibana UUID: cf5a0178-7785-44dc-9e6f-b1832bdf7c3d"}                                     
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["warning","plugins","security","config"],"pid":16980,"me
ssage":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart
, please set xpack.security.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}            
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["warning","plugins","security","config"],"pid":16980,"me
ssage":"Session cookies will be transmitted over insecure connections. This is not recommended."}                       
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["warning","plugins","reporting","config"],"pid":16980,"m
essage":"Generating a random key for xpack.reporting.encryptionKey. To prevent sessions from being invalidated on resta
rt, please set xpack.reporting.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}         
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["info","plugins","reporting","config"],"pid":16980,"mess
age":"Chromium sandbox provides an additional layer of protection, and is supported for Linux Ubuntu 18.04 OS. Automati
cally enabling Chromium sandbox."}                                                                                      
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["warning","plugins","encryptedSavedObjects"],"pid":16980
,"message":"Saved objects encryption key is not set. This will severely limit Kibana functionality. Please set xpack.en
cryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}                    
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["warning","plugins","actions","actions"],"pid":16980,"me
ssage":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set xpack.encryp
tedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}                        
{"type":"log","@timestamp":"2021-08-19T00:51:08-03:00","tags":["warning","plugins","alerting","plugins","alerting"],"pi
d":16980,"message":"APIs are disabled because the Encrypted Saved Objects plugin is missing encryption key. Please set
xpack.encryptedSavedObjects.encryptionKey in the kibana.yml or use the bin/kibana-encryption-keys command."}            
{"type":"log","@timestamp":"2021-08-19T00:51:13-03:00","tags":["info","plugins","ruleRegistry"],"pid":16980,"message":"
Write is disabled, not installing assets"}                                                                              
{"type":"log","@timestamp":"2021-08-19T00:51:14-03:00","tags":["info","savedobjects-service"],"pid":16980,"message":"Wa
iting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}            
{"type":"log","@timestamp":"2021-08-19T00:51:14-03:00","tags":["error","savedobjects-service"],"pid":16980,"message":"T
his version of Kibana (v7.14.0) is incompatible with the following Elasticsearch nodes in your cluster: v7.4.2 @ 127.0.
0.1:9200 (127.0.0.1)"}

Additional information 2

I'm actually running the following script to install Kibana and elasticsearch:

INSTALLFOLDER="/$HOME/ELK"
####################################

ELASTICSEARCHFOLDER="$INSTALLFOLDER/elasticsearch-7.14.0"
KIBANAFOLDER="$INSTALLFOLDER/kibana-7.14.0-linux-x86_64"

sudo apt-get -y install npm 
sudo npm install -g pm2 
sudo apt-get -y install default-jdk 
if ! [ -d "$INSTALLFOLDER" ]; then mkdir -p "$INSTALLFOLDER" ; fi

# Elasticsearch
cd "$INSTALLFOLDER"
    # Download Elasticsearch
    wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.14.0-linux-x86_64.tar.gz
    tar -xzf elasticsearch-7.14.0-linux-x86_64.tar.gz && rm elasticsearch-7.14.0-linux-x86_64.tar.gz
    # Start Elasticsearch service
    cd "$ELASTICSEARCHFOLDER"
    pm2 start bin/elasticsearch --interpreter=bash --name=elasticsearch

# Kibana
cd "$INSTALLFOLDER"
    # Download Kibana
    wget https://artifacts.elastic.co/downloads/kibana/kibana-7.14.0-linux-x86_64.tar.gz
    tar -xzf kibana-7.14.0-linux-x86_64.tar.gz && rm kibana-7.14.0-linux-x86_64.tar.gz
    # Start Kibana service
    cd "$KIBANAFOLDER"
    pm2 start bin/kibana --interpreter=bash --name=kibana

pm2 save
pm2 startup
sudo env PATH=$PATH:/usr/bin /usr/local/lib/node_modules/pm2/bin/pm2 startup systemd -u $USER --hp /home/$USER

I've tried running it and installing Kibana and Elasticsearch on a server where I don't have an already running instance of Kibana and Elasticsearch... And it worked perfectly fine on port 9200. The problem seems to happen when I have two instances of them running on the same computer for some reason... But I can't figure out why...

7

Well, I ended up breaking my old Elasticsearch by trying to put it on a different port. I put it on the port 9205, and then I put it on the port 9200 again... Now when the Kibana from the version 7.4.2 gives me the message "all shards failed: [search_phase_execution_exception] all shards failed". There seems to have this error on many threads here in the forum but I didn't find a way of fixing it for my context. I know how to make it work installing one new instance from scratch... But the problem is that I had many different dashboards on the instance that's not working now. I'm not sure how I can recover it now.

I know its status is red... If i run curl -XGET localhost:9200/_cluster/health?wait_for_status=yellow&timeout=50s I see:

{
  "cluster_name": "elasticsearch",
  "status": "red",
  "timed_out": true,
  "number_of_nodes": 1,
  "number_of_data_nodes": 1,
  "active_primary_shards": 61,
  "active_shards": 61,
  "relocating_shards": 0,
  "initializing_shards": 0,
  "unassigned_shards": 2,
  "delayed_unassigned_shards": 0,
  "number_of_pending_tasks": 0,
  "number_of_in_flight_fetch": 0,
  "task_max_waiting_in_queue_millis": 0,
  "active_shards_percent_as_number": 96.82539682539682
}

Does anyone know if I can do something to fix it? :confused:

8

What do your Elasticsearch logs show?

7.4 is EOL, please upgrade :slight_smile:

9

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.