How to enable "Management / Security" in Kibana for Basic plan?
According to Subscriptions | Elastic Stack Products & Support | Elastic Basic Plan support
Elasticsearch:
Role-based access control
File and native authentication
Kibana:
Role-based access control (including spaces)
File and native authentication
but looks like "xpack.security.enabled: true" on Elasticsearch is not working on Basic plan license.
[ERROR][o.e.x.m.c.c.StatsCollector] collector [ccr_stats] failed to collect data
I use ELK versions 6.8.1
Does subscriptions documentation wrong or I mistake somewhere?
That error applies to cross cluster replication, which is not covered by the basic license. Can you share your configuration?
version: '2.2'
services:
elasticsearch:
image: elasticsearch:6.8.1
volumes:
- /mnt/data/elasticsearch:/usr/share/elasticsearch/data
- /mnt/data/elasticsearch/plugins/6.8.1:/usr/share/elasticsearch/plugins
- ${PWD}/certs/:/usr/share/elasticsearch/config/certificates/
network_mode: bridge
ports:
- 9200:9200
- 9300:9300
restart: unless-stopped
cpus: 1.8
mem_limit: 6150m
oom_kill_disable: true
.env
ES_JAVA_OPTS=-XX:+UseContainerSupport -Des.http.cname_in_publish_address=true -Xms3844m -Xmx3844m
cluster.name=elasticsearch-logs
node.name=elasticsearch-logs-01
bootstrap.memory_lock=true
discovery.type=single-node
xpack.monitoring.collection.enabled=true
xpack.monitoring.collection.interval=10s
xpack.monitoring.history.duration=7d
xpack.security.enabled=false
xpack.security.transport.ssl.enabled=true
xpack.security.transport.ssl.verification_mode=certificate
xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/certificates/ca.crt
xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/certificates/instance.key
xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/certificates/instance.crt
cluster.routing.allocation.disk.threshold_enabled=true
cluster.routing.allocation.disk.watermark.low=90%
cluster.routing.allocation.disk.watermark.high=95%
cluster.info.update.interval=90s
cluster.routing.allocation.balance.shard=0.35f
cluster.routing.allocation.balance.index=0.55f
cluster.routing.allocation.balance.threshold=1.5f
cluster.routing.allocation.cluster_concurrent_rebalance=6
cluster.routing.allocation.node_concurrent_recoveries=4
indices.recovery.max_bytes_per_sec=80mb
indices.requests.cache.size=2%
indices.queries.cache.size=10%
indices.memory.index_buffer_size=10%
@Christian_Dahlqvist but are you sure that xpack.security.enabled=true should work on basic plan license?
On 6.8 it should. I see nothing related to car there so am not sure why you are getting that error.
I delete everything and leave just
ES_JAVA_OPTS=-XX:+UseContainerSupport -Des.http.cname_in_publish_address=true -Xms3844m -Xmx3844m
cluster.name=elasticsearch-logs
node.name=elasticsearch-logs-01.stg02.pd.internal
bootstrap.memory_lock=true
discovery.type=single-node
xpack.security.enabled=true
container started, no ERRORS but Elasticseach not start working (just stucked)
logs
elasticsearch_1 | [2019-07-13T10:39:09,305][INFO ][o.e.d.DiscoveryModule ] [elasticsearch-logs-01] using discovery type [single-node] and host providers [settings]
elasticsearch_1 | [2019-07-13T10:39:10,394][INFO ][o.e.n.Node ] [elasticsearch-logs-01] initialized
elasticsearch_1 | [2019-07-13T10:39:10,394][INFO ][o.e.n.Node ] [elasticsearch-logs-01] starting ...
elasticsearch_1 | [2019-07-13T10:39:10,580][INFO ][o.e.t.TransportService ] [elasticsearch-logs-01] publish_address {172.17.0.4:9300}, bound_addresses {0.0.0.0:9300}
elasticsearch_1 | [2019-07-13T10:39:10,988][WARN ][o.e.b.BootstrapChecks ] [elasticsearch-logs-01] Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
elasticsearch_1 | [2019-07-13T10:39:11,037][INFO ][o.e.h.n.Netty4HttpServerTransport] [elasticsearch-logs-01] publish_address {172.17.0.4:9200}, bound_addresses {0.0.0.0:9200}
elasticsearch_1 | [2019-07-13T10:39:11,038][INFO ][o.e.n.Node ] [elasticsearch-logs-01] started
elasticsearch_1 | [2019-07-13T10:39:19,497][INFO ][o.e.l.LicenseService ] [elasticsearch-logs-01] license [e3f4d2cc-d853-479c-89e1-d0d5731e8030] mode [basic] - valid
elasticsearch_1 | [2019-07-13T10:39:19,510][INFO ][o.e.g.GatewayService ] [elasticsearch-logs-01] recovered [384] indices into cluster_state
elasticsearch_1 | [2019-07-13T10:39:40,594][INFO ][o.e.m.j.JvmGcMonitorService] [elasticsearch-logs-01] [gc][30] overhead, spent [278ms] collecting in the last [1s]
elasticsearch_1 | [2019-07-13T10:40:01,767][INFO ][o.e.c.r.a.AllocationService] [elasticsearch-logs-01] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[XXX-2019.06.30][0]] ...]).
To use security you need to configure TLS which is what the warning message complains about.
xpack.security.enabled=true
xpack.security.transport.ssl.enabled=true
xpack.security.transport.ssl.verification_mode=certificate
xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/certificates/ca.crt
xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/certificates/instance.key
xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/certificates/instance.crt
the same
started but stucked (no errors and warnings)
elasticsearch_1 | [2019-07-13T10:45:49,015][INFO ][o.e.n.Node ] [elasticsearch-logs-01] starting ...
elasticsearch_1 | [2019-07-13T10:45:49,201][INFO ][o.e.t.TransportService ] [elasticsearch-logs-01] publish_address {172.17.0.4:9300}, bound_addresses {0.0.0.0:9300}
elasticsearch_1 | [2019-07-13T10:45:49,623][INFO ][o.e.h.n.Netty4HttpServerTransport] [elasticsearch-logs-01] publish_address {172.17.0.4:9200}, bound_addresses {0.0.0.0:9200}
elasticsearch_1 | [2019-07-13T10:45:49,624][INFO ][o.e.n.Node ] [elasticsearch-logs-01] started
elasticsearch_1 | [2019-07-13T10:45:58,895][INFO ][o.e.l.LicenseService ] [elasticsearch-logs-01] license [e3f4d2cc-d853-479c-89e1-d0d5731e8030] mode [basic] - valid
elasticsearch_1 | [2019-07-13T10:45:58,905][INFO ][o.e.g.GatewayService ] [elasticsearch-logs-01] recovered [384] indices into cluster_state
elasticsearch_1 | [2019-07-13T10:46:41,686][INFO ][o.e.c.r.a.AllocationService] [elasticsearch-logs-01] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[XXXX-2019.06.30][1], [XXXX-2019.06.30][0]] ...]).
resolved. It works with BASIC plan
steps I forgot to do:
run elasticsearch-setup-passwords and choose passwords
setup creds in Kibana .env for docker
restart kibana
wait ~2 min for first run to open kibana web page (very slooow)
and after that "Management / Security" visible in Kibana @Christian_Dahlqvist thnx a lot for help!
Finally did it work with "xpack.security.enabled" true or false?
ikakavas
August 8, 2019, 9:16am
11
@pavankumarjs please start your own topic. Each setup and configuration is unique, different versions have different requirements and the platform on which you run Elasticsearch and Kibana affects how it should be configured too. It would be really hard for anyone to give you an out of context simple answer to the question you posted above.
When you open the new topic, take the time to explain the details of your setup, version , OS, the current configuration and the issue you are experiencing. This will highly enhance the chances of someone looking into your issue and you getting meaningful response
system
September 5, 2019, 9:16am
12
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
