Kibana behind AWS ELB

choonming · July 25, 2016, 1:06pm

I'm trying to get my ELK instance running on a private subnet in the AWS VPC. The ELK stack is working fine on its own. In order to access the Kibana dashboard from the internet, I've created an ELB an attached my ELK instance to it.

The ELB instance is listening on port 5601 on both source/destination. However, when I try to access my Kibana dashboard from the ELB endpoint, I'm not getting anything.

The Kibana is listening on 0.0.0.0 and the security groups are open for port 5601 as well.

simianhacker · July 25, 2016, 7:58pm

Make sure your Security group for ELB and EC2 are both open for 5601 and 0.0.0.0
Check that the ELB says the EC2 instance is online
Check that Kibana is available directing from the EC2 instance using the Public IP

What are you doing about security? Having Kibana open to the internet is probably a bad idea. At a minimum I would put it behind an Nginx Proxy with an SSL and Basic Auth.

choonming · July 25, 2016, 8:36pm

Chris,

EC2 and ELB are using the same security group that is open to 0.0.0.0
ELB instance do say its online. I can access it via the internal IP address when I tunnel through our bastion host

Our security group should limit it to our VPN and internal subnet only but for now it's open to 0.0.0.0 for testing purposes. If I can't access it via the ELB, there is no point for Nginx in place aint it?

jpcarey · July 26, 2016, 4:47am

What http response do you get?

curl -vvv kibana_url:5601

choonming · July 26, 2016, 12:31pm

finally found the issue. I've accidentally assigned my ELB to one of the private subnets that sits behind a NAT.