Kibana cannot connect to elastichsearch in https, xpack enabled

Elastic Stack Kibana
1

hello

i deploy elastci stack in kubernetes with helm chart
i got my elastcisearch runnning with xpack and running well

here uis the values

node.master: true
replicas: 1
minimumMasterNodes: 1
clusterHealthCheckParams: 'wait_for_status=yellow&timeout=1s'
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 3
timeoutSeconds: 5

protocol: https

esConfig:
Elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.http.ssl.keystore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.authc.realms.native.local.order: 0

extraEnvs:

  • name: ELASTIC_PASSWORD
    valueFrom:
    secretKeyRef:
    name: elastic-credentials
    key: password
  • name: ELASTIC_USERNAME
    valueFrom:
    secretKeyRef:
    name: elastic-credentials
    key: username

secretMounts:

  • name: elastic-certificates
    secretName: elastic-certificates
    path: /usr/share/Elasticsearch/config/certs

then i try to connect kibana

values :

secretMounts:

  • name: elastic-certificate-pem
    secretName: elastic-certificate-pem
    path: /usr/share/kibana/config/certs
    kibanaConfig:
    kibana.yml: |
    Elasticsearch.hosts: [ "https://elastic.cyberpeaceinstitute.network:9200/" ]

    xpack.security.enabled: true
    xpack.security.audit.enabled: true
    Elasticsearch.ssl.certificateAuthorities: /usr/share/kibana/config/certs/elastic-certificate.pem
    Elasticsearch.ssl.verificationMode: certificate
    Elasticsearch.username: "xxxxx"
    Elasticsearch.password: "xxxx"

i got this error on kibana :

"message":"Unable to retrieve version information from Elasticsearch nodes. socket hang up"}

and in Elasticsearch :

{"type": "server", "timestamp": "2021-10-14T08:18:16,407Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "Elasticsearch", "node.name": "Elasticsearch-master-0", "message": "received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/10.25.3.245:9200, remoteAddress=/10.25.3.39:41280}", "cluster.uuid": "d8t801T_RjKy0j11ErmA3A", "node.id": "fsj52VA8TCGvRml5N_ckGA" }

it looks like the connection is in clear , but in my kibana conf it is in https

when i do a curl in the kibana pod to get the elesticsearhc i gor no error !!!!

thanks for your help

2

I'm surprised that Kibana even starts - yaml is case sensitive, and you should have elasticsearch.* settings in lowercase as all other settings (not sure if it's somehow normalized in k8s setup though).

Can you try to use lowercase everywhere?

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.