Hey all,
Fairly new to setting up Kibana, we are setting up on a test environment at the moment, an azure vm using CentOs.
We installed Elasticseach and Kibana with Ansible playbooks, during some troubleshooting we had whilst enabling X-pack (trial) and some security stuff, we have run into an issue in which the kibana.service will not start, we seem to get
Error: EACCES: permission denied, open '/etc/kibana/kibana.yml'
everytime it we restart it or start it.`
Here are the file permissions:
-rw-r--r--. 1 root kibana 1397 Dec 7 11:57 elastic-ca.pem
-rwxrwx---. 1 root kibana 130 Dec 2 14:04 kibana.keystore
-rwxr-xr-x. 1 kibana kibana 5092 Dec 7 12:08 kibana.yml
-rw-r--r--. 1 root kibana 216 Nov 4 13:30 node.options
the systemctl status is
● kibana.service - Kibana
Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Tue 2021-12-07 12:09:25 UTC; 11min ago
Docs: https://www.elastic.co
Process: 12558 ExecStart=/usr/share/kibana/bin/kibana --logging.dest="/var/log/kibana/kibana.log" --pid.file="/run/kibana/kibana.pid" (code=exited, status=1/FAILURE)
Main PID: 12558 (code=exited, status=1/FAILURE)
Dec 07 12:09:22 es-vm1 systemd[1]: Unit kibana.service entered failed state.
Dec 07 12:09:22 es-vm1 systemd[1]: kibana.service failed.
Dec 07 12:09:25 es-vm1 systemd[1]: kibana.service holdoff time over, scheduling restart.
Dec 07 12:09:25 es-vm1 systemd[1]: Stopped Kibana.
Dec 07 12:09:25 es-vm1 systemd[1]: start request repeated too quickly for kibana.service
Dec 07 12:09:25 es-vm1 systemd[1]: Failed to start Kibana.
Dec 07 12:09:25 es-vm1 systemd[1]: Unit kibana.service entered failed state.
Dec 07 12:09:25 es-vm1 systemd[1]: kibana.service failed.
Some of the journalctl -u kibana -r stuff
Dec 07 12:09:25 es-vm1 systemd[1]: kibana.service failed.
Dec 07 12:09:25 es-vm1 systemd[1]: Unit kibana.service entered failed state.
Dec 07 12:09:25 es-vm1 systemd[1]: Failed to start Kibana.
Dec 07 12:09:25 es-vm1 systemd[1]: start request repeated too quickly for kibana.service
Dec 07 12:09:25 es-vm1 systemd[1]: Stopped Kibana.
Dec 07 12:09:25 es-vm1 systemd[1]: kibana.service holdoff time over, scheduling restart.
Dec 07 12:09:22 es-vm1 systemd[1]: kibana.service failed.
Dec 07 12:09:22 es-vm1 systemd[1]: Unit kibana.service entered failed state.
Dec 07 12:09:22 es-vm1 systemd[1]: kibana.service: main process exited, code=exited, status=1/FAILURE
Dec 07 12:09:22 es-vm1 kibana[12558]: throw err;
Dec 07 12:09:22 es-vm1 kibana[12558]: internal/fs/utils.js:332
Dec 07 12:09:22 es-vm1 systemd[1]: Started Kibana.
Dec 07 12:09:22 es-vm1 systemd[1]: Stopped Kibana.
Dec 07 12:09:22 es-vm1 systemd[1]: kibana.service holdoff time over, scheduling restart.
Dec 07 12:09:19 es-vm1 systemd[1]: kibana.service failed.
Dec 07 12:09:19 es-vm1 systemd[1]: Unit kibana.service entered failed state.
Dec 07 12:09:19 es-vm1 systemd[1]: kibana.service: main process exited, code=exited, status=1/FAILURE
Dec 07 12:09:19 es-vm1 kibana[12549]: }
Dec 07 12:09:19 es-vm1 kibana[12549]: path: '/etc/kibana/kibana.yml'
Dec 07 12:09:19 es-vm1 kibana[12549]: code: 'EACCES',
Dec 07 12:09:19 es-vm1 kibana[12549]: syscall: 'open',
Dec 07 12:09:19 es-vm1 kibana[12549]: errno: -13,
Dec 07 12:09:19 es-vm1 kibana[12549]: at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10) {
Dec 07 12:09:19 es-vm1 kibana[12549]: at Module._compile (internal/modules/cjs/loader.js:1085:14)
Dec 07 12:09:19 es-vm1 kibana[12549]: at Object.<anonymous> (/usr/share/kibana/src/cli/dist.js:10:17)
Dec 07 12:09:19 es-vm1 kibana[12549]: at module.exports (/usr/share/kibana/src/cli/apm.js:27:3)
Dec 07 12:09:19 es-vm1 kibana[12549]: at initApm (/usr/share/kibana/node_modules/@kbn/apm-config-loader/target_node/init_apm.js:18:64)
Dec 07 12:09:19 es-vm1 kibana[12549]: at loadConfiguration (/usr/share/kibana/node_modules/@kbn/apm-config-loader/target_node/config_loader.js:30:58)
Dec 07 12:09:19 es-vm1 kibana[12549]: at getConfigFromFiles (/usr/share/kibana/node_modules/@kbn/apm-config-loader/target_node/utils/read_config.js:57:18)
Dec 07 12:09:19 es-vm1 kibana[12549]: at readYaml (/usr/share/kibana/node_modules/@kbn/apm-config-loader/target_node/utils/read_config.js:25:69)
Dec 07 12:09:19 es-vm1 kibana[12549]: at readFileSync (fs.js:393:35)
Dec 07 12:09:19 es-vm1 kibana[12549]: at Object.openSync (fs.js:497:3)
Dec 07 12:09:19 es-vm1 kibana[12549]: Error: EACCES: permission denied, open '/etc/kibana/kibana.yml'
Dec 07 12:09:19 es-vm1 kibana[12549]: ^
Dec 07 12:09:19 es-vm1 kibana[12549]: throw err;
Dec 07 12:09:19 es-vm1 kibana[12549]: internal/fs/utils.js:332
The kibana.yml file is all default other than:
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"
# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""
# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# This setting was effectively always `false` before Kibana 6.3 and will
# default to `true` starting in Kibana 7.0.
#server.rewriteBasePath: false
# The maximum payload size in bytes for incoming server requests.
#server.maxPayloadBytes: 1048576
# The Kibana server's name. This is used for display purposes.
#server.name: "your-hostname"
# The URL of the Elasticsearch instance to use for all your queries.
elasticsearch.hosts: http://localhost:9200
# When this setting's value is true Kibana uses the hostname specified in the server.host
# setting. When the value of this setting is false, Kibana uses the hostname of the host
# that connects to this Kibana instance.
#elasticsearch.preserveHost: true
# Kibana uses an index in Elasticsearch to store saved searches, visualizations and
# dashboards. Kibana creates a new index if the index doesn't already exist.
#kibana.index: ".kibana"
# The default application to load.
#kibana.defaultAppId: "home"
# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
elasticsearch.username: "elastic"
elasticsearch.password: "asdasd2323"
# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/elastic-ca.pem" ]
# Set the value of this setting to true to log all events, including system usage information
# and all requests.
logging.verbose: true
Any ideas? Thanks!