Авторизация Kibana - failed to authenticate user [kibana]

Nurlan199206 · April 14, 2020, 7:51am

Всем привет.

Не получается настроить авторизацию в Kibana для Elasticsearch кластера состоящих из 3 мастер нод. Пароли заводил с помощью утилиты elasticsearch-setup-passwords auto

Хотя у меня получалось настраивать страницу авторизации для elasticsearch состоящей из одной ноды. Что я делаю не так?

конфиг elasticsearch.yml

    cluster.name: elastic-cluster
node.name: Node-1
node.data: true
node.attr.rack: r1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: server1
http.port: 9200
discovery.seed_hosts: ["server1", "server2", "server3"]
cluster.initial_master_nodes: ["server1", "server2", "server3"]

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

kibana.yml

server.port: 5601
server.host: "kibana"
#server.maxPayloadBytes: 3048576
xpack.reporting.csv.maxSizeBytes: 2048576000
xpack.reporting.queue.timeout: 2920000
xpack.reporting.kibanaServer.protocol: http
xpack.reporting.kibanaServer.hostname: kibana1
xpack.security.enabled: true
#xpack.security.encryptionKey: tTsjKOS96toodtATD0Dp7XOmjAqtcCXT

server.name: "elastic-cluster"

elasticsearch.hosts: ["http://server1:9200", "http://server2:9200", "http://server3:9200"]


logging.verbose: true

# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000.
#ops.interval: 5000

# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English - en , by default , Chinese - zh-CN .
#i18n.locale: "en"

#elasticsearch.username: "kibana"
elasticsearch.password: "password"

Igor_Motov · April 14, 2020, 11:15am

А если запуситить

curl -u kibana:password http://server1:9200/
curl -u kibana:password http://server2:9200/
curl -u kibana:password http://server3:9200/

с сервера, на котором kibana находиться, то что эти команды выдают?

Nurlan199206 · April 14, 2020, 12:10pm

   {
  "name" : "Node-1",
  "cluster_name" : "elastic-cluster",
  "cluster_uuid" : "j_WFW2FESYG0GSPqaF3Fzw",
  "version" : {
    "number" : "7.6.1",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "aa751e09be0a5072e8570670309b1f12348f023b",
    "build_date" : "2020-02-29T00:15:25.529771Z",
    "build_snapshot" : false,
    "lucene_version" : "8.4.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

curl -u kibana:password http://server2:9200/

{
  "name" : "Node-2",
  "cluster_name" : "elastic-cluster",
  "cluster_uuid" : "j_WFW2FESYG0GSPqaF3Fzw",
  "version" : {
    "number" : "7.6.1",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "aa751e09be0a5072e8570670309b1f12348f023b",
    "build_date" : "2020-02-29T00:15:25.529771Z",
    "build_snapshot" : false,
    "lucene_version" : "8.4.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

curl -u kibana:password http://server3:9200/

{
  "name" : "Node-3",
  "cluster_name" : "elastic-cluster",
  "cluster_uuid" : "j_WFW2FESYG0GSPqaF3Fzw",
  "version" : {
    "number" : "7.6.1",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "aa751e09be0a5072e8570670309b1f12348f023b",
    "build_date" : "2020-02-29T00:15:25.529771Z",
    "build_snapshot" : false,
    "lucene_version" : "8.4.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}


curl -u kibana:password -X GET "server1:9200/_cluster/health?pretty"
{
  "cluster_name" : "elastic-cluster",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 12,
  "active_shards" : 24,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

Nurlan199206 · April 14, 2020, 5:00pm

еще есть идеи? может в индексах что-нибудь неправильно записалось?

Igor_Motov · April 14, 2020, 5:31pm

А что в логах кибаны после перезагрузки?

Nurlan199206 · April 15, 2020, 5:02am

{"type":"log","@timestamp":"2020-04-15T04:59:16Z","tags":["debug","legacy-plugins"],"pid":8835,"path":"/usr/share/kibana/src/legacy/core_plugins/vis_type_vega","message":"Found plugin at /usr/share/kibana/src/legacy/core_plugins/vis_type_vega"}
    {"type":"log","@timestamp":"2020-04-15T04:59:16Z","tags":["debug","legacy-plugins"],"pid":8835,"path":"/usr/share/kibana/src/legacy/core_plugins/visualizations","message":"Found plugin at /usr/share/kibana/src/legacy/core_plugins/visualizations"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: logging"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: logging"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: logging"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: logging"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: logging"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: path"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: csp"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: elasticsearch"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: logging"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: server"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: plugins"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: dev"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: kibana"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: migrations"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: uiSettings"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: apm_oss"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: timelion"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: usageCollection"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: metrics"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.apm"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.case"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.cloud"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.code"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.encryptedSavedObjects"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.infra"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.licensing"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.security"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.siem"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.spaces"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: xpack.task_manager"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: path"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","config"],"pid":8835,"message":"Marking config path as handled: server"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","uuid"],"pid":8835,"message":"Resuming persistent Kibana instance UUID: 268fdf4a-cdbc-46b0-900a-f324f43aa34e"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","http"],"pid":8835,"message":"starting NotReady server"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","root"],"pid":8835,"message":"shutting root down"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["fatal","root"],"pid":8835,"message":"Error: Port 5601 is already in use. Another instance of Kibana may be running!\n    at Root.shutdown (/usr/share/kibana/src/core/server/root/index.js:67:18)\n    at Root.setup (/usr/share/kibana/src/core/server/root/index.js:46:18)\n    at process._tickCallback (internal/process/next_tick.js:68:7)"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","server"],"pid":8835,"message":"stopping server"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","legacy-service"],"pid":8835,"message":"stopping legacy service"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","plugins-service"],"pid":8835,"message":"Stopping plugins service"}
    {"type":"log","@timestamp":"2020-04-15T04:59:17Z","tags":["debug","elasticsearch-service"],"pid":8835,"message":"Stopping elasticsearch service"}

логи из elasticsearch.

[2020-04-15T11:20:19,430][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:19,430][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:22,146][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:23,416][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:26,149][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:31,152][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:34,153][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:38,657][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:41,156][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]
[2020-04-15T11:20:46,166][INFO ][o.e.x.s.a.AuthenticationService] [Node-1] Authentication of [kibana] was terminated by realm [reserved] - failed to authenticate user [kibana]

Nurlan199206 · April 15, 2020, 9:40am

Переустановил Kibana, ElasticSearch до версии 7.6.2 и все работает!!!

Видимо какой-то был баг в 7.6.1

system · May 13, 2020, 9:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Failed to authenticate user when starting kibana service Kibana	2	976	March 5, 2020
Local Setup Elasticsearch 7.2 and Kibana with Security Elasticsearch elastic-stack-security	3	1422	October 14, 2019
Failed to authenticate user elastic Elasticsearch elastic-stack-security	4	1004	September 17, 2020
Cannot authenticate with kibana user to the stack after I enabled security 7.7.1 Kibana elastic-stack-security	5	1137	December 7, 2020
How to Reconfigure the setup-password for the elastic cluster, as we are getting the authentication error for all the users Elasticsearch elastic-stack-security	2	275	January 18, 2021

Авторизация Kibana - failed to authenticate user [kibana]

Related topics