Kibana on Arch Linux: "NetworkError when attempting to fetch resource."

Hello everyone,

I have been tasked with setting up a self-hosted instance of ELK in a KVM environment using Arch Linux. The root filesystem is write-protected (at runtime) and any directories or files that services need to write to must therefor be sym-linked to another partition (/srv/ in this case). This is standard practice where I work and works well for other servies such as web-based applications and databases etc.

My problem is that, despite having followed the installation and configuration guides, I am getting the following error when attempting to access Kibana. Multiple browsers tested - same result:

I suspect that the error I'm seeing is very likely related to the write-protected root fs that my VM is confined to and I was wondering if anyone could perhaps suggest other directories or files (besides the ones mentioned below) that I should keep in mind...

Here is an overview of the various sym-links crated for Elasticsearch and Kibana:

Here is the contents of my kibana.yml and elasticsearch.yml files:

Here is the output of "netstat -tunpl", which seems fine to me.

I also don't see anything unusual in "/srv/kibana/log/kibana.log" immediately after trying to access the web page.

Also, nothing seemingly out of the ordinary in "/srv/elasticsearch/log/hekseldaja.log".

In terms of systemd (journalctl) output I also don't see anything particularly unusual.

elasticsearch, kibana and jre8 versions:

pacman -Q |grep elasticsearch
elasticsearch 7.10.1-1

pacman -Q |grep kibana
kibana 7.10.1-1

pacman -Q |grep jre
jre8-openjdk-headless 8.u292-1

Output from a variety of (possibly) relevant curl commands on the VM.

Thanks in advance for any helpful comments!

Does this help?

CC @jbudz


Unfortunately not. I've been spending the past week or so going over the official install guides with no success.

Ok I have pinged our ops team for help.


@bhavyarm Thank you very much!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.