Kibana server.host "0.0.0.0" hostname" must be a valid hostname

Bharath_venkat · October 21, 2019, 12:06pm

I am trying to create SAML SSO authentication and secure elk with TLS/SSL on kubernetes . Following the post. I got stuck while deploying kibana . Part of config file looks as below
data:
kibana.yml: |
server.name: sample-kibana
server.host: "0.0.0.0"
elasticsearch.url: https://sample-elasticsearch:9200

after deploying kibana the container crashes with below error

$ kubectl logs sample-kibana-769977668c-crdxf -n elasticsearch
{"type":"log","@timestamp":"2019-10-21T11:24:27Z","tags":["plugin","warning"],"pid":1,"path":"/usr/share/kibana/src/legacy/core_plugins/ems_util","message":"Skipping non-plugin directory at /usr/share/kibana/src/legacy/core_plugins/ems_util"}
{"type":"log","@timestamp":"2019-10-21T11:24:27Z","tags":["fatal","root"],"pid":1,"message":"{ ValidationError: child "xpack" fails because [child "security" fails because [child "public" fails because [child "hostname" fails because ["hostname" must be a valid hostname]]]]\n at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:196:19)\n at internals.Object._validateWithOptions (/usr/share/kibana/node_modules/joi/lib/types/any/index.js:675:31)\n at module.exports.internals.Any.root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:146:23)\n at Config._commit (/usr/share/kibana/src/server/config/config.js:139:35)\n at Config.set (/usr/share/kibana/src/server/config/config.js:108:10)\n at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:81:10)\n at extendConfigService (/usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:10) name: 'ValidationError' }"}

FATAL ValidationError: child "xpack" fails because [child "security" fails because [child "public" fails because [child "hostname" fails because ["hostname" must be a valid hostname]]]]

I am not sure what i am missing here . I would highly appreciate some help here.

flash1293 · October 21, 2019, 12:34pm

Judging from the blog post you didn't specify a valid hostname in the xpack.security section:
The post shows this:

xpack.security.public:
      protocol: https
      hostname: KIBANA_URL

KIBANA_URL has to be replaced with your hostname, but you have to make sure it's just the hostname (not the port, not the protocol). Maybe you used https://your.kibana.domain.com or your.kibana.domain.com:5601? You have to put just your.kibana.domain.com in there

Bharath_venkat · October 21, 2019, 3:55pm

Thanks for your quick reply . I tried by giving the kibana url . But still container fails with same error . Below is the config with the changes

apiVersion: v1
kind: ConfigMap
metadata:
name: sample-kibana-configmap
namespace: elasticsearch
data:
kibana.yml: |
server.name: sample-kibana
server.host: "0.0.0.0"
elasticsearch.url: https://sample-elasticsearch:9200
xpack.monitoring.ui.container.elasticsearch.enabled: true
elasticsearch.username: kibana
elasticsearch.password: password1$
xpack.security.encryptionKey: "something_at_least_32_characters"
elasticsearch.ssl.certificateAuthorities: "/usr/share/kibana/config/elastic-stack-ca.pem"
server.ssl.enabled: true
server.ssl.key: "/usr/share/kibana/config/instance.key"
server.ssl.certificate: "/usr/share/kibana/config/instance.crt"
xpack.monitoring.elasticsearch.ssl.verificationMode: certificate
elasticsearch.ssl.verificationMode: certificate
xpack.security.authProviders: [saml, basic]
server.xsrf.whitelist: [/api/security/v1/saml]
xpack.security.public:
protocol: https
hostname: https://saml-aad.elastictest.co

Bharath_venkat · October 21, 2019, 3:58pm

sorry . Had to remove https from the kibana_url . It worked. Thank you

system · November 18, 2019, 3:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.