Hi, I want to run elastic and kibana with these configuration but i got
Kibana server is not ready yet.
Here is my elastic docker compose :
version: '3.7'
services:
elasticsearch-elk:
image: focker.ir/elasticsearch/elasticsearch:8.13.4
container_name: ${NODE_NAME}
restart: unless-stopped
hostname: ${NODE_NAME}
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 131072
hard: 131072
nproc: 8192
fsize: -1
networks:
- elk-network
ports:
- 9200:9200/tcp
- 9300:9300/tcp
volumes:
- $PWD/var/lib/elasticsearch:/usr/share/elasticsearch/data
- $PWD/etc/certs:/usr/share/elasticsearch/config/certificates
environment:
ES_JAVA_OPTS: '-Xms12g -Xmx12g'
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
cluster.name: single-node-cluster
node.name: elasticsearch-elk
bootstrap.memory_lock: 'true'
network.bind_host: 0.0.0.0
network.publish_host: 172.31.0.74
http.port: 9200
discovery.type: single-node
indices.query.bool.max_clause_count: 8192
search.max_buckets: 250000
action.destructive_requires_name: 'true'
xpack.security.http.ssl.key: /usr/share/elasticsearch/config/certificates/node.key
xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/certificates/node.pem
xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/root-ca.pem
xpack.security.http.ssl.verification_mode: 'none'
xpack.security.http.ssl.enabled: 'true'
xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/certificates/node.key
xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/certificates/node.pem
xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/root-ca.pem
xpack.security.transport.ssl.verification_mode: 'none'
xpack.security.transport.ssl.enabled: 'true'
xpack.security.enabled: 'true'
xpack.security.audit.enabled: 'false'
networks:
elk-network:
external: true
and Here is my Kibana configuration
version: '3.7'
services:
kibana:
image: focker.ir/kibana/kibana:8.13.4
container_name: kibana-elk
restart: unless-stopped
hostname: KIB_NODE_ELK
networks:
- elk-network
ports:
- 5601:5601/tcp
environment:
SERVER_NAME: 'KIB_NODE_ELK'
SERVER_HOST: '0.0.0.0'
SERVER_PORT: 5601
ELASTICSEARCH_HOSTS: 'https://172.22.0.2:9200'
ELASTICSEARCH_USERNAME: 'kibana_system'
ELASTICSEARCH_PASSWORD: 'oxe2NqMmH3nNTL'
ELASTICSEARCH_SSL_VERIFICATIONMODE: 'none'
ELASTICSEARCH_REQUESTTIMEOUT: 180000
ELASTICSEARCH_SHARDTIMEOUT: 180000
XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 'oM9K5fl3nbvW0eHG9M6V9xpzMq4DpIUk'
XPACK_SECURITY_ENCRYPTIONKEY: 'a3V9op6LF0Rbpl8VZlPr0sJtiWp2NvcH'
XPACK_REPORTING_ENCRYPTIONKEY: '8lfPqWmTYnRmVs0J1u7iLxGVnx1nTmDr'
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
networks:
elk-network:
external: true
and also here is my .env [it's not production]
ELASTIC_USER=elastic
ELASTIC_PASSWORD=oxe2NqMmH3nNTL
NODE_NAME=ELK_LG
and here is my kibana container logs:
docker logs -f kibana-elk
Kibana is currently running with legacy OpenSSL providers enabled! For details and instructions on how to disable see https://www.elastic.co/guide/en/kibana/8.13/production.html#openssl-legacy-provider
{"log.level":"info","@timestamp":"2024-05-15T09:03:13.460Z","log.logger":"elastic-apm-node","ecs.version":"8.10.0","agentVersion":"4.4.0","env":{"pid":7,"proctitle":"/usr/share/kibana/bin/../node/bin/node","os":"linux 5.15.0-105-generic","arch":"x64","host":"KIB_NODE_ELK","timezone":"UTC+00","runtime":"Node.js v20.12.2"},"config":{"active":{"source":"start","value":true},"breakdownMetrics":{"source":"start","value":false},"captureBody":{"source":"start","value":"off","commonName":"capture_body"},"captureHeaders":{"source":"start","value":false},"centralConfig":{"source":"start","value":false},"contextPropagationOnly":{"source":"start","value":true},"environment":{"source":"start","value":"production"},"globalLabels":{"source":"start","value":[["git_rev","f5dc24d1969f80e4aa3ced7cc375dd00554f8c0c"]],"sourceValue":{"git_rev":"f5dc24d1969f80e4aa3ced7cc375dd00554f8c0c"}},"logLevel":{"source":"default","value":"info","commonName":"log_level"},"metricsInterval":{"source":"start","value":120,"sourceValue":"120s"},"serverUrl":{"source":"start","value":"https://kibana-cloud-apm.apm.us-east-1.aws.found.io/","commonName":"server_url"},"transactionSampleRate":{"source":"start","value":0.1,"commonName":"transaction_sample_rate"},"captureSpanStackTraces":{"source":"start","sourceValue":false},"secretToken":{"source":"start","value":"[REDACTED]","commonName":"secret_token"},"serviceName":{"source":"start","value":"kibana","commonName":"service_name"},"serviceVersion":{"source":"start","value":"8.13.4","commonName":"service_version"}},"activationMethod":"require","message":"Elastic APM Node.js Agent v4.4.0"}
Native global console methods have been overridden in production environment.
[2024-05-15T09:03:15.942+00:00][INFO ][root] Kibana is starting
[2024-05-15T09:03:16.026+00:00][INFO ][node] Kibana process configured with roles: [background_tasks, ui]
[2024-05-15T09:03:27.208+00:00][INFO ][plugins-service] The following plugins are disabled: "cloudChat,cloudExperiments,cloudFullStory,profilingDataAccess,profiling,securitySolutionServerless,serverless,serverlessObservability,serverlessSearch".
[2024-05-15T09:03:27.310+00:00][INFO ][http.server.Preboot] http server running at http://0.0.0.0:5601
[2024-05-15T09:03:27.496+00:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
[2024-05-15T09:03:27.569+00:00][WARN ][config.deprecation] The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set "xpack.reporting.roles.enabled" to "false" to adopt the future behavior before upgrading.
[2024-05-15T09:03:32.005+00:00][INFO ][plugins-system.standard] Setting up [149] plugins: [devTools,translations,share,screenshotMode,usageCollection,telemetryCollectionManager,telemetryCollectionXpack,taskManager,kibanaUsageCollection,cloud,newsfeed,savedObjectsFinder,noDataPage,monitoringCollection,licensing,mapsEms,globalSearch,globalSearchProviders,features,guidedOnboarding,banners,licenseApiGuard,customBranding,ftrApis,fieldFormats,expressions,screenshotting,esUiShared,customIntegrations,contentManagement,dataViews,home,searchprofiler,painlessLab,management,spaces,security,telemetry,licenseManagement,snapshotRestore,lists,files,encryptedSavedObjects,eventLog,actions,notifications,cloudDataMigration,advancedSettings,grokdebugger,console,bfetch,data,savedObjectsTagging,savedObjectsManagement,unifiedSearch,graph,alerting,embeddable,uiActionsEnhanced,savedSearch,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,controls,fileUpload,ingestPipelines,ecsDataQualityDashboard,dataViewFieldEditor,dataViewManagement,charts,watcher,visualizations,visTypeXy,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,visTypeHeatmap,inputControlVis,expressionTagcloud,expressionPartitionVis,visTypePie,expressionMetricVis,expressionLegacyMetricVis,expressionHeatmap,expressionGauge,visTypeGauge,eventAnnotation,expressionXY,dashboard,lens,triggersActionsUi,transform,stackConnectors,stackAlerts,ruleRegistry,cases,timelines,sessionView,kubernetesSecurity,threatIntelligence,metricsDataAccess,aiops,links,discover,reporting,canvas,fleet,osquery,logsExplorer,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,datasetQuality,cloudSecurityPosture,cloudDefend,discoverEnhanced,maps,dataVisualizer,ml,observabilityAIAssistant,logsShared,observabilityLogsExplorer,enterpriseSearch,observability,uptime,synthetics,observabilityOnboarding,elasticAssistant,securitySolution,securitySolutionEss,dashboardEnhanced,apmDataAccess,infra,upgradeAssistant,monitoring,logstash,assetManager,apm,ux]
[2024-05-15T09:03:32.302+00:00][INFO ][plugins.taskManager] TaskManager is identified by the Kibana UUID: d89ad948-7ceb-4bb3-b083-5a505a085f16
[2024-05-15T09:03:32.814+00:00][INFO ][custom-branding-service] CustomBrandingService registering plugin: customBranding
[2024-05-15T09:03:33.621+00:00][WARN ][plugins.screenshotting.config] Chromium sandbox provides an additional layer of protection, but is not supported for Linux Ubuntu 20.04 OS. Automatically setting 'xpack.screenshotting.browser.chromium.disableSandbox: true'.
[2024-05-15T09:03:34.110+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
[2024-05-15T09:03:34.151+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
[2024-05-15T09:03:34.388+00:00][INFO ][plugins.encryptedSavedObjects] Hashed 'xpack.encryptedSavedObjects.encryptionKey' for this instance: +rW6aIzGO0BucOtdK6SaIjrcIqw3Lr+VwtL7U3j3C68=
[2024-05-15T09:03:34.594+00:00][INFO ][plugins.notifications] Email Service Error: Email connector not specified.
[2024-05-15T09:03:34.942+00:00][INFO ][plugins.alerting] using indexes and aliases for persisting alerts
[2024-05-15T09:03:37.959+00:00][INFO ][plugins.cloudSecurityPosture] Registered task successfully [Task: cloud_security_posture-stats_task]
[2024-05-15T09:03:41.996+00:00][INFO ][plugins.securitySolution.endpoint:user-artifact-packager:1.0.0] Registering endpoint:user-artifact-packager task with timeout of [20m], interval of [60s] and policy update batch size of [25]
[2024-05-15T09:03:42.617+00:00][INFO ][plugins.assetManager] Server is NOT enabled
[2024-05-15T09:03:43.216+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception
Root causes:
security_exception: unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
[2024-05-15T09:03:44.130+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/node_modules/@kbn/screenshotting-plugin/chromium/headless_shell-linux_x64/headless_shell
docker network inspect elk-network
[
{
"Name": "elk-network",
"Id": "59102b6438e42a7cdb7370bf32ab31d9c684ddc37af9e6a305b6a8503fcebc9c",
"Created": "2024-05-15T10:17:33.212808194+03:30",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.22.0.0/16",
"Gateway": "172.22.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"ab6f430d9049283a02409acd2abf41553e571f5a973ed6c7c6138da31bf3645e": {
"Name": "ELK_LG",
"EndpointID": "3b60af61d274fa56a9706c37fb80b49cc614c2a46ac89858e79b67ca1a1a750d",
"MacAddress": "02:42:ac:16:00:02",
"IPv4Address": "172.22.0.2/16",
"IPv6Address": ""
},
"c19bf038aae98277c9a6d605e8e7cbf09885288689ccafbec74088ac9a3ca9e6": {
"Name": "kibana-elk",
"EndpointID": "7da0a0cdfb6ba629b0e2e22515e81e8b90f849f99fed25f0f878ee2a17c36a50",
"MacAddress": "02:42:ac:16:00:03",
"IPv4Address": "172.22.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c19bf038aae9 focker.ir/kibana/kibana:8.13.4 "/bin/tini -- /usr/l…" 12 minutes ago Up 12 minutes 0.0.0.0:5601->5601/tcp kibana-elk
ab6f430d9049 focker.ir/elasticsearch/elasticsearch:8.13.4 "/bin/tini -- /usr/l…" 52 minutes ago Up 52 minutes 0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp ELK_LG
Can you help me for solve my problems?