"license","warning","xpack"

flyboyacsrao · July 29, 2019, 3:53am

Hi Team

I installed Elasticsearch 6.8 and kibana 6.8, with basic license, for some time both were working find. now i am unable to get my Kibana working, though the ES is green and i can see all my app logs being pumped to ES with auth enabled...

My kibana log says:
{"type":"log","@timestamp":"2019-07-29T03:41:39Z","tags":["license","warning","xpack"],"pid":28265,"message":"License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. Error: Request Timeout after 30000ms"}
{"type":"log","@timestamp":"2019-07-29T03:42:09Z","tags":["warning","task_manager"],"pid":28265,"message":"PollError Request Timeout after 30000ms"}
{"type":"log","@timestamp":"2019-07-29T03:42:39Z","tags":["license","warning","xpack"],"pid":28265,"message":"License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. Error: Request Timeout after 30000ms"}
{"type":"log","@timestamp":"2019-07-29T03:42:42Z","tags":["warning","task_manager"],"pid":28265,"message":"PollError Request Timeout after 30000ms"}

My kibana yml:

elasticsearch.url: "http://x.x.x.x:9200"
server.host: "x.x.x.x"

elasticsearch.username: "kibana"
elasticsearch.password: "xxxxxx"

xpack.security.enabled: true
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: true
xpack.watcher.enabled: false
xpack.ccr.enabled: false

My elasticsearch yml:

cluster.name: "xxxxxxxxxxxxxxxxxxxxx"
node.name: ${HOSTNAME}
node.master: true
node.data: false
cluster.routing.allocation.awareness.force.zone.values: 1A, 1B
cluster.routing.allocation.awareness.attributes: zone
node.attr.zone: 1A
discovery.zen.ping.unicast.hosts: ["xxxxx", "xxxxxx", "xxxxx"]
path.data: /esdata/data/
path.logs: /esdata/logs/
network.host: x.x.x.x
discovery.zen.minimum_master_nodes: 2
http.port: 9200
gateway.recover_after_nodes: 1
bootstrap.system_call_filter: false

xpack.security.enabled: true
xpack.security.authc.accept_default_password: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12

My License details:
{
"license" : {
"status" : "active",
"uid" : "d7d4d0ce-9d8d-402d-92c4-2093691bf643",
"type" : "basic",
"issue_date" : "2019-05-28T05:28:48.078Z",
"issue_date_in_millis" : 1559021328078,
"max_nodes" : 1000,
"issued_to" : "IMIConnect-Prod-Imonitor-Cluster",
"issuer" : "elasticsearch",
"start_date_in_millis" : -1
}
}

My x-pack status:

{
"build" : {
"hash" : "65b6179",
"date" : "2019-05-15T20:07:59.571448Z"
},
"license" : {
"uid" : "d7d4d0ce-9d8d-402d-92c4-2093691bf643",
"type" : "basic",
"mode" : "basic",
"status" : "active"
},
"features" : {
"ccr" : {
"description" : "Cross Cluster Replication",
"available" : false,
"enabled" : true
},
"graph" : {
"description" : "Graph Data Exploration for the Elastic Stack",
"available" : false,
"enabled" : true
},
"ilm" : {
"description" : "Index lifecycle management for the Elastic Stack",
"available" : true,
"enabled" : true
},
"logstash" : {
"description" : "Logstash management component for X-Pack",
"available" : false,
"enabled" : true
},
"ml" : {
"description" : "Machine Learning for the Elastic Stack",
"available" : false,
"enabled" : true,
"native_code_info" : {
"version" : "6.8.0",
"build_hash" : "e6cf25e2acc5ec"
}
},
"monitoring" : {
"description" : "Monitoring for the Elastic Stack",
"available" : true,
"enabled" : true
},
"rollup" : {
"description" : "Time series pre-aggregation and rollup",
"available" : true,
"enabled" : true
},
"security" : {
"description" : "Security for the Elastic Stack",
"available" : true,
"enabled" : true
},
"sql" : {
"description" : "SQL access to Elasticsearch",
"available" : true,
"enabled" : true
},
"watcher" : {
"description" : "Alerting, Notification and Automation for the Elastic Stack",
"available" : false,
"enabled" : true
}
},
"tagline" : "You know, for X"

Can some help me on this please

TimV · July 29, 2019, 4:35am

I have moved this to the Kibana topic.

Your problem does not appear to have anything to do with security or licensing. Your Kibana server cannot connect to Elasticsearch.

flyboyacsrao · July 29, 2019, 4:43am

Thanks Tim,

My cluster is hosted in AWS Cloud, its a three node cluster with two nodes as data & master, while the other node is dedicated master.

i have installed the kibana server in my master only node.,
I do see that the kibana is running when i checked the status from with in the server..

but when when i call the kibana server via browser,
it says kibana server is not ready..

"Kibana server is not ready yet"

but my cluster is green and indices are good and i can do a curl from the master node to other nodes..

TimV · July 29, 2019, 5:48am

From what you've written above, this is expected behaviour.

Kibana cannot connect to Elasticsearch, so it is not possible to access Kibana.

What we need to diagnose is why you are getting timeouts from Kibana to Elasticsearch when curl is working.

I would start by double checking that you can run curl from the kibana user, using exactly the same settings as in your kibana.yml (same url, same username, same password).

flyboyacsrao · July 29, 2019, 6:11am

Hi Tim

I Tried, and its working fine..

[root@ip-172-16-190-20 ~]# curl -XGET "http://kibana:xxxxxx@x.x.x.x:9200/_cluster/health"?pretty
{
"cluster_name" : "xxxxxxxxxxxxxxxxxxxxxxxxxx",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 3,
"number_of_data_nodes" : 2,
"active_primary_shards" : 299,
"active_shards" : 594,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0

We are using a load balancer over the data nodes..,
but when i try to connect curl through load balancer..

[root@ip-172-16-190-20 ~]# curl -XGET "http://kibana:xxxxxxx
@imonitor-datanode.imiconnect.net:9200/_cluster/health"?pretty
curl: (7) Failed to connect to imonitor-datanode.imiconnect.net port 9200: Connection timed out

Now i removed calling via load balancer and used the data node ip as URL..

when i restarted kibana...i get this error:

{"type":"log","@timestamp":"2019-07-29T06:07:53Z","tags":["error","task_manager"],"pid":10914,"message":"Failed to poll for work: [cluster_block_exception] blocked by: [FORBIDDEN/12/index read-only / allow delete (api)]; :: {"path":"/.kibana_task_manager/_doc/oss_telemetry-vis_telemetry/_update","query":{"if_seq_no":84,"if_primary_term":6,"refresh":"true"},"body":"{\"doc\":{\"type\":\"task\",\"task\":{\"taskType\":\"vis_telemetry\",\"state\":\"{\\\"runs\\\":9,\\\"stats\\\":{\\\"markdown\\\":{\\\"total\\\":1,\\\"spaces_min\\\":1,\\\"spaces_max\\\":1,\\\"spaces_avg\\\":1},\\\"table\\\":{\\\"total\\\":10,\\\"spaces_min\\\":10,\\\"spaces_max\\\":10,\\\"spaces_avg\\\":10},\\\"metric\\\":{\\\"total\\\":7,\\\"spaces_min\\\":7,\\\"spaces_max\\\":7,\\\"spaces_avg\\\":7},\\\"histogram\\\":{\\\"total\\\":3,\\\"spaces_min\\\":3,\\\"spaces_max\\\":3,\\\"spaces_avg\\\":3}}}\",\"params\":\"{}\",\"attempts\":0,\"scheduledAt\":\"2019-07-16T03:14:57.700Z\",\"runAt\":\"2019-07-29T06:12:53.760Z\",\"status\":\"running\"},\"kibana\":{\"uuid\":\"e7d14ee1-da18-4a35-8603-e088a5e7f45c\",\"version\":6080099,\"apiVersion\":1}}}","statusCode":403,"response":"{\"error\":{\"root_cause\":[{\"type\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];\"}],\"type\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];\"},\"status\":403}"}"}
{"type":"log","@timestamp":"2019-07-29T06:07:55Z","tags":["security","error"],"pid":10914,"message":"Error registering Kibana Privileges with Elasticsearch for kibana-.kibana: [cluster_block_exception] blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];, with { suppressed={ 0={ type="cluster_block_exception" & reason="blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];" } & 1={ type="cluster_block_exception" & reason="blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];" } & 2={ type="cluster_block_exception" & reason="blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];" } } }"}
{"type":"log","@timestamp":"2019-07-29T06:07:56Z","tags":["error","task_manager"],"pid":10914,"message":"Failed to poll for work: [cluster_block_exception] blocked by: [FORBIDDEN/12/index read-only / allow delete (api)]; :: {"path":"/.kibana_task_manager/_doc/oss_telemetry-vis_telemetry/_update","query":{"if_seq_no":84,"if_primary_term":6,"refresh":"true"},"body":"{\"doc\":{\"type\":\"task\",\"task\":{\"taskType\":\"vis_telemetry\",\"state\":\"{\\\"runs\\\":9,\\\"stats\\\":{\\\"markdown\\\":{\\\"total\\\":1,\\\"spaces_min\\\":1,\\\"spaces_max\\\":1,\\\"spaces_avg\\\":1},\\\"table\\\":{\\\"total\\\":10,\\\"spaces_min\\\":10,\\\"spaces_max\\\":10,\\\"spaces_avg\\\":10},\\\"metric\\\":{\\\"total\\\":7,\\\"spaces_min\\\":7,\\\"spaces_max\\\":7,\\\"spaces_avg\\\":7},\\\"histogram\\\":{\\\"total\\\":3,\\\"spaces_min\\\":3,\\\"spaces_max\\\":3,\\\"spaces_avg\\\":3}}}\",\"params\":\"{}\",\"attempts\":0,\"scheduledAt\":\"2019-07-16T03:14:57.700Z\",\"runAt\":\"2019-07-29T06:12:56.801Z\",\"status\":\"running\"},\"kibana\":{\"uuid\":\"e7d14ee1-da18-4a35-8603-e088a5e7f45c\",\"version\":6080099,\"apiVersion\":1}}}","statusCode":403,"response":"{\"error\":{\"root_cause\":[{\"type\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];\"}],\"type\":\"cluster_block_exception\",\"reason\":\"blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];\"},\"status\":403}"}"}

My node allocation is
[root@ip-172-16-190-20 ~]# curl -XGET "http://kibana:xxxxxxxxx@172.16.190.20:9200/_cat/allocation"?v
shards disk.indices disk.used disk.avail disk.total disk.percent host ip node
298 146.8gb 164.9gb 334.8gb 499.7gb 32 172.16.190.89 172.16.190.89 ip-172-16-190-89.eu-west-1.compute.internal
298 146.5gb 164.9gb 334.7gb 499.7gb 33 172.16.190.23 172.16.190.23 ip-172-16-190-23.eu-west-1.compute.internal

Christian_Dahlqvist · July 29, 2019, 7:57am

Are you running out of disk space for Elasticsearch?

flyboyacsrao · July 29, 2019, 9:09am

Hi Christian

We ran out of disk but than i cleaned up data via curl and as given in the earlier reply i do see that my disks are only 35% used.

Christian_Dahlqvist · July 29, 2019, 9:30am

Then you need to remove the index block. Search for watermark in the docs for an example.

flyboyacsrao · July 29, 2019, 11:11am

Thanks Christian and Tim

There seemed to be an issue with the aws load balancer, when we changed the Elasticsearch url to data node IP and set the curl -XPUT 'http://kibana:xxxxxxxx@x.x.x.x:9200/_settings {"index": { "blocks": { "read_only_allow_delete": "false" }}}'

then restarted Kibana., this solved the problem

Thanks for the wounderful guidance from Tim and Christian

system · August 26, 2019, 11:11am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.