Newcomers seeking advice

sir_t · October 27, 2022, 4:42am

I want to run docker Elasticsearch and kibana containers separately on a cloud server, I tried to build it myself, but I can only access elasticsearch remotely by configuring https, how do I go about it, can you give me the detailed steps?

This was tried elasticsearch.yml configuration

cluster.name: "docker-cluster"
network.host: 0.0.0.0

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically      
# generated to configure Elasticsearch security features on 27-10-2022 01:14:43
#
# --------------------------------------------------------------------------------

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: elastic-certificates.p12
  truststore.path: elastic-certificates.p12
#----------------------- END SECURITY AUTO CONFIGURATION -------------------------

kibana.yml

server.host: "0.0.0.0"
server.shutdownTimeout: "5s"
elasticsearch.hosts: [ "https://cloud server ip:9200", "https://elastic:9200" ]
monitoring.ui.container.elasticsearch.enabled: true

elasticsearch.username: "kibana"
elasticsearch.password: "RWBEOWjEX129JDkoa2ve"

elasticsearch.ssl.certificateAuthorities: /usr/share/kibana/config/elasticsearch-ca.pem

server.ssl.certificate: /usr/share/kibana/config/kibana-server.crt
server.ssl.key: /usr/share/kibana/config/kibana-server.key
server.ssl.enabled: true

xpack.encryptedSavedObjects.encryptionKey: acae6d3fd3f3f0998e96483e37a679aa
xpack.reporting.encryptionKey: 6cd9121a58729050292d0797c26478d6
xpack.security.encryptionKey: 28001bac97bb05454d6f7a6e461309c8

kibana logs

[2022-10-27T04:11:42.726+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. getaddrinfo EAI_AGAIN elastic
[2022-10-27T04:11:43.188+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/x-pack/plugins/screenshotting/chromium/headless_shell-linux_x64/headless_shell
[2022-10-27T04:31:42.049+00:00][ERROR][plugins.ruleRegistry] Error: Timeout: it took more than 1200000ms
    at Timeout._onTimeout (/usr/share/kibana/x-pack/plugins/rule_registry/server/rule_data_plugin_service/resource_installer.js:61:20)
    at listOnTimeout (node:internal/timers:559:17)
    at processTimers (node:internal/timers:502:7)
[2022-10-27T04:31:42.051+00:00][ERROR][plugins.ruleRegistry] Error: Failure installing common resources shared between all indices. Timeout: it took more than 1200000ms
    at ResourceInstaller.installWithTimeout (/usr/share/kibana/x-pack/plugins/rule_registry/server/rule_data_plugin_service/resource_installer.js:75:13)
    at ResourceInstaller.installCommonResources (/usr/share/kibana/x-pack/plugins/rule_registry/server/rule_data_plugin_service/resource_installer.js:89:5)

jsanz · October 27, 2022, 12:01pm

Take a look at the official documentation about Docker and specially the Docker Compose section, since the configuration shared has some shell scripting code that helps configuring the setting to enable secure communication between Elasticsearch and Kibana.

system · November 24, 2022, 12:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.