Possible to run a remote Kibana instance that communicates with managed Elastic Stack?

I might be missing something, but I'm having a hard time trying to connect an externally hosted Kibana instance to an Elasticsearch instance hosted on Elastic.co's managed Elastic Stack product (Elasticsearch Service: Managed Elasticsearch on AWS, Google Cloud, and Azure | Elastic).

The reason I'm trying to run an external version of Kibana is because I need to run a custom Kibana plugin. The reason I'm trying to connect to a managed version of Elasticsearch is because that's where the data exists currently, and because I'd prefer to have Elasticsearch remain managed.

The remote Kibana will need to have all privileges on the managed Elasticsearch instance.

Is there some documentation that describes how to set this up? Is it supported?

Thanks!

Hi @GavinAnderegg

Yes this shouldn't be a problem. I don't know if there is a specific guide you will ned to follow, but you should just be able to configure your kibana.yml to point to your cloud elasticsearch url and then go from there. You will probably also have to configure your security settings appropriately.

You may run into some issues if you are trying to run a kibana instance on the cloud as well as this other instance, so you would probably need to look into what settings are required when running multiple kibana instances.

2 Likes

Hi Corey,

Thanks so much for the quick reply!

Just to confirm: do you think there would be issues running multiple versions of Kibana? It's likely that the cloud version of Kibana would need to be kept running, and the external version would also be used. Do you foresee that being an issue?

Thanks again!

There are instructions for running Kibana behind a load balancer (Use Kibana in a production environment | Kibana Guide [7.14] | Elastic). Even though that's not exactly what you are doing, it would probably be a good starting point for what will need to be different between the two configurations.

Thanks, I was able to get this set up!

The biggest stumbling block for me was that I needed to set elasticsearch.username and elasticsearch.password (in kibana.yml) to the credentials created during the initial setup of the managed instance. These were used to get passed the HTTP basic auth that was preventing Kibana from accessing the server.

Thanks again for your help on this!

1 Like

Hi Corey,

After poking around with this, I ran into one more issue. In the documentation you linked, there's a section saying that the following keys need to be the same on all instances:

xpack.security.encryptionKey //decrypting session information
xpack.reporting.encryptionKey //decrypting reports
xpack.encryptedSavedObjects.encryptionKey // decrypting saved objects
xpack.encryptedSavedObjects.keyRotation.decryptionOnlyKeys // saved objects encryption key rotation, if any

However, I can't find a way to access these keys on the managed instance of Kibana. In other words, I don't know how to make the external Kibana instance have the same keys as the managed instance. This leads to saved objects (and potentially other data) being unreadable between the two instances.

I found some documentation that tells me how to change some settings in the Kibana instance (Add Kibana user settings | Elasticsearch Service Documentation | Elastic), but opening the managed kibana.yml file doesn't display the keys. Also, it doesn't look like the keys can be overridden in that file anyway, as they're not in the supported list (Add Kibana user settings | Elasticsearch Service Documentation | Elastic). That said, I wouldn't want to reset these keys on the managed instance, as that would result in data loss.

Do you know if there's a way around this?

Thanks!