Random Logout of Multiple Load Balanced Kibana on Multiple Elasticsearch Clusters

Hi all,

SETUP:

Analytics Cluster
1 Kibana Load Balancer (Sticky Session configured)
2 Analytics Kibana instances connecting to Coordinating Nodes
2 Coordinating Nodes
3 Data Nodes

Monitoring Cluster
1 Kibana Load Balancer (Sticky Session configured)
2 Analytics Kibana instances connecting to Monitoring Nodes
2 Monitoring Nodes

COMPONENTS DISTRIBUTION
HOST #1
Kibana Analytics #1
Kibana Monitoring #1
Coordinating Node #1
Monitoring Node #1

HOST #2
Kibana Analytics #2
Kibana Monitoring #2
Coordinating Node #2
Monitoring Node #2

  • all 4 Kibana instances have the load balanced elasticsearch hosts configuration (e.g. elasticsearch.hosts: [host:9200,host2:9201]) to connect to proper clusters like explained in High Availability Across Multiple Elasticsearch Nodes paragraph
  • both ES clusters have the same users definition (elastic/elastic, kibana/kibana and so on..)

ISSUE:
when I login to Kibana Analytics and I do the same (with the same or different user, in the same or different moment) to Kibana Monitoring they both logout.

TESTED USE CASES

  • All 4 Kibana instances running: KO
  • 1 single Kibana instance of each type running on the same host (eg. HOST #1): KO
  • 1 single Kibana instance of each type running on different hosts: KO
  • I defined a different kibana_system user to be used by a specific kibana instance: KO

Do you have any suggestions?
Thanks

Hi guys,
in addition (I'm working with Alessandro): we bypassed LB and used Kibana straight on hosts, but the issue persists. I checked on both KB instances (monitoring and analytics) log files (verbose: true) but didn't find nothing special except for a lot of 304 http code and a correct login as you can see:

{"type":"log","@timestamp":"2019-11-15T14:07:53Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Trying to perform a login."}
{"type":"log","@timestamp":"2019-11-15T14:07:53Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Login has been successfully performed."} 

I found also the following message (frequently)

{"type":"log","@timestamp":"2019-11-15T14:20:27Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Trying to authenticate via header."}
{"type":"log","@timestamp":"2019-11-15T14:20:27Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Authorization header is not presented."}

Thanks

Solved.
We set the following properties in kibana.yml files:
xpack.security.cookieName
xpack.security.encryptionKey

NB: these properties should be reported inside Using Kibana in a production environment in a proper paragraph dedicated to Kibana for Monitoring and Kibana for Analytics clusters, in my opinion :slight_smile:

Thanks