Currently got multiple kibana instances using the same .kibana and .reporting index in the same elastic cluster, initially they used a random generated encryptionKey but now I've configured it like this:
xpack.reporting.encryptionKey: kibana-reports
But still seeing this on launch of kibana:
{"type":"log","@timestamp":"2019-11-21T09:17:38Z","tags":["warning","plugins","security","config"],"pid":2022,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml"}
Kibana is actually complaining about a different setting here: xpack.security.encryptionKey
vs xpack.reporting.encryptionKey
There are a couple of different encryption keys that Kibana asks you to set. The security encryption key is used to encrypt the session cookies when users login to Kibana. You will want to set this to the same value on each Kibana instance, so that all instances know how to decrypt the session cookie, regardless of which instance initially created it.
The reporting encryption key is used to encrypt sensitive data in the .reporting index, and should likewise be the same across all of your Kibana instances that share the same .reporting index.
It's not necessary to set xpack.reporting.encryptionKey and xpack.security.encryptionKey to the same value though -- you can (and should) use distinct encryption keys for each of these settings, but they should be consistent across all of your instances.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
thanks for pointing out the obviously hard to see