Hello! I really need some help, been struggling with this.kibana_user roles but it has failed.
Could someone please help!
Here is my whole docker-compose file. I am using 8.13 as the stack version.
Thank you so much!
version: "3.8"
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${STACK_VERSION}
container_name: elasticsearch
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
expose:
- 9200
ports:
- "9200:9200"
environment:
- "ES_JAVA_OPTS=-Xms2g -Xmx2g"
- discovery.type=single-node
- node.store.allow_mmap=false
- xpack.security.enabled=true
- ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
kibana:
image: docker.elastic.co/kibana/kibana:${STACK_VERSION}
container_name: kibana
volumes:
- kibana_data:/usr/share/kibana/data
ports:
- "5601:5601"
environment:
- discovery.type=single-node
- ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}
- ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD}
volumes:
elasticsearch_data:
kibana_data:
dadoonet
April 29, 2024, 4:54pm
2
Hello! Thank you for your help!
This is the error that I keep getting:
2024-04-30 01:09:22 kibana | [2024-04-29T17:09:22.007+00:00][INFO ][plugins.assetManager] Server is NOT enabled
2024-04-30 01:09:22 kibana | [2024-04-29T17:09:22.827+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception
2024-04-30 01:09:22 kibana | Root causes:
2024-04-30 01:09:22 kibana | security_exception: unable to authenticate user [clara] for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
2024-04-30 01:09:25 kibana | [2024-04-29T17:09:25.246+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/node_modules/@kbn/screenshotting-
clara is the name of the service account i created for Elasticsearch to connect with kibana. But I cannot access the UI on localhost:5601
dadoonet
April 29, 2024, 7:13pm
4
How did you create this account? What are the privileges/roles you gave to it?
Do you mean my service account? I spun up the elastic container, and then went into the elastic container and executed this command:
curl -X POST -u elastic:my_password "http://localhost:9200/_security/service/elastic/kibana/credential/token/clara?pretty"
And this was the output printed in the console for me:
{
"created" : true,
"token" : {
"name" : "clara",
"value" : "XXXX"
}
}
I then used replace this password in my docker-compose env file ELASTICSEARCH_PASSWORD. Then i restarted the kibana container.
What did I do wrong?
TimV
April 30, 2024, 2:43am
6
There's been some mixup in terminology here.
What you created was a service token for the builtin elastic/kibana service account.
That means:
you didn't actually create a new user or service account (nor should you have, what you did was correct)
you didn't create a "password" - a service token fills the same role as a password, but it is not the same as a password.
Consequently this:
- ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}
- ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD}
is not going to be correct because clara is not a username and the token is not a password.
What you want instead is (I think - you might need to ask in the Kibana forum if this doesn't work )
- ELASTICSEARCH_SERVICEACCOUNTTOKEN=${ENV_WITH_THE_TOKEN_VALUE}
1 Like