Hello,
I'm building a new a elasticsearch,kibana,logstash cluster.
I was able to create a 3 node elasticsearch cluster with x-pack security.
I set the password to all my default users in elasticsearch.
I installed an elasticsearch service on my kibana server and set the followings to coordinate the kibana:
node.master: false
node.data: false
node.ingest: false
node.ml: false
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
discovery.seed_hosts: ["elk-es-infra-01", "elk-es-infra-02", "elk-es-infra-03"]
network.host: localhost
http.port: 9200
transport.host: 172.25.8.205
transport.tcp.port: 9300
path.logs: /var/log/elasticsearch
cluster.name: elk-infra
My ES cluster configuration
cluster.name: elk-infra
node.name: es-node-01
path.data: /elk/elasticsearch/data
path.logs: /elk/elasticsearch/log
http.port: 9200
discovery.seed_hosts: ["elk-es-infra-01", "elk-es-infra-02", "elk-es-infra-03"]
cluster.initial_master_nodes: ["es-node-01", "es-node-02", "es-node-03"]
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
My kibana configuration
server.port: 5601
server.host: "172.25.8.205"
server.name: "elk-ki-infra-01"
elasticsearch.username: "kibana"
elasticsearch.password: "notforpublic"
pid.file: /var/run/kibana.pid
logging.dest: /var/log/kibana/kibana.log
logging.verbose: true
My kibana service starts up and exit with the last line of the log:
{"type":"log","@timestamp":"2020-01-30T14:34:31Z","tags":["debug","root"],"pid":3605,"message":"shutting root down"}
Warnings in the kibana log but no error:
{"type":"log","@timestamp":"2020-01-30T14:34:26Z","tags":["warning","plugins","security","config"],"pid":3605,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml"}
{"type":"log","@timestamp":"2020-01-30T14:34:26Z","tags":["warning","plugins","security","config"],"pid":3605,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
{"type":"log","@timestamp":"2020-01-30T14:34:29Z","tags":["warning","legacy-plugins"],"pid":3605,"path":"/usr/share/kibana/src/legacy/core_plugins/visualizations","message":"Skipping non-plugin directory at /usr/share/kibana/src/legacy/core_plugins/visualizations"}
Everything is on Centos, no firewall between them.
I can do a curl -XGET 'http://localhost:9200/_cluster/health?pretty' with kibana user and password working without a problem.
Could you please help me what did I miss ?