X-Pack Basic License Installation


(El Joey Jojo) #1

Setup X-Pack and only wanna use Basic so I try to follow the instructions but nope, nothing works. Tried with the "elastic" "kibana" and even an "admin" user account I created with "superuser" role inside ElasticSearch and I get nowhere. I tried login into Kibana with all the accounts mentioned above and tried uploading the basic license *.json file but don't have access. I don't know what else to try, it's like it's making it so HARD on me so that I'm forced to call a salesperson to be convinced into paying for it. Something so easy as uploading a license should not be this complicated. If I try to go to http://localhost.my.local/_xpack/license it keeps prompting me for a password. The user I added in x-pack has superuser role but still no access to upload a simple license. I added another role for the admin user of kibana_system ingest_admin and no luck! why is this so cryptic????

sudo curl -XPUT -u admin 'http://localhost.my.local/_xpac/license' -H "Content-Type: application/json" -d @kibana-v5.json
Enter host password for user 'admin':

301 Moved Permanently

301 Moved Permanently


nginx

(Colin Goodheart-Smithe) #2

Elasticsearch runs on port 9200 by default. It appears that you are trying to access it through port 80 (the default if you do not specify a port in a URL) and form your screenshot it appears that port 80 on your machine is an nginx server. Have you changed the elasticsearch port int eh elasticsearch.yml file? If you have not then I think the only problem here is that you aren't sending the request to port 9200. Try this instead:

sudo curl -XPUT -u admin 'http://localhost.my.local:9200/_xpack/license' -H "Content-Type: application/json" -d @kibana-v5.json

This assumes that you are running this command from the same machine that you installed Elasticsearch on and that localhost.my.local resolves to a loopback address. If this is not the case then you will need to add http.host to your elasticsearch.yml file as described here: https://www.elastic.co/guide/en/elasticsearch/reference/6.1/important-settings.html#network.host

Hopefully this resolves your issue but please let me know if you are still having problems, if some of my assumptions here are wrong or if you have questions about the above.


(El Joey Jojo) #3

hey there Colin! thanks for getting back to me! yeah localhost is running elasticsearch/kibana so it is pointing to itself, i have it setup using https://localhost.my.local so i tried running sudo curl -XPUT -u admin 'https://localhost.my.local/_xpack/license' but I get 405:

{"error":"Incorrect HTTP method for uri [/_xpac/license] and method [PUT], allowed: [POST]","status":405}

sure enough when i try to access Kibana through 'http://localhost.my.local:9200' i get:

{
"name" : "7lqYupE",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "UVohrUrWROWrKjvwNMOalQ",
"version" : {
"number" : "6.1.2",
"build_hash" : "5b1fea5",
"build_date" : "2018-01-10T02:35:59.208Z",
"build_snapshot" : false,
"lucene_version" : "7.1.0",
"minimum_wire_compatibility_version" : "5.6.0",
"minimum_index_compatibility_version" : "5.0.0"
},
"tagline" : "You Know, for Search"
}

and this is my default nginx conf file:

server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
server {
listen 443 ssl;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.users;
ssl_certificate /etc/ssl/certs/nginx.crt;
ssl_certificate_key /etc/ssl/private/nginx.key;
location / {
proxy_pass http://localhost:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
add_header Strict-Transport-Security "max-age=31536000;";
}
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
return 301 https://$host$request_uri;
}

the /etc/nginx/htpasswd.users file has my kibana username and password that it is using to access the kibana web console, i can login with the admin and elastic usernames x_pack had me generate so as far as authentication goes, seems to work just fine. however when i login with kibana/admin/elastic accounts i don't seem to have any management access to create users or update licenses and that's the part I'm confused about. nevermind uploading the license via the curl command, why doesn't the built in elastic/kibana have access on the kibana interface to create accounts/roles?

Thanks


(Tim Vernum) #4

This error message (and the url you quoted in your first post) have /_xpac/license instead of /_xpack/license

It looks like you're either typo'ing the URL (or your nginx proxy rule is dropping a character somehow).

Can you try just installing the license directly to ES via port 9200?
It really seems like some of the difficulties you're running into are coming from your insistence on proxying everything through nginx. ES will work behind a proxy, but it's always helpful to reduce the number of moving parts when trying to solve these problems.


(Tim Vernum) #5

That's not Kibana, that's Elasticsearch.
Elasticsearch is on port 9200, Kibana is on 5601.

In order to be able to perform basic maintence it's best to have access to both servers. You can use Kibana dev console to do maintenance on Elasticsearch, but that falls down if something is broken on your ES server and the problem prevents Kibana from running.


(El Joey Jojo) #6

hey Tim! thanks for the help! i removed the proxy in nginx and sure enough that worked! never had an issue like this before and yeah i guess it would help if i knew the correct port for Elasticsearch :disappointed:

Thanks a lot! I got the license installed but the basic license saids it will expire in 1 year? : S thought it was free for life kinda thing. Anyways thanks for all your help.


(Tim Vernum) #7

It's free, but you need to renew it each year. Just head back to the website in 11 months time and get a new one.


(Tim Vernum) #8

We have a lot of users who run proxies in front of ES and Kibana, so it definitely can work, but it looks like something wasn't quite right in this case.


(system) #9

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.