Kibana ssl configuration - elasticsearch

I installed elasticsearch and kibana using this guide:
https://opendistro.github.io/for-elasticsearch-docs/docs/install/
I created SSL for domain and using it in kibana.yml config.
server.ssl.enabled: true
server.ssl.key: /etc/elasticsearch/key.pem
server.ssl.certificate: /etc/elasticsearch/cert.pem
But, when I restart the service I am getting below error.
sudo service kibana status
● kibana.service - Kibana
Loaded: loaded (/etc/systemd/system/kibana.service; disabled; vendor preset: enabled)
Active: failed (Result: start-limit-hit) since Tue 2019-05-14 19:39:21 UTC; 833ms ago
Process: 50944 ExecStart=/usr/share/kibana/bin/kibana -c /etc/kibana/kibana.yml (code=exited, status=1/FAILURE)
Main PID: 50944 (code=exited, status=1/FAILURE)
May 14 19:39:21 mts-elk systemd[1]: kibana.service: Unit entered failed state.
May 14 19:39:21 mts-elk systemd[1]: kibana.service: Failed with result 'exit-code'.
May 14 19:39:21 mts-elk systemd[1]: kibana.service: Service hold-off time over, scheduling restart.
May 14 19:39:21 mts-elk systemd[1]: Stopped Kibana.
May 14 19:39:21 mts-elk systemd[1]: kibana.service: Start request repeated too quickly.
May 14 19:39:21 mts-elk systemd[1]: Failed to start Kibana.
May 14 19:39:21 mts-elk systemd[1]: kibana.service: Unit entered failed state.
May 14 19:39:21 mts-elk systemd[1]: kibana.service: Failed with result 'start-limit-hit'.
I don't know where to look for kibana logs other than this.

Related

Error when I trying to start Elasticsearch

I've installed ElasticSearch and I'm trying to start, before installing Magento. I'm getting this error:
sudo systemctl start elasticsearch.service
Job for elasticsearch.service failed because the control process exited with error code. See "systemctl status elasticsearch.service" and "journalctl -xe" for details.
systemctl status elasticsearch.service -l
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2021-04-26 14:15:09 -03; 7s ago
Docs: https://www.elastic.co
Process: 3062 ExecStart=/usr/share/elasticsearch/bin/systemd-entrypoint -p ${PID_DIR}/elasticsearch.pid --quiet (code=exited, status=1/FAILURE)
Main PID: 3062 (code=exited, status=1/FAILURE)
CGroup: /system.slice/elasticsearch.service
Apr 26 14:15:08 vps-5443219.labarba.digital systemd-entrypoint[3062]: at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150)Apr 26 14:15:08 vps-5443219.labarba.digital systemd-entrypoint[3062]: at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75)
Apr 26 14:15:08 vps-5443219.labarba.digital systemd-entrypoint[3062]: at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116)Apr 26 14:15:08 vps-5443219.labarba.digital systemd-entrypoint[3062]: at org.elasticsearch.cli.Command.main(Command.java:79)
Apr 26 14:15:08 vps-5443219.labarba.digital systemd-entrypoint[3062]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115)
Apr 26 14:15:08 vps-5443219.labarba.digital systemd-entrypoint[3062]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:81)
Apr 26 14:15:09 vps-5443219.labarba.digital systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Apr 26 14:15:09 vps-5443219.labarba.digital systemd[1]: Failed to start Elasticsearch.
Apr 26 14:15:09 vps-5443219.labarba.digital systemd[1]: Unit elasticsearch.service entered failed state.
Apr 26 14:15:09 vps-5443219.labarba.digital systemd[1]: elasticsearch.service failed.
I tried to follow this link to solve this problem: https://stackoverflow.com/questions/58656747/elasticsearch-job-for-elasticsearch-service-failed
None of these solutions works for me.
Any help, please?
Ps1.: I'm using VPS Hostgator.
Ps2.: To install, I'm following this link: https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
I solved!
Just change in /etc/elasticsearch/jvm.options:
OLD: #-Djava.io.tmpdir=${ES_TMPDIR}
NEW: -Djava.io.tmpdir=/var/log/elasticsearch
For me, the problem is solved!

Kibana installation error "Kibana server is not ready yet" (CentOS)

Working on a Kibana deployment, after installing Kibana & Elasticsearch i get the error 'Kibana server is not ready yet'.
https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elastic-stack-on-centos-7
[opc#homer7 etc]$
[opc#homer7 etc]$ sudo systemctl status kibana
● kibana.service - Kibana
Loaded: loaded (/etc/systemd/system/kibana.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2021-02-26 13:56:07 CET; 37s ago
Docs: https://www.elastic.co
Main PID: 18215 (node)
Memory: 208.3M
CGroup: /system.slice/kibana.service
└─18215 /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli/dist --logging.dest="/var/log/kibana/kibana.log" --pid.file="/run/kibana/kibana.pid"
Feb 26 13:56:07 homer7 systemd[1]: kibana.service failed.
Feb 26 13:56:07 homer7 systemd[1]: Started Kibana.
[opc#homer7 etc]$
[opc#homer7 etc]$
[opc#homer7 etc]$
[opc#homer7 etc]$ sudo journalctl --unit kibana
-- Logs begin at Fri 2021-02-26 11:31:02 CET, end at Fri 2021-02-26 13:56:57 CET. --
Feb 26 12:15:38 homer7 systemd[1]: Started Kibana.
Feb 26 13:21:25 homer7 systemd[1]: Stopping Kibana...
Feb 26 13:22:55 homer7 systemd[1]: kibana.service stop-sigterm timed out. Killing.
Feb 26 13:22:55 homer7 systemd[1]: kibana.service: main process exited, code=killed, status=9/KILL
Feb 26 13:22:55 homer7 systemd[1]: Stopped Kibana.
Feb 26 13:22:55 homer7 systemd[1]: Unit kibana.service entered failed state.
Feb 26 13:22:55 homer7 systemd[1]: kibana.service failed.
Feb 26 13:25:05 homer7 systemd[1]: Started Kibana.
Feb 26 13:25:29 homer7 systemd[1]: Stopping Kibana...
Feb 26 13:26:59 homer7 systemd[1]: kibana.service stop-sigterm timed out. Killing.
Feb 26 13:26:59 homer7 systemd[1]: kibana.service: main process exited, code=killed, status=9/KILL
Feb 26 13:26:59 homer7 systemd[1]: Stopped Kibana.
Feb 26 13:26:59 homer7 systemd[1]: Unit kibana.service entered failed state.
Feb 26 13:26:59 homer7 systemd[1]: kibana.service failed.
Feb 26 13:27:56 homer7 systemd[1]: Started Kibana.
Feb 26 13:40:53 homer7 systemd[1]: Stopping Kibana...
Feb 26 13:42:23 homer7 systemd[1]: kibana.service stop-sigterm timed out. Killing.
Feb 26 13:42:23 homer7 systemd[1]: kibana.service: main process exited, code=killed, status=9/KILL
Feb 26 13:42:23 homer7 systemd[1]: Stopped Kibana.
Feb 26 13:42:23 homer7 systemd[1]: Unit kibana.service entered failed state.
Feb 26 13:42:23 homer7 systemd[1]: kibana.service failed.
Feb 26 13:42:23 homer7 systemd[1]: Started Kibana.
Feb 26 13:44:09 homer7 systemd[1]: Stopping Kibana...
Feb 26 13:45:40 homer7 systemd[1]: kibana.service stop-sigterm timed out. Killing.
Feb 26 13:45:40 homer7 systemd[1]: kibana.service: main process exited, code=killed, status=9/KILL
Feb 26 13:45:40 homer7 systemd[1]: Stopped Kibana.
Feb 26 13:45:40 homer7 systemd[1]: Unit kibana.service entered failed state.
Feb 26 13:45:40 homer7 systemd[1]: kibana.service failed.
Feb 26 13:45:40 homer7 systemd[1]: Started Kibana.
Feb 26 13:54:37 homer7 systemd[1]: Stopping Kibana...
Feb 26 13:56:07 homer7 systemd[1]: kibana.service stop-sigterm timed out. Killing.
Feb 26 13:56:07 homer7 systemd[1]: kibana.service: main process exited, code=killed, status=9/KILL
Feb 26 13:56:07 homer7 systemd[1]: Stopped Kibana.
Feb 26 13:56:07 homer7 systemd[1]: Unit kibana.service entered failed state.
Feb 26 13:56:07 homer7 systemd[1]: kibana.service failed.
Feb 26 13:56:07 homer7 systemd[1]: Started Kibana.
[opc#homer7 etc]$
[opc#homer7 etc]$
check $systemctl status elasticsearch. I am guessing your elasticsearch service is not started yet.
I guess there are many factors that need to be checked, first of all please go to the config directory of where you installed Kibana and check the kibana.yml by sudo vi kibana.yml and check the port of elastic server that Kibana tries to connect(the default is 9200).
Here is an example of default configuration.
After matching this configuration with your need go to the script file that you save in for Kibana service and check the the [unix] part to if it needs activate elastic service first and if you didn't add "Required" part for Elasticserver make sure that the elastic server is up and run before running Kibana as service, you can also lunch Kibana as shell by going to the bin director of Kibana and lunching Kibana .
Maybe The issue happened due to kibana was unable to access elasticsearch locally.
I think that you have enabled xpack.security plugin for security purpose at elasticsearch.yml by adding a new line :
xpack.security.enabled : true
if so you need to uncomment the two lines on kibana.yml :
#elasticsearch.username: "kibana"
#elasticsearch.password: "pass"
elasticsearch.username = "kibana_system"
elasticsearch.password = "your-password"
after saving the changes, restart kibana service :
sudo sservice kibana restart

Configure kibana with SSL

I want to configure Kibana, so, that I can access over https.
I did following changes in Kibana config file (/etc/kibana/kibana.yml):
server.host: 0.0.0.0
server.ssl.enabled: true
server.ssl.key: /etc/elasticsearch/privkey.pem // Using same SSL that I created for elasticsearch
server.ssl.certificate: /etc/elasticsearch/cert.pem // Using same SSL that I created for elasticsearch
elasticsearch.url: https://127.0.0.1:9200
elasticsearch.ssl.verificationMode: none
elasticsearch.username: kibanaserver
elasticsearch.password: kibanaserver
elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
opendistro_security.multitenancy.enabled: true
opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
opendistro_security.readonly_mode.roles: ["kibana_read_only"]
When I restart/start Kibana, it's giving me below error:
● kibana.service - Kibana
Loaded: loaded (/etc/systemd/system/kibana.service; disabled; vendor preset: enabled)
Active: failed (Result: start-limit-hit) since Wed 2019-06-05 14:20:12 UTC; 382ms ago
Process: 32505 ExecStart=/usr/share/kibana/bin/kibana -c /etc/kibana/kibana.yml (code=exited, status=1/FAILURE)
Main PID: 32505 (code=exited, status=1/FAILURE)
Jun 05 14:20:11 mts-elk-test systemd[1]: kibana.service: Main process exited, code=exited, status=1/FAILURE
Jun 05 14:20:11 mts-elk-test systemd[1]: kibana.service: Unit entered failed state.
Jun 05 14:20:11 mts-elk-test systemd[1]: kibana.service: Failed with result 'exit-code'.
Jun 05 14:20:12 mts-elk-test systemd[1]: kibana.service: Service hold-off time over, scheduling restart.
Jun 05 14:20:12 mts-elk-test systemd[1]: Stopped Kibana.
Jun 05 14:20:12 mts-elk-test systemd[1]: kibana.service: Start request repeated too quickly.
Jun 05 14:20:12 mts-elk-test systemd[1]: Failed to start Kibana.
Jun 05 14:20:12 mts-elk-test systemd[1]: kibana.service: Unit entered failed state.
Jun 05 14:20:12 mts-elk-test systemd[1]: kibana.service: Failed with result 'start-limit-hit'.
root#mts-elk-test:/home/ronak# vi /etc/kibana/kibana.yml
I found the solution. There was a problem with file permission.
I copied cert.pem and privkey.pem files from elasticsearch directory to kibana and changed owner with kibana user:
chown kibana:kibana /etc/kibana/cert.pem
chown kibana:kibana /etc/kibana/privkey.pem
Changed path in kibana.yml file:
server.ssl.key: /etc/kibana/privkey.pem
server.ssl.certificate: /etc/kibana/cert.pem
Rstart kibana: service kibana restart
And it worked!

How to restart my elasticsearch?

I installed it yesterday on my desktop(Ubuntu 16.04)
elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since уто 2018-04-17 10:18:51 CEST; 2min 58s ago
Docs: http://www.elastic.co
Main PID: 20185 (code=exited, status=1/FAILURE)
апр 17 10:18:44 jh-System-Product-Name systemd[1]: Started Elasticsearch.
апр 17 10:18:51 jh-System-Product-Name systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
апр 17 10:18:51 jh-System-Product-Name systemd[1]: elasticsearch.service: Unit entered failed state.
апр 17 10:18:51 jh-System-Product-Name systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
I have tried both
sudo update-rc.d elasticsearch defaults 95 10
sudo systemctl start elasticsearch
I have changed network.host and port in elasticsearch.yml
network.host: 192.168.0.1
http.port: 9200
I have done what Val suggested
sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable elasticsearch.service
If I go for
sudo journalctl -f
then I have
kibana[16891]: {"type":"log","#timestamp":"2018-04-17T08:37:39Z","tags":["warning","elasticsearch","admin"],"pid":16891,"message":"Unable to revive connection: http://localhost:9200/"}
kibana[16891]: {"type":"log","#timestamp":"2018-04-17T08:37:39Z","tags":["warning","elasticsearch","admin"],"pid":16891,"message":"No living connections"}
I have tried to restart again
elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
elasticsearch.service: Unit entered failed state.
elasticsearch.service: Failed with result 'exit-code'.
milenko : TTY=pts/1 ; PWD=/home/milenko ; USER=root ; COMMAND=/bin/journalctl -f
What does this output mean?
I do not understant what is wrong,I have the same problem.

elasticsearch connection refused error

I am following this article to install and configure elasticsearch on my system, both the installation and configuration worked fine but when i try to run elasticsearch:
curl -X GET 'http://localhost:9200'
i get this error:
curl: (7) Failed to connect to localhost port 9200: Connection refused
EDIT: 1
after #val suggestion:
sudo systemctl status elasticsearch
it returned as:
elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendo
Active: failed (Result: exit-code) since Wed 2017-05-24 09:11:16 IST; 2h 17mi
Docs: http://www.elastic.co
Process: 5043 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DI
Process: 5039 ExecStartPre=/usr/share/elasticsearch/bin/elasticsearch-systemd-
Main PID: 5043 (code=exited, status=1/FAILURE)
May 24 09:11:16 ahmed-pc systemd[1]: Starting Elasticsearch...
May 24 09:11:16 ahmed-pc systemd[1]: Started Elasticsearch.
May 24 09:11:16 ahmed-pc systemd[1]: elasticsearch.service: Main process exited,
May 24 09:11:16 ahmed-pc systemd[1]: elasticsearch.service: Unit entered failed
May 24 09:11:16 ahmed-pc systemd[1]: elasticsearch.service: Failed with result '
lines 1-13/13 (END)
Edit 2:
journalctrl -f results
May 25 08:35:31 ahmed-pc systemd[1]: Starting Elasticsearch...
May 25 08:35:31 ahmed-pc systemd[1]: Started Elasticsearch.
May 25 08:35:31 ahmed-pc sudo[6256]: pam_unix(sudo:session): session closed for user root
May 25 08:35:42 ahmed-pc dhclient[3644]: DHCPREQUEST of 192.168.43.121 on wlp3s0 to 192.168.43.1 port 67 (xid=0x4be71b5a)
May 25 08:35:42 ahmed-pc dhclient[3644]: DHCPACK of 192.168.43.121 from 192.168.43.1
May 25 08:35:42 ahmed-pc dhclient[3644]: bound to 192.168.43.121 -- renewal in 1339 seconds.
May 25 08:35:43 ahmed-pc systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
May 25 08:35:43 ahmed-pc systemd[1]: elasticsearch.service: Unit entered failed state.
May 25 08:35:43 ahmed-pc systemd[1]: elasticsearch.service: Failed with result 'exit-code'.

Resources