Providing External (non-localhost) Access to Kibana
I'm still on my ELK stack kick and finally got Kibana running. Once it was running on my machine I fired off an email to coworkers to let them know they could hit the temporary website I had configured on my machine with Kibana.
Well, of course, I had rush through things and gotten ahead of myself. Within a few minutes Jeff had IM'd me and said he was getting a blank dashboard. There were a few things I had to adjust in the elasticsearch configuration file, the Kibana configuration file, plus some firewall rules I had to add to my machine before the rest of the team could enjoy Kibana goodness.
Configuring elasticsearch
elasticsearch configuration settings can be found in the kivana file /bin/elasticsearch.yml. Specifically, we want to look at the settings relating to HTTP access control (CORS):
The two settings are:
http.cors.enabled: true
#http.cors.allow-origin: *
If you haven't messed with your configuration file too much, then you'll find these settings just before the section labeled "Gateway".
By default the value for http.cors.enabled is false. Set it to true. Next, you need to tell elasticsearch from whom it's allowed to receive cross-origin requests. I set it to all (using the asterisk) but that's not a smart move if your web server is exposed to the world beyond your organization (or even team or department). There's plenty of reading material on the web concerning what happens when you misconfigure HTTP CORS.
I stopped and restarted elasticsearch to ensure it grabbed the updated settings.
Configuring Kibana
Kibana was easier to configure and the only problem I encountered was simply a brain hiccup that I should have caught from the get-go.
Kibana configuration is found in the file config.js located in the Kibana root directory. The setting with which we're concerned is the one that tells Kibana where to find the elasticsearch cluster, simply labeled "elasticserach":
/** @scratch /configuration/config.js/5
*
* ==== elasticsearch
*
* The URL to your elasticsearch server. You almost certainly don't
* want +http://localhost:9200+ here. Even if Kibana and Elasticsearch are on
* the same host. By default this will attempt to reach ES at the same host you have
* kibana installed on. You probably want to set it to the FQDN of your
* elasticsearch host
*
* Note: this can also be an object if you want to pass options to the http client. For example:
*
* +elasticsearch: {server: "http://localhost:9200", withCredentials: true}+
*
*/
/*elasticsearch: "http://" + window.location.hostname + ":9200",*/
elasticsearch: 'http://mymachine.mycompanyname.com:9200',
Again, I'm running elasticsearch locally (we'll migrate it to the data center soon) so I provided Kibana with the fully qualified domain name (FQDN) of my machine and the port on which elasticsearch listens.
Configuring the Firewall
I'm running the ELK stack on my local machine for now and, as a result, had to open some ports on my firewall to allow other team members (and Kibana from their machines) to access one of the elasticsearch nodes, that being the one on my machine. Luckily, I have administrator rights to my machine and was able to bring up the Windows Firewall and Advanced Security program and make the necessary changes.
First I created a new inbound rule and called it Elasticsearch. I then used the following settings:
Note that 9200-9299 (9300?) is used to interact with the elasticsearch RESTful API. Ports 9300-9399 (9400?) are used by the nodes within the elasticsearch cluster to communicate among themselves. For what we're trying to do -- let others use Kibana to interact with elasticsearch -- opening ports 9200-9300 will work just fine.
Conclusion
Hopefully these notes will help you. I'm sure there were a few other small things I had to do to get the whole kit and caboodle working; I'll update this post as necessary.
Well, of course, I had rush through things and gotten ahead of myself. Within a few minutes Jeff had IM'd me and said he was getting a blank dashboard. There were a few things I had to adjust in the elasticsearch configuration file, the Kibana configuration file, plus some firewall rules I had to add to my machine before the rest of the team could enjoy Kibana goodness.
Configuring elasticsearch
elasticsearch configuration settings can be found in the kivana file /bin/elasticsearch.yml. Specifically, we want to look at the settings relating to HTTP access control (CORS):
The two settings are:
http.cors.enabled: true
#http.cors.allow-origin: *
If you haven't messed with your configuration file too much, then you'll find these settings just before the section labeled "Gateway".
By default the value for http.cors.enabled is false. Set it to true. Next, you need to tell elasticsearch from whom it's allowed to receive cross-origin requests. I set it to all (using the asterisk) but that's not a smart move if your web server is exposed to the world beyond your organization (or even team or department). There's plenty of reading material on the web concerning what happens when you misconfigure HTTP CORS.
I stopped and restarted elasticsearch to ensure it grabbed the updated settings.
Configuring Kibana
Kibana was easier to configure and the only problem I encountered was simply a brain hiccup that I should have caught from the get-go.
Kibana configuration is found in the file config.js located in the Kibana root directory. The setting with which we're concerned is the one that tells Kibana where to find the elasticsearch cluster, simply labeled "elasticserach":
/** @scratch /configuration/config.js/5
*
* ==== elasticsearch
*
* The URL to your elasticsearch server. You almost certainly don't
* want +http://localhost:9200+ here. Even if Kibana and Elasticsearch are on
* the same host. By default this will attempt to reach ES at the same host you have
* kibana installed on. You probably want to set it to the FQDN of your
* elasticsearch host
*
* Note: this can also be an object if you want to pass options to the http client. For example:
*
* +elasticsearch: {server: "http://localhost:9200", withCredentials: true}+
*
*/
/*elasticsearch: "http://" + window.location.hostname + ":9200",*/
elasticsearch: 'http://mymachine.mycompanyname.com:9200',
Again, I'm running elasticsearch locally (we'll migrate it to the data center soon) so I provided Kibana with the fully qualified domain name (FQDN) of my machine and the port on which elasticsearch listens.
Configuring the Firewall
I'm running the ELK stack on my local machine for now and, as a result, had to open some ports on my firewall to allow other team members (and Kibana from their machines) to access one of the elasticsearch nodes, that being the one on my machine. Luckily, I have administrator rights to my machine and was able to bring up the Windows Firewall and Advanced Security program and make the necessary changes.
First I created a new inbound rule and called it Elasticsearch. I then used the following settings:
Note that 9200-9299 (9300?) is used to interact with the elasticsearch RESTful API. Ports 9300-9399 (9400?) are used by the nodes within the elasticsearch cluster to communicate among themselves. For what we're trying to do -- let others use Kibana to interact with elasticsearch -- opening ports 9200-9300 will work just fine.
Conclusion
Hopefully these notes will help you. I'm sure there were a few other small things I had to do to get the whole kit and caboodle working; I'll update this post as necessary.
Comments
Post a Comment