Differences

This shows you the differences between two versions of the page.

--- elastic:kibanaonlinux [2023/03/09 20:12] – olaf
+++ elastic:kibanaonlinux [2024/10/20 14:41] (current) – Updated location of node since Kibana 8.15 olaf
@@ Line 62: / Line 62: @@
 <code yaml>
 In /etc/kibana/kibana.yml set:
+server.port: 443
 server.host: "deb11-elk-13"
 elasticsearch.hosts: ["https://deb11-elk-11:9200", "https://deb11-elk-12:9200" ]
@@ Line 87: / Line 88: @@
 #    type: json
 </code>
 On one of the Elasticsearch nodes generate an access token for Kibana
@@ Line 124: / Line 126: @@
 /usr/share/kibana/bin/kibana-keystore add xpack.security.encryptionKey
 </code>
-remove the line with the ''elasticsearch.serviceAccountToken'' from ''/etc/kibana/kibana.yml''
+remove the line with the ''elasticsearch.serviceAccountToken'' from ''/etc/kibana/kibana.yml''\\
-On one of the elasticsearch nodes
+To be able to copy files between the ES nodes and Kibana a mount for the SMB share is needed.\\
-Generate the SSL certificate and key for Kibana
+Create a file containing the credentials for the share in the root user directory:
-/usr/share/elasticsearch/bin/elasticsearch-certutil cert -name deb11-elk-04_https -dns deb11-elk-04 -pem -self-signed
+<code bash>
-Tell to save it as deb11-elk-04_http.zip
+cat > /root/backup.crd
+username=kenny
+password=kennyspassword
+<ctrl-d>
+</code>
+To mount the share for the snapshot repository with the correct permissions for the elasticsearch user, we need to know the user id (uid) of the elasticsearch user:
+''id -u elasticsearch''
+''106''
+Create the mount directory
+<code bash>
+mkdir /mnt/backup
+</code>
+Add the share used for repository in /etc/fstab\\
+<code bash>
+//10.0.1.10/ES       /mnt/backup     cifs    vers=3.0,credentials=/root/backup.crd,uid=106   0       0
+</code>
+Mount the share
+<code bash>
+mount //10.0.0.10/ES
+</code>
+On one of the elasticsearch nodes\\
+Generate the SSL certificate and key for Kibana\\
+<code bash>
+/usr/share/elasticsearch/bin/elasticsearch-certutil cert -name deb11-elk-04_https -dns deb11-elk-04 -pem -self-signed</code>
+Tell to save it as ''deb11-elk-04_http.zip'' than copy it to the share:\\
+<code bash>
 cp /usr/share/elasticsearch/deb11-elk-04_http.zip /mnt/backup/debby/deb11-elk-04/
+</code>
+Back to the Kibana node\\
+Create the directory for the certificate and key
+copy the certificate file, unzip it, move the certificate and key to the certs directory and clean up
+<code bash>
+mkdir /etc/kibana/certs
+cd /etc/kibana/certs
+cp /mnt/backup/debby/deb11-elk-04/deb11-elk-04_http.zip ./
+unzip deb11-elk-04_http.zip
+mv deb11-elk-04_https/* ./
+rm -rf deb11-elk-04_https
+rm deb11-elk-04_http.zip
+chown -R root:kibana /etc/kibana/certs
+</code>
+Allow Kibana to use HTTPS default port (443) ...
+Up to Kibana 8.14.x:
+<code bash>
+setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana
+setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana-plugin
+setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana-keystore
+setcap cap_net_bind_service=+epi /usr/share/kibana/node/bin/node
+</code>
+Since Kibana 8.15:
+<code bash>
+setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana
+setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana-plugin
+setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana-keystore
+setcap cap_net_bind_service=+epi /usr/share/kibana/node/glibc-217/bin/node
+</code>
+Install Kibana as service and start it
+<code bash>
+systemctl daemon-reload
+systemctl enable kibana.service
+systemctl start kibana.service
+</code>
+Kibana is now availbale at ''https://deb11-elk-04''\\
+Either use the generated password from the installation of ES or generate a new one on a ES node with
+<code bash>
+/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
+</code>
+Login with elastic and the password
+Kibana is installed

OOKB - Olaf's Own Knowledge Base

User Tools

Site Tools

Differences

Page Tools