jpheos
commented
6 years ago http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
where do you put that @iceman739 ?
Open ghost opened 6 years ago
jpheos
commented
6 years ago http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
where do you put that @iceman739 ?
seafoodbuffet
commented
5 years ago where do you put that @iceman739 ?
Late to the party but these go into the elasticsearch configuration.
See https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings_2
You (minimally) need to set the following:
http.cors.enabled: true
http.cors.allow-origin:
valid origin patterns are things like:
you don't have to set allow-headers unless you're doing authentication via elasticsearch-head
its-ogawa
commented
3 years ago @seafoodbuffet Your suggestion is very nice.
I restarted elasticsearch after changing elasticsearch.yml, but But that did not solve the problem in my environment. The situation continues to be "cluster health: not connected".
I have a few questions.
rhino007US
commented
3 years ago Hi I have brought up Bitnami's ELK stack and installed Elasticsearch-heads. I think it is configured correctly, all of the required DEB libraries are there. I was able to install nodejs 14.17.0, Puppeteer, grunt, and chrome in headless mode (I do get the one error when I start it with grunt --force: (node:6548) UnhandledPromiseRejectionWarning: Error: Failed to launch the browser process! /root/elasticsearch-head-master/node_modules/puppeteer/.local-chromium/linux-856583/chrome-linux/chrome: error while loading shared libraries: libatk-1.0.so.0: cannot open shared object file: No such file or directory
Which is a bit odd because supposedly that error was resolved at a lower level of nodejs.
I don't know if that is causing the problem I'm having, but feedback about that would be welcome. I'm not quite sure if that is a system library, and how to get it. apt-get? Or is it more like including a python library?
============================= THE MAIN QUESTION ==============================
I have it working to where I can access, from chrome:
http://NN.NN.NN.133/elastic-search-head?base_uri=http://NN.NN.NN.133/elastisearch
I opened the port in my firewall to only my Internet IP, and I get a login prompt... But I can't login to it with the Bitnami application user, "user" and the password (which is found on the ELK stack server in /home/bitnami/bitnami_credentials file.)
not being sure if this is the required login I also set the Elasticsearch password to one I know and tried logging in as Elasticsearch that didn't work. Lastly I tried the bitnami user, the one you use to SSH onto the server box.
all of these give me the following message: Unauthorized This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Installing all this took a lot of brute force on my part, I wanted to bring it up in one day, not read manuals for days to understand each and every part. Hopefully this is enough information to help me find out how to login to the Elasticsearch-head account.
Thank You, DRH
PS my goal is to be able to replicate the data nodes in the ELK stack, by seeing beyond the single Ip of the instance in AWS. If someone knows more about how to do that another way I'd be interested. Perhaps in Kibana?
PPS: in the Bitnami documentation the Elasticsearch-head documentation says, "Elasticsearch-head is a Web front-end for an Elasticsearch cluster. For Elasticsearch 5.x, site plugins are not supported, so it needs to run as a standalone server.". I'm not 100% sure what this means.
Does it mean that it will only work in a deployment where elastic/logstash/kibani are on a single instance (as I suspect)
OR
Does it mean you need to build an second instance to watch the bitnami instance as I first thought? I think it is the first one because there are no instructions to set up communications between a second instance and the ELK stack server.
philipskokoh
commented
3 years ago Hi @rhino007US ,
I never use bitnami before, but I try to address your questions. See my comments below.
I don't know if that is causing the problem I'm having, but feedback about that would be welcome. I'm not quite sure if that is a system library, and how to get it. apt-get? Or is it more like including a python library?
This is just a simple standalone nodejs server, calling some commonly used Elasticsearch API to view and run queries to your Elasticsearch indices.
I have it working to where I can access, from chrome: http://NN.NN.NN.133/elastic-search-head?base_uri=http://NN.NN.NN.133/elastisearch I opened the port in my firewall to only my Internet IP, and I get a login prompt... But I can't login to it with the Bitnami application user, "user" and the password (which is found on the ELK stack server in /home/bitnami/bitnami_credentials file.)
I never use bitnami before, but you base_uri should point out to your Elasticsearch cluster address, for example: http://x.x.x.x:9200. This is the cluster address that you can also call usng curl in terminal. See this guide:
https://www.elastic.co/guide/en/elasticsearch/guide/master/running-elasticsearch.html
PPS: in the Bitnami documentation the Elasticsearch-head documentation says, "Elasticsearch-head is a Web front-end for an Elasticsearch cluster. For Elasticsearch 5.x, site plugins are not supported, so it needs to run as a standalone server.". I'm not 100% sure what this means.
A little bit of history, this project was a site plugin for Elasticsearch (it can be installed as one of Elasticsearch plugin) before Elastic removes site plugin support since Elasticsearch 5.x. Since then, the only way to run Elasticsearch-head is running it as a standalone server.
May I know your Elasticsearch version and whether you activate the security features on the cluster (like encrypting communication, etc)? If yes, then Elasticsearch-head may not work for you because we have very limited support on authentication. Only basic auth is supported by Elasticsearch-head, and I know that recent version of Elasticsearch has many choices of security options.
You can just install and use Kibana which naturally has better integration with Elasticsearch.
Thanks!
Hi, I have setup elasticsearch setup with latest version 6.2.4. I have configured elasticseach-head plugin in standalone mode. For kibana authentication, we have configured readonlyrest plugin. After configuring readonlyrest plugin elasticsearch server not connected to the elasticsearch-head. I have also mention header authorization but still is not working.
elasicesearch configuration file elasticsearch.yml
---------------------------------- Network ----------------------------------- Set the bind address to a specific IP (IPv4 or IPv6): network.host: 0.0.0.0 http.cors.enabled: true http.cors.allow-origin: "*" http.cors.allow-headers: Authorization Set a custom port for HTTP: http.port: 9200 For more information, consult the network module documentation.
logs:-
FORBIDDEN by default req={ ID:1710971236-281480417#21769, TYP:MainRequest, CGR:N/A, USR:[no basic auth header], BRS:true, KDX:null, ACT:cluster:monitor/main, OA:106.51.33.77, DA:10.142.0.2, IDX:<N/A>, MET:GET, PTH:/, CNT:<N/A>, HDR:{Accept=application/json, text/javascript, /; q=0.01, Accept-Encoding=gzip, deflate, Accept-Language=en-US,en;q=0.9, Connection=keep-alive, content-length=0, Content-Type=application/json, Host=35.185.110.8:9200, Origin=http://35.185.110.8:9100, Referer=http://35.185.110.8:9100/, User-Agent=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/63.0.3239.132 Chrome/63.0.3239.132 Safari/537.36}, HIS:[Elasticseaech can write and create its own indices->[auth_key->false]], [::KIBANA-SRV::->[auth_key->false]], [Accept all requests from 35.185.110.8->[hosts->false]] }
elasticsearch UI:-