Elasticsearch database not starting with plugin


(Rick de Greef) #1

Hi there,

Since installing and configuring the ROR-plugin in both ElasticSearch and Kibana, we are no longer able to connect via Kibana. The ES database does not seem to be running (checked with nmap locally and telnet from a Windows machine on the same network).

This is what our readonlyrest.yml looks like:

---
network.host: 10.4.239.77
http.port: 9200
readonlyrest:
        prompt_for_basic_auth: false
        response_if_req_forbidden: Forbidden by ReadonlyREST ES Plugin
        enable: true
        ssl:
                enable: false
        access_control_rules:
        - name: kibana server
          type: allow
          auth_key: elastic:thisisasecret
          hosts: ["10.4.239.0/24"]
          kibana_access: admin

When checking via “systemctl status elasticsearch” all seems to be running. Still no connection is possible.
A notification that shows up from the “systemctl status kibana” command is: “No living connections”.
Our kibana webinterface looks like this:

What can we do to solve this problem?


(Simone Scarduzio) #2

Remove x pack, or at least disable the security module.


(Rick de Greef) #3

Hi @sscarduzio,

We added this to our elasticsearch.yml:
xpack.security.enabled: false
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: false
xpack.watcher.enabled: false

Still we’re getting the same error as before.
Also port 9200 seems to stay closed.


(Simone Scarduzio) #4

did you resolve this?


(Rick de Greef) #5

For some reason there was a configuration error. We started again with a clean installation. The best way to install X-Pack and ROR together seems to be:

  • install ELK-stack
  • install X-Pack
  • configure passwords (X-Pack)
  • set xpack.security.enabled: false in both kibana.yml and elasticsearch.yml
  • install ROR
  • configure ROR

This seems to be working.