Elasticsearch database not starting with plugin

rick.degreef · May 15, 2018, 12:15pm

Hi there,

Since installing and configuring the ROR-plugin in both ElasticSearch and Kibana, we are no longer able to connect via Kibana. The ES database does not seem to be running (checked with nmap locally and telnet from a Windows machine on the same network).

This is what our readonlyrest.yml looks like:

---
network.host: 10.4.239.77
http.port: 9200
readonlyrest:
        prompt_for_basic_auth: false
        response_if_req_forbidden: Forbidden by ReadonlyREST ES Plugin
        enable: true
        ssl:
                enable: false
        access_control_rules:
        - name: kibana server
          type: allow
          auth_key: elastic:thisisasecret
          hosts: ["10.4.239.0/24"]
          kibana_access: admin

When checking via “systemctl status elasticsearch” all seems to be running. Still no connection is possible.
A notification that shows up from the “systemctl status kibana” command is: “No living connections”.
Our kibana webinterface looks like this:

What can we do to solve this problem?

sscarduzio · May 15, 2018, 3:00pm

Remove x pack, or at least disable the security module.

github.com

beshu-tech/readonlyrest-docs/blob/master/kibana.md#example-multiuser-elk

---
description: User manual for ReadonlyREST Enterprise/PRO/Free
---

# For Kibana

🧙 **Are you using Kibana version 7.8.x or older? Go to the** [**old platform manual page**](details/kibana-7.8.x-and-older.md)**.**

### Kibana Plugin overview

ReadonlyREST plugin for Kibana is not open source, and it's offered as part of the [ReadonlyREST PRO](https://readonlyrest.com/pro.html) and [ReadonlyREST ENTERPRISE](https://readonlyrest.com/enterprise.html), and [ReadonlyREST Free](https://readonlyrest.com/free) packages. See product descriptions and a comparison chart in the official [ReadonlyREST website](https://readonlyrest.com)

ReadonlyREST plugins for Kibana **always require** ReadonlyREST opens source plugin to be installed in the Elasticsearch nodes your Kibana instance(s) will connect to.

It's not mandatory to install ReadonlyREST in all Elasticsearch nodes, but only in the ones in where you need the HTTP interface to be secured.

### After purchasing

If you didn't install it yet, download the latest [universal build](https://docs.readonlyrest.com/universal-builds) from our [download page](https://readonlyrest.com/download/) and install it manually.
Alternatively, see below if you want to install it directly via the command line without downloading it from the browser.

This file has been truncated. show original

rick.degreef · May 16, 2018, 6:08am

Hi @sscarduzio,

We added this to our elasticsearch.yml:
xpack.security.enabled: false
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: false
xpack.watcher.enabled: false

Still we’re getting the same error as before.
Also port 9200 seems to stay closed.

sscarduzio · May 22, 2018, 10:41am

did you resolve this?

rick.degreef · May 22, 2018, 11:29am

For some reason there was a configuration error. We started again with a clean installation. The best way to install X-Pack and ROR together seems to be:

install ELK-stack
install X-Pack
configure passwords (X-Pack)
set xpack.security.enabled: false in both kibana.yml and elasticsearch.yml
install ROR
configure ROR

This seems to be working.