无法使用 url 访问 AWS EC2 实例上的 Kibana
[英]Unable to access Kibana on AWS EC2 instance using url
问题描述
I have elasticseasrch and Kibana installed on EC2 instance where I am able to access elasticsearch using on this url http://public-ip/9200 .But I am unable to access Kibana using http://public-ip/5601 .
我在 EC2 实例上安装了 elasticseasrch 和 Kibana,我可以使用此 URL http://public-ip/9200访问 elasticsearch。但我无法使用http://public-ip/5601访问 Kibana。
I have configured kibana.yml and added certain fields.我已经配置kibana.yml并添加了某些字段。
server.port: 5601
server.host: 0.0.0.0
elasticsearch.url: 0.0.0.0:9200
On doing wget http://localhost:5601 I am getting below output:在做wget http://localhost:5601我得到以下输出:
--2022-06-10 11:23:37-- http://localhost:5601/
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:5601... connected.
HTTP request sent, awaiting response... 200 OK
Length: 83731 (82K) [text/html]
Saving to: ‘index.html’
Someone let me know what I am doing wrong.Any help would be appreciated.有人让我知道我做错了什么。任何帮助将不胜感激。
2 个解决方案
解决方案1
0 2022-06-11 13:35:52
Server Host set to 0.0.0.0 means it should be accessible from outside localhost but double check that the listener is actually listening for external connections on that port using netstat -nltpu .服务器主机设置为0.0.0.0意味着它应该可以从 localhost 外部访问,但使用netstat -nltpu仔细检查侦听器是否实际上正在侦听该端口上的外部连接。 The server is also accessible on it's public IP on port 9200 so try the following:该服务器也可以通过端口 9200 上的公共 IP 访问,因此请尝试以下操作:
- EC2 Security Group should inbound TCP traffic on that port 5601 from your IP address. EC2 安全组应在该端口 5601 上从您的 IP 地址入站 TCP 流量。
- Network ACLs should allow inbound/outbound TCP traffic on port 5601.网络 ACL 应允许端口 5601 上的入站/出站 TCP 流量。
- OS firewall ( eg
ufworfirewalld) should allow traffic on that port.操作系统防火墙(例如ufw或firewalld)应该允许该端口上的流量。 You can runiptables -L -nxvto check the firewall rules.您可以运行iptables -L -nxv来检查防火墙规则。 - Try connecting to that port from a different EC2 instance in the same VPC.尝试从同一 VPC 中的不同 EC2 实例连接到该端口。 It is possible that what ever internet connection you are using may have a firewall blocking connections on that port.您使用的任何互联网连接都可能有防火墙阻止该端口上的连接。 This is common with corporate firewalls.这在企业防火墙中很常见。
- If these fail, next you want to check if the packets are reaching your EC2 instance so you can run a packet capture on that port using
tcpdump -ni any port 5601and check if you have any packets coming in/out on that port.如果这些失败,接下来您要检查数据包是否到达您的 EC2 实例,以便您可以使用tcpdump -ni any port 5601在该端口上运行数据包捕获,并检查是否有任何数据包进出该端口。 - if you don't see any packets on
tcpdump, useVPC Flow Logs to see if packets are coming in/out that port.如果您在tcpdump上看不到任何数据包,请使用VPC 流日志查看数据包是否进出该端口。
解决方案2
0 2022-06-19 18:12:29
Considering the kibana port (5601 ) is open via security groups考虑到 kibana 端口(5601)是通过安全组打开的
I could able to resolve the issue by updating config server.host:localhost to server.host:0.0.0.0 and elasticsearch.hosts: ["http://localhost:9200"] (in my case kibana and ES both are running on the same machine) in kibana.yml我可以通过将配置server.host:localhost更新为server.host:0.0.0.0和 elasticsearch.hosts elasticsearch.hosts: ["http://localhost:9200"]来解决问题(在我的情况下,kibana 和 ES 都在同一台机器)在 kibana.yml
https://discuss.elastic.co/t/kibana-url-gives-connection-refused-from-outside-machine/122067/8 https://discuss.elastic.co/t/kibana-url-gives-connection-refused-from-outside-machine/122067/8
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.