如何为Swisscom elasticsearch公共云配置Kibana（CloudFoundry）

Question

注意：此问题特定于Swisscom提供的Elasticsearch服务

问题:(又名： tl;dr ）

将官方Kibana docker容器连接到Swisscom Elasticsearch Service需要什么配置？

背景 ：

直到大约一年前， Swisscom公共云在单一服务产品中提供了完整的ELK堆栈（Elasticsearch，Logstash，Kibana）。 当该服务停止使用时，Swisscom仅通过提供Elasticsearch服务取代它，并要求客户通过提供的CloudFoundry build_packs （ Kibana ， Logstash ）设置自己的Kibana和Logstash解决方案。 此处讨论了迁移建议： https ： //ict.swisscom.ch/2018/04/building-the-elk-stack-on-our-new-elasticsearch/

最近，在Swisscom的基于CloudFoundry的PaaS产品上运行应用程序的底层操作系统（称为“堆栈”）已经升级。 上述build_packs现已过时，并已被Swisscom声明为已弃用 。 现在的建议是转移到Elastic提供的通用Docker容器，如下所述： https ： //github.com/swisscom/kibana-buildpack/issues/3

我尝试了什么：

CloudFoundry通常适用于Docker容器，整个过程应该像为docker容器提供一些有效的配置一样直截了当。 我现在manifest.yml为Kibana看起来像这样，但Kibana应用最终连接失败：

---
applications:
- name: kibana-test-example
  docker:
    image: docker.elastic.co/kibana/kibana:6.1.4
  memory: 4G
  disk_quota: 5G
  services:
    - elasticsearch-test-service
  env:
    SERVER_NAME: kibana-test
    ELASTICSEARCH_URL: https://abcdefghijk.elasticsearch.lyra-836.appcloud.swisscom.com
    ELASTICSEARCH_USERNAME: username_provided_by_elasticsearch_service
    ELASTICSEARCH_PASSWORD: password_provided_by_elasticsearch_service
    XPACK_MONITORING_ENABLED: true

附加信息：

Swisscom提供的Elasticsearch Service目前在6.1.3版本上运行。 据我所知，它安装了x-pack 。

你得到了什么错误？

我玩了一下配置并看到了不同的错误，其中大部分都与Elasticsearch Service的认证失败有关。

这是一些示例性的初始日志输出（严重的是，你需要一个正在运行的Kibana才能读取...）

   2019-05-10T08:08:34.43+0200 [CELL/0] OUT Cell eda692ed-f4c3-4a5e-86aa-c0d1641b029f successfully created container for instance 385e5b7f-1570-46cd-532a-c5b4
   2019-05-10T08:08:48.60+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:08:48Z","tags":["info","optimize"],"pid":6,"message":"Optimizing and caching bundles for graph, monitoring, apm, kibana, stateSessionStorageRedirect, timelion, login, logout, dashboardViewer and status_page. This may take a few minutes"}
   2019-05-10T08:15:07.68+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["info","optimize"],"pid":6,"message":"Optimization of bundles for graph, monitoring, apm, kibana, stateSessionStorageRedirect, timelion, login, logout, dashboardViewer and status_page complete in 379.08 seconds"}
   2019-05-10T08:15:07.77+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:kibana@6.1.4","info"],"pid":6,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
   2019-05-10T08:15:07.82+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:elasticsearch@6.1.4","info"],"pid":6,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
   2019-05-10T08:15:07.86+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:xpack_main@6.1.4","info"],"pid":6,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
   2019-05-10T08:15:07.86+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:graph@6.1.4","info"],"pid":6,"state":"yellow","message":"Status changed from uninitialized to yellow - Waiting for Elasticsearch","prevState":"uninitialized","prevMsg":"uninitialized"}
   2019-05-10T08:15:07.88+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:monitoring@6.1.4","info"],"pid":6,"state":"green","message":"Status changed from uninitialized to green - Ready","prevState":"uninitialized","prevMsg":"uninitialized"}
   2019-05-10T08:15:07.89+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:xpack_main@6.1.4","error"],"pid":6,"state":"red","message":"Status changed from yellow to red - Authentication Exception","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
   2019-05-10T08:15:07.89+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:graph@6.1.4","error"],"pid":6,"state":"red","message":"Status changed from yellow to red - Authentication Exception","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
   2019-05-10T08:15:07.89+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:07Z","tags":["status","plugin:elasticsearch@6.1.4","error"],"pid":6,"state":"red","message":"Status changed from yellow to red - Authentication Exception","prevState":"yellow","prevMsg":"Waiting for Elasticsearch"}
   2019-05-10T08:15:11.39+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:11Z","tags":["reporting","warning"],"pid":6,"message":"Generating a random key for xpack.reporting.encryptionKey. To prevent pending reports from failing on restart, please set xpack.reporting.encryptionKey in kibana.yml"}
   2019-05-10T08:15:11.39+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:11Z","tags":["status","plugin:reporting@6.1.4","error"],"pid":6,"state":"red","message":"Status changed from uninitialized to red - Authentication Exception","prevState":"uninitialized","prevMsg":"uninitialized"}

实际相关的错误消息似乎是这样的：

2019-05-10T08:15:11.66+0200 [APP/PROC/WEB/0] OUT {"type":"log","@timestamp":"2019-05-10T06:15:11Z","tags":["license","warning","xpack"],"pid":6,"message":"License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. [security_exception] unable to authenticate user [ABCDEFGHIJKLMNOPQRST] for REST request [/_xpack], with { header={ WWW-Authenticate=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } } :: {\"path\":\"/_xpack\",\"statusCode\":401,\"response\":\"{\\\"error\\\":{\\\"root_cause\\\":[{\\\"type\\\":\\\"security_exception\\\",\\\"reason\\\":\\\"unable to authenticate user [ABCDEFGHIJKLMNOPQRST] for REST request [/_xpack]\\\",\\\"header\\\":{\\\"WWW-Authenticate\\\":\\\"Basic realm=\\\\\\\"security\\\\\\\" charset=\\\\\\\"UTF-8\\\\\\\"\\\"}}],\\\"type\\\":\\\"security_exception\\\",\\\"reason\\\":\\\"unable to authenticate user [ABCDEFGHIJKLMNOPQRST] for REST request [/_xpack]\\\",\\\"header\\\":{\\\"WWW-Authenticate\\\":\\\"Basic realm=\\\\\\\"security\\\\\\\" charset=\\\\\\\"UTF-8\\\\\\\"\\\"}},\\\"status\\\":401}\",\"wwwAuthenticateDirective\":\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"}"}

我试图在其他地方设置XPACK_SECURITY_ENABLED: false以及设置实际的SERVER_HOST ，这似乎使事情变得更糟。

我非常感谢使用现有Kibana docker图像连接到Swisscom提供的Elasticsearch Service的人的工作示例。

Answer 1

可能是你混淆了用户名和密码？ 当我检查我的服务密钥密码是在用户名之前，这可能会导致您身边出现复制粘贴错误：

cf service-key myece mykey|grep kibana_system
 "kibana_system_password": "aKvOpMVrXGCJ4PJht",
 "kibana_system_username": "aksTxVNyLU4JWiQOE6V",

我尝试用你的manifest.yml推送Kibana，它在我的情况下完美无缺。

Swisscom还更新了有关如何在Docker中使用Kibana和Logstash的文档：

https://docs.developer.swisscom.com/service-offerings/kibana-docker.html https://docs.developer.swisscom.com/service-offerings/logstash-docker.html