How to setup ES/Kibana with nginx ingress and SSL enabled?
See original GitHub issueI followed the secure
example, and installed nginx ingress, but I can’t seem to get it working with nginx. Without the TLS, I can connect to it, using http://es.
I’m able to port-forward connect to https://es:9200 but not directly through nginx. I suspect it’s trying to connect to https on port 443, but ES https is running on 9200.
I tried a few things, none of them worked. Does anyone advice or a sample values file?
After creating secrets, I have these values set (snippet):
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/client-body-buffer-size: 10M
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
path: /
#hosts:
# - es.localhost
tls:
- secretName: elastic-certificates
hosts:
- es.localhost
service:
type: ClusterIP
protocol: https
esConfig:
elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
Issue Analytics
- State:
- Created 3 years ago
- Comments:10 (1 by maintainers)
Top Results From Across the Web
Kubernetes - Exposing Kibana through an Ingress
In this article I will go over the configuration I use that gives me a secure and publicly exposed Kibana backed by Elasticsearch...
Read more >Kibana with nginx ingress controller in Kubernetes
I feel as though I am missing some sort of setting with either SERVER_BASEPATH and/or my nginx ingress configuration.
Read more >b. Using an Ingress with NGINX (SSL)
Setting up an ingress for NGINX for the OIG domain on Kubernetes · Create a SSL certificate. a. Generate SSL certificate. b. Create...
Read more >Monitor and Analyze Nginx Ingress Controller Logs on ...
Kibana Index Management. Click on the Create Template button. Enter the Name for the template and the Index patterns.
Read more >Run ingress nginx as a reverse proxy for kibana with appid ...
I've read a number of similar questions on here and blogs online, I've tried a number of configuration changes but cannot seem to...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@teebu I finally solved it now. The reason it did not work is when we turn SSL for elasticsearch, the connection from ingress to service will be dropped cause TLS verification is failed. You should modify the ingress in value.yaml like below
@shamndor This is what works for me with ssl enabled (and a self-signed cert) on kibana and elasticsearch. Elasticsearch:
Kibana:
You might try setting ingress class or removing some of the other configs to see if that works.