无法在EC2实例上远程访问Kibana [英] Cannot access Kibana remotely on EC2 instance
问题描述
我是AWS领域的新手,并且设置了EC2实例并安装了ElasticSearch,以对其功能进行一些尝试并了解更多信息.我正在使用ElasticSearch:我可以将curl请求远程发送到ES服务并获取结果.
但是,我无法远程访问Kibana.我首先进入我的kibana.yml文件并启用了以下设置:
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "127.0.0.1"
注意::对于server.host,我已经尝试了0.0.0.0,我的EC2实例的实际IP地址和127.0.0.1,但没有一个允许我的连接访问.
然后,我进入我的AWS控制台并检查以确保我的安全组具有正确的权限:
然后我开始了我的Kibana服务:
service kibana start
在我的SSH终端中,我能够执行curl localhost:5601并收到有效的响应:
<script>var hashRoute = '/app/kibana';
var defaultRoute = '/app/kibana';
var hash = window.location.hash;
if (hash.length) {
window.location = hashRoute + hash;
} else {
window.location = defaultRoute;
}
但是,如果我从本地计算机使用Postman,浏览器或curl到远程访问Kibana(curl XXX.XX.XX.XXX:5601),则会出现Connection refused错误.
我接下来尝试使用vi /var/log/kibana/kibana.stderr检查我的Kibana日志,发现一条有趣的错误消息:
at net.js:1408:9
at _combinedTickCallback (internal/process/next_tick.js:83:11)
at process._tickCallback (internal/process/next_tick.js:104:9)
cause:
{ Error: listen EADDRNOTAVAIL XX.XXX.XX.XX:5601
at Object.exports._errnoException (util.js:1020:11)
at exports._exceptionWithHostPort (util.js:1043:20)
at Server._listen2 (net.js:1249:19)
at listen (net.js:1298:10)
at net.js:1408:9
at _combinedTickCallback (internal/process/next_tick.js:83:11)
at process._tickCallback (internal/process/next_tick.js:104:9)
code: 'EADDRNOTAVAIL',
errno: 'EADDRNOTAVAIL',
syscall: 'listen',
address: 'XX.XX.XX.XX',
port: 5601 },
isOperational: true,
code: 'EADDRNOTAVAIL',
errno: 'EADDRNOTAVAIL',
syscall: 'listen',
address: 'XX.XXX.XX.XXX',
port: 5601 }
其中XX.XX...代表我的EC2实例IP地址.似乎已将某些东西绑定到端口5601.因此,我接下来发出sudo lsof -i:5601并看到此输出:
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME node 3676
> kibana 11u IPv4 14951 0t0 TCP localhost:esmagent (LISTEN)
我对Linux没有任何经验,但这似乎表明kibana已正确绑定到此端口.因此,在这一点上,我没有什么新主意.我浏览过类似这样的SO帖子类似相同的问题,并尝试了答案(在上述工作流程中).任何人都知道导致此错误的原因是什么?
我已经能够在本地实例上启动Kibana,并且能够连接到我的ElasticSearch服务.我只是将本地kibana.yml文件中的设置更改为指向EC2实例端口9200.但是我仍然很想知道为什么我无法在我的EC2实例上访问Kibana!
由于我不确定究竟是什么解决了这个问题,所以答案不多,但是对于以后遇到类似问题的用户,我终止了我的实例,并完全重新安装了Java 8,Elastic Search和Kibana.我确保ES和Kibana的版本号匹配.例如,我使用的是5.6 Kibana,但最初使用的是2.x Elastic Search.
然后,确保入站安全组设置允许ES和Kibana通过TCP访问端口9200和5601.
然后,如注释中所述,将Kibana绑定到0.0.0.0.这就是让我的工作正常的原因.
我知道我并没有给出错误的合理理论原因,但这也许将有助于检查下一个用户的清单.
I'm a newbie to the world of AWS and set up an EC2 instance and installed ElasticSearch to play around a bit with its features and learn more. I have ElasticSearch working: I can send curl requests to the ES service remotely and get back results.
However, I'm unable to access Kibana remotely. I first went to my kibana.yml file and enabled the following settings:
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "127.0.0.1"
Note: for server.host, I've tried 0.0.0.0, the actual IP address of my EC2 instance, and 127.0.0.1, and none of them allow my connection access.
I then went to my AWS console and checked to make sure my Security Group had the correct permissions:
I then started my Kibana service:
service kibana start
Within my SSH terminal, I'm able to execute curl localhost:5601 and receive a valid response:
<script>var hashRoute = '/app/kibana';
var defaultRoute = '/app/kibana';
var hash = window.location.hash;
if (hash.length) {
window.location = hashRoute + hash;
} else {
window.location = defaultRoute;
}
However, if I use Postman, my browser, or curl from my local machine to remote access Kibana (curl XXX.XX.XX.XXX:5601) I get a Connection refused error.
I next attempted to inspect my Kibana log using vi /var/log/kibana/kibana.stderr, and found an interesting error message:
at net.js:1408:9
at _combinedTickCallback (internal/process/next_tick.js:83:11)
at process._tickCallback (internal/process/next_tick.js:104:9)
cause:
{ Error: listen EADDRNOTAVAIL XX.XXX.XX.XX:5601
at Object.exports._errnoException (util.js:1020:11)
at exports._exceptionWithHostPort (util.js:1043:20)
at Server._listen2 (net.js:1249:19)
at listen (net.js:1298:10)
at net.js:1408:9
at _combinedTickCallback (internal/process/next_tick.js:83:11)
at process._tickCallback (internal/process/next_tick.js:104:9)
code: 'EADDRNOTAVAIL',
errno: 'EADDRNOTAVAIL',
syscall: 'listen',
address: 'XX.XX.XX.XX',
port: 5601 },
isOperational: true,
code: 'EADDRNOTAVAIL',
errno: 'EADDRNOTAVAIL',
syscall: 'listen',
address: 'XX.XXX.XX.XXX',
port: 5601 }
where the XX.XX... represent my EC2 instance IP address. It seems like something is already bound to port 5601. So I next issued sudo lsof -i:5601 and saw this output:
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME node 3676
> kibana 11u IPv4 14951 0t0 TCP localhost:esmagent (LISTEN)
I'm not at all experienced with Linux, but this appears to say that kibana is correctly bound to this port. So at this point, I'm fresh out of ideas. I've looked through SO posts like this one about the same issue, and have tried their answers (in the workflow above). Anyone have any ideas what's causing this error?
EDIT: I've been able to start Kibana on my local instance fine, and am able to connect to my ElasticSearch service. I just changed the settings in my local kibana.yml file to point to my EC2 instance port 9200. But I'd still love to know why I can't access Kibana on my EC2 instance!
This isn’t much of an answer since I’m not sure exactly what fixed the issue, but for future users going through a similar headache, I terminated my instance and reinstalled Java 8, Elastic Search and Kibana entirely. I made sure that ES and Kibana version numbers matched. For example, I was using 5.6 Kibana, but 2.x Elastic Search originally.
Then, make sure that your inbound Security Group settings allow TCP access to ports 9200 and 5601, for ES and Kibana.
Then, as mentioned in the comments, bind Kibana to 0.0.0.0. That’s what got mine working.
I know I’m not giving a good theoretical reason for the error, but perhaps this will help check a few things off the list for the next user.
这篇关于无法在EC2实例上远程访问Kibana的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
