Kibana Reverse Proxy - cchantra/bigdata.github.io GitHub Wiki

Since Kibana cannot be accessed remotedly, we have do to ssh tunnel to access the via localhost:5601. We can do reverse proxy to solve this. So, we can access http://10.3.132.216:8001 to access kibana page.

(Ref: https://phoenixnap.com/kb/kibana-nginx-proxy)

Modify the configuration for elasticsearch

cd ~/elasticsearch
vi config/elasticsearch.yml

find the two lines:

http.port: 9200
network.host: localhost

Modify the configuration for kibana

cd ~/elasticsearch
vi config/kibana.yml

find the two lines:

server.host: "localhost"
server.port: 5601

save the files and restart kibana and elasticsearch service

sudo systemctl daemon-reload
sudo systemctl restart elastic.service
sudo systemctl restart kibana.service

Configure NGINX and Kibana

Install nginx

sudo apt install nginx apache2-utils

If it does not succeed, you may get error dependency version.

(https://fixingitpro.com/2023/12/08/nginx-install-fails-on-ubuntu-22-04-jammy-jellyfish-if-ipv6-is-disabled/)

vi /etc/nginx/sites-available/default

Find the line that reads listen [::]:80 default_server;

Add a # to the start of the line so it shows :

#listen [::]:80 default_server;

and save it.

Rerun

sudo apt install nginx apache2-utils

Create password for NGINX

sudo htpasswd -c /etc/nginx/htpasswd.users [username]

where my case username is hadoop

sudo htpasswd -c /etc/nginx/htpasswd.users hadoop

type password two times: I typed hadoop hadoop

edit the configuration for reverse proxy

sudo vi /etc/nginx/sites-available/kibana

add the following. I run NGINX at 8001 and reverse proxy to localhost:5601 (kibana). The user name/password file as previous /etc/nginx/htpasswd.users

server {
    listen 8001;
    server_name localhost;
    location / {
        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/htpasswd.users;
        proxy_pass http://localhost:5601;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

save the file. create symbolic link to the file.

sudo ln -s /etc/nginx/sites-available/kibana /etc/nginx/sites-enabled/

Then allow the port

sudo ufw allow 8001/tcp

Restart NGINX

sudo service nginx restart
sudo service nginx kibana

Test the service

Open web browser http://:8001

eg.

Enter username /password created earlier. (my case hadoop/hadoop)

It will redirect to kibana