How to access Kibana through INGRESS


I am using Search guard version sg-sgadmin:7.1.0-35.0.0. I have installed search guard using HELM. I have an ingress proxy server already running on my Kubernetes cluster. It has its own certificate which verifies the DNS (lets say This certificate is generated using Lets encrypt.The search guard elastic stack setup uses its own random generated certificates, which is its default behavior. Now I want to access the Search Guard Kibana UI using this DNS ( I have already made changes in the ingress rules where open accessing the path search guard kibana service will be called (this service is exposed as of type ClusterIP).See ingress rules ````

  • backend:
    serviceName: elk11-sg-helm
    servicePort: 5601
    path: /kibana

When I access the https://DNS-Name/kibana from the chrome browser I get HTTP error 503. Kibana pod logs shows this message in iteration
{“type”:“response”,“@timestamp”:“2019-07-21T22:16:18Z”,“tags”:[“api”],“pid”:1,“method”:“get”,“statusCode”:200,“req”:{“url”:“/api/status”,“method”:“get”,“headers”:{“host”:“”,“user-agent”:“kube-probe/1.12”,“accept-encoding”:“gzip”,“connection”:“close”},“remoteAddress”:“”,“userAgent”:“”},“res”:{“statusCode”:200,“responseTime”:6,“contentLength”:9},“message”:“GET /api/status 200 6ms - 9.0B”}
Ingress controller pod shows log as - [] - - [21/Jul/2019:22:06:27 +0000] “GET /kibana HTTP/2.0” 503 599 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36” 313 0.000 [eic-elk11-sg-helm-5601] - - - - cf5c5c0e9cb2dd908f2450b716527e5d

So basically my objective is to access Kibana from a proxy server. How can I achieve this? As already asked in some of the previous questions, I was informed that I cannot use my own generated certificates with HELM as this feature is pending for implementation. I am stuck as this point. Plz help.


Can you please file an issue here: GitHub - floragunncom/search-guard-helm: Search Guard Helm Chart for Kubernetes

I have done as asked for. let me know if anything else is required.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.