When deploying on Ubuntu 20.04.2 LTS the following error appears:
TASK [geerlingguy.kibana : Ensure dependencies are installed.] ****************************************************************************************************** fatal: [dc2-elastic1]: FAILED! => {"changed": false, "msg": "No package matching 'gnupg2' is available"} fatal: [dc2-elastic2]: FAILED! => {"changed": false, "msg": "No package matching 'gnupg2' is available"}

At OS level:
`root@dc2-elastic1:~# apt-get install gnupg2
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package gnupg2 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
gpgv gpgsm gnupg-l10n gnupg dirmngr

E: Package 'gnupg2' has no installation candidate
`

root@dc2-elastic1:~# apt-get install gnupg Reading package lists... Done Building dependency tree Reading state information... Done gnupg is already the newest version (2.2.19-3ubuntu2.1). The following package was automatically installed and is no longer required: libnuma1 Use 'apt autoremove' to remove it. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

After installing 7.9.1 Kibana fails to start and I can see

Babel could not write cache to file: /usr/share/kibana/optimize/.babel_register_cache.json
due to a permission issue. Cache is disabled.
  log   [07:59:29.507] [warning][plugins-discovery] Expect plugin "id" in camelCase, but found: beats_management
  log   [07:59:29.514] [warning][plugins-discovery] Expect plugin "id" in camelCase, but found: triggers_actions_ui

in the logs

Running chown -R kibana:kibana /usr/share/kibana/optimize/ fixes this.

Using the steps outlined in the README.md:

- hosts: kibana
  roles:
    - geerlingguy.kibana

I'm greeted with this:

TASK [geerlingguy.kibana : Install Kibana.] *********************************************************
Sunday 21 August 2022  15:57:33 -0400 (0:00:01.106)       0:00:07.979 ********* 
fatal: [redacted]: FAILED! => changed=false 
  cache_update_time: 1661095691
  cache_updated: false
  msg: |-
    '/usr/bin/apt-get -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold"       install 'kibana=7.17.5'' failed: E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
    E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?
  rc: 100
  stderr: |-
    E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
    E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?
  stderr_lines: <omitted>
  stdout: ''
  stdout_lines: <omitted>

Presumably the entire role is meant to be run with become: true?

Hi

Thank you for maintaining this Ansible role.
Would be happy if you could add a kibana_extra_config config option as in your elasticsearch role.

Cheers
Sascha

No logrotate configuration are been pushed during installation step which caused some trouble in FS side if nothing is done on the kibana log directory

Hi!

I am trying to learn how to write molecule tests and I stumbled upon your blog and it mentioned tests on Ubuntu and CentOS.

I only see

  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=true cache_valid_time=600
      when: ansible_os_family == 'Debian'

Is it defined some otherways to also test in centos?

Source:
https://www.jeffgeerling.com/blog/2018/testing-your-ansible-roles-molecule

As in geerlingguy/ansible-role-logstash logstash_elasticsearch_hosts , enable kibana_elasticsearch_hosts, allowing to pass multiple elasticsearch hosts instead of only one.

Kibana 7.x fails to start with "FATAL Error: [elasticsearch.url]: definition for this key is missing"
As part of breaking changes on Kibana 7.x elasticsearch.url is deprecated and elasticsearch.hosts is used instead.
https://github.com/geerlingguy/ansible-role-kibana/blob/master/templates/kibana.yml.j2#L28

Running the role in a Ubuntu focal VM the first run fails because the service kibana doesn't exist after installing successfully the package.
Checking the service status with systemd, it answer that it doesn't exist.
After manually reloading systemd daemon, the service is there.
This could be solve using the systemd module instead of service, but I'm guessing you choose service because it handle other kind of systems (initd?).
So i could do a PR changing to systemd, or I could do one using systemd when a condition is true (I have to think the best way for this).
Any opinions?

The elasticsearch.url option has been removed in kibana version 7.x. It has been replaced by elasticsearch.hosts that accepts a list of hosts. The template shipping with the role will make 7.x fail.

Platform: CentOS 7.5.

In its original state, installing Kibana (version 6.5.4) fails with the following error message:

fatal: [12.34.56.78]: FAILED! => {"changed": false, "msg": "Failure talking to yum: failure: repodata/repomd.xml from kibana-6.5.4: [Errno 256] No more mirrors to try.\nhttps://artifacts.elastic.co/packages/6.5.4/yum/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found"}

I am able to get around this problem, by executing the following the tasks before ansible-role-kibana:

• name: Add Elasticsearch GPG key.
  rpm_key:
  key: https://artifacts.elastic.co/GPG-KEY-elasticsearch
  state: present

• name: Set fact kibana_version for kibana.repo.j2 template copy
  set_fact:
  kibana_version: "{{ kibana.kibana_version }}"

• name: Add Kibana repository.
  template:
  src: kibana.repo.j2
  dest: /etc/yum.repos.d/kibana.repo
  mode: 0644

• name: Set kibana-repository to be skipped if unavailable.
  shell: yum-config-manager --save --setopt={{ kibana.kibana_package }}-{{ kibana.kibana_version }}.skip_if_unavailable=true

• name: Install Kibana
  yum: name={{ kibana.kibana_package }}-{{ kibana.kibana_version }} state=present

The Kibana package has to be installed using "yum", using "package", as is used inside the ansible-role-kibana, will fail with the above error message. But now that the package is already installed, including role ansible-role-kibana will work.

But, after executing the role, it is crucial to set kibana-repository "skipped if unavailable" again, otherwise the next package being installed from yum, will fail with the same error message ("Failure talking to yum ..."). Although at this point, it is nearly the same to not use the role at all.

Any idea how the role could be fixed at the source, without needing these hacks?

quick fix: groupadd nginx ## re-run playbook again
suggested fix: add missing group creation to playbook

output (ubuntu 14.04.1LTS on vsphere 5.5):
TASK: [geerlingguy.kibana | Create Kibana user account.] **********************
failed: [10.0.x.xxx] => {"failed": true, "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/etc/nginx/conf.d/kibana.htpasswd", "size": 45, "state": "file", "uid": 0}
msg: chgrp failed: failed to look up group nginx

FATAL: all hosts have already failed -- aborting

Hey, thanks for writing this! One issue:

In roles/kibana/tasks/main.yml

The destination for kibana.yml should be:
/etc/kibana/kibana.yml and not /opt/kibana/config/kibana.yml"

Changing version of kibana does not install the changed version.

First I had it install the default Kibana: 4.6.1
Then I changed the version to 4.5
It downloads 4.5 but does not install it.

Hi,

Please can you create a new tag including the last commit done on master ?

Thank you

Just to know if an update to Kibana 4 is planed ?

Thanks,

in #40 I have proposed tweaks to documentation and new option to (not) add repository

Feature request:

Install Kibana plugins on demand.

Example:

- name: Kibana
  hosts: localhost
  become: true
  roles:
    - kibana
  plugins:
    - sense

We're not able to configure end-2-end encryption (frontend and Elasticsearch backend) with this role.

server.ssl.enabled: true server.ssl.certificate: /etc/kibana/certs/elk.crt server.ssl.key: /etc/kibana/certs/elk.key

elasticsearch.ssl.certificate: /etc/kibana/certs/elk.crt elasticsearch.ssl.key: /etc/kibana/certs/elk.key elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/certs/root.crt" ]

This option should be added, included with an optional upload of certificate files, like in the Elasticsearch role.

We are restricted to use ansible role as shown below

• role: geerlingguy.kibana
  kibana_version: "6.x"
  kibana_server_port: 5601
  kibana_server_host: "0.0.0.0"
  kibana_elasticsearch_url: "http://x.x.x.x:9200"

but this doesn't work

• role: geerlingguy.kibana
  kibana_version: "6.2.4"
  kibana_server_port: 5601
  kibana_server_host: "0.0.0.0"
  kibana_elasticsearch_url: "http://x.x.x.x:9200"