Deploying ES + Kibana on a Linux Server
Table of Contents
Troubleshooting notes
Still following the official documentation: https://www.elastic.co/guide/en/elasticsearch/reference/current/run-elasticsearch-locally.html
Prerequisites
Cloud server specs:
8 cores; 16 GB RAM; System disk: 100 GB; Data disk: 500 GB
TencentOS Server
ES and Kibana are each deployed in separate Docker containers.
Installation
Install Docker (steps omitted)
Configure environment variables:
export ELASTIC_PASSWORD="<ES_PASSWORD>" # password for "elastic" username
export KIBANA_PASSWORD="<KIB_PASSWORD>" # Used _internally_ by Kibana, must be at least 6 characters long
Install ES
docker network create elastic-net
docker run -p 0.0.0.0:9200:9200 -d --name elasticsearch --network elastic-net \
-e ELASTIC_PASSWORD=$ELASTIC_PASSWORD \
-e "discovery.type=single-node" \
-e "xpack.security.http.ssl.enabled=false" \
-e "xpack.license.self_generated.type=trial" \
docker.elastic.co/elasticsearch/elasticsearch:8.14.2
Install Kibana
# configure the Kibana password in the ES container
curl -u elastic:$ELASTIC_PASSWORD \
-X POST \
http://localhost:9200/_security/user/kibana_system/_password \
-d '{"password":"'"$KIBANA_PASSWORD"'"}' \
-H 'Content-Type: application/json'
docker run -p 0.0.0.0:4601:5601 -d --name kibana --network elastic-net \
-e ELASTICSEARCH_URL=http://elasticsearch:9200 \
-e ELASTICSEARCH_HOSTS=http://elasticsearch:9200 \
-e ELASTICSEARCH_USERNAME=kibana_system \
-e ELASTICSEARCH_PASSWORD=$KIBANA_PASSWORD \
-e "xpack.security.enabled=false" \
-e "xpack.license.self_generated.type=trial" \
docker.elastic.co/kibana/kibana:8.14.2
Two common pitfalls here:
- When configuring port forwarding, the host address must be set to
0.0.0.0instead of127.0.0.1to ensure external access. - When the Kibana host-side port forwarding is set to
5601, external access fails (reason unknown; suspected port conflict with another process).
Testing
ES
curl -u elastic:$ELASTIC_PASSWORD 127.0.0.1:9200
# For local testing, replace 127.0.0.1 with the host IP
Kibana
Access via browser: xxx.xxx.xxx.xxx:4601
Troubleshooting
Service Not Accessible from External Network
When creating the Docker container and configuring port forwarding, change 127.0.0.1 to 0.0.0.0 to listen on all available IPv4 addresses.
Kibana Not Accessible
Port forwarding was configured as 0.0.0.0:5601:5601.
Accessing xxx.xxx.xxx.xxx:5601 in the browser returns no response.
On the server, running:
curl 127.0.0.1:5601
returns immediately. Using the -v flag reveals that authentication credentials are required.
Restarting ES without setting the Kibana user password, then running the above command returns the page HTML — confirming the service is accessible server-side.
From the local machine:
curl xxx.xxx.xxx.xxx:5601
No response.
Searching online forums, most posts suggest modifying the Kibana configuration file \usr\share\elasticsearch\config\elasticsearch.yml:
network.host: 0.0.0.0
However, the configuration file already had this line set.
Status at this point: both local and server-side access to ES works; server-side access to Kibana works; local access to Kibana does not.
This indicates no network connectivity issue — the problem is likely that Kibana’s port 5601 is not accepting incoming data.
Checked firewall and security rules on both ends — no relevant rules found; disabling the firewall had no effect.
Used tcpdump to inspect packet traffic on port 5601:
tcpdump -i any -nn port 5601
No packets were captured when sending a request from the local machine, meaning Kibana never received the data.
Tried remapping the port to 4601 — external access succeeded.
Accessing via browser showed “Kibana server is not ready.”
This was because the Kibana account password had not been configured in ES. After reconfiguring and restarting the ES service, the issue was resolved.