背景说明

由于kibana界面默认没有安全认证界面，为了保证安全，通过nginx进行代理并设置访问认证。

配置kibana

[root@kibana ~]# vim /etc/kibana/kibana.yml
server.host: "127.0.0.1"    #将监听地址更改为127.0.0.1
[root@kibana ~]# systemctl restart kibana.service 
[root@kibana ~]# netstat -lntp|grep 5601
tcp        0      0 127.0.0.1:5601          0.0.0.0:*               LISTEN      7981/node   

部署nginx

1.安装nginx

[root@kibana ~]# yum -y install nginx

2.配置nginx代理
i.安装 httpd-tools，该包中携带了 htpasswd 命令

[root@kibana ~]# yum install httpd-tools -y

ii.创建新的密码文件, -c 创建新文件 -b 允许命令行输入密码

[root@kibana ~]# htpasswd -b -c /etc/nginx/auth_conf admin 123456
Adding password for user admin
[root@kibana ~]# cat /etc/nginx/auth_conf
admin:$apr1$/smDbjnt$q/v5I0FiGJd1ycUp9pQey/

iii.配置nginxp配置文件
使用vim /etc/nginx/conf.d/kibana.conf创建kibana.conf文件，按i输入如下内容：

server {
    listen 80;
    server_name www.kibana.com;
    auth_basic "Auth access Kibana Input your Passwd!";
    auth_basic_user_file /etc/nginx/conf.d/auth_conf;
    location / {
        proxy_pass http://127.0.0.1:5061;
        include proxy_params;
    }
}

注意：proxy_params内容如下

[root@kibana ~]# cat /etc/nginx/proxy_params
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;

检测nginx语法并启动nginx

[root@kibana ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@kibana ~]# systemctl start nginx

检验测试

1.windows上添加hosts, 路径C:\Windows\System32\drivers\etc\hosts

10.0.0.54    www.kibana.com

2.测试验证