一、通過nginx代理kibana並實現登陸認證
1、安裝nginx
1、編譯安裝nginx服務
[root@elk-1 nginx-1.14.2]# tar xvf nginx-1.14.2.tar.gz [root@elk-1 nginx-1.14.2]# cd nginx-1.14.2/ [root@elk-1 nginx-1.14.2]# ./configure --prefix=/apps/nginx [root@elk-1 nginx-1.14.2]# make -j 2 && make install
2、修改nginx配置文件,定義一個認證kibana.conf的文件
[root@elk-1 ~]# vim /apps/nginx/conf/nginx.conf include /apps/nginx/conf.d/*.conf; # 在最后一行大括號內定義include } [root@elk-1 ~]# mkdir /apps/nginx/conf.d # 創建一個此目錄
3、在/apps/nginx/conf.d目錄下創建一個域名訪問的kibana.conf配置文件
[root@elk-1 conf.d]# cat kibana.conf
upstream kibana_server {
server 127.0.0.1:5601 weight=1 max_fails=3 fail_timeout=60;
}
server {
listen 80;
server_name kibana-net.com; # 定義域名
auth_basic "Restricted Access";
auth_basic_user_file /apps/nginx/conf/htpasswd.users;
location / {
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
4、在hosts文件中進行域名解析
[root@elk-1 conf.d]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.7.100 kibana-net.com
在本機也需要修改host文件:C:\Windows\System32\drivers\etc
2、開始對nginx加密認證
1、在centos系統安裝httpd-tools包,里邊有一個htpasswd命令,可以創建用戶並進行加密設置
# yum install httpd-tools -y
2、創建一個用戶名,並設置一個秘密
[root@elk-1 conf.d]# htpasswd -bc /apps/nginx/conf/htpasswd.users liu 123456 # 第一次創建目錄可以加上-c選項,第二次創建第二個賬號,就不能再添加-c選項,賬號是liu ,密碼是123456 Adding password for user liu [root@elk-1 conf.d]# htpasswd -b /apps/nginx/conf/htpasswd.users ma 123456 Adding password for user ma
3、啟動nginx服務
# /apps/nginx/sbin/nginx
3、在網頁上訪問kibana域名
1、此時訪問的域名就需要輸入密碼
