Kibana 서버가 아직 준비되지 않았으며 Elasticsearch 노드로부터 버전 정보를 가져올 수 없습니다

안녕하세요, 저는 Docker Compose를 사용하여 Elastic과 Kibana를 실행하려고 합니다.
하지만 실행할 때 다음과 같은 오류가 발생합니다:

Kibana server is not ready yet.
아래는 제 docker ps -a 출력입니다:

docker ps -a
CONTAINER ID   IMAGE                                          COMMAND                  CREATED          STATUS          PORTS                                            NAMES
c19bf038aae9   focker.ir/kibana/kibana:8.13.4                 "/bin/tini -- /usr/l…"   12 minutes ago   Up 12 minutes   0.0.0.0:5601->5601/tcp                           kibana-elk
ab6f430d9049   focker.ir/elasticsearch/elasticsearch:8.13.4   "/bin/tini -- /usr/l…"   52 minutes ago   Up 52 minutes   0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp   ELK_LG

제 Elasticsearch 설정은 다음과 같습니다:

version: '3.7'

services:
  elasticsearch-elk:
    image: focker.ir/elasticsearch/elasticsearch:8.13.4
    container_name: ${NODE_NAME}
    restart: unless-stopped
    hostname: ${NODE_NAME}
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 131072
        hard: 131072
      nproc: 8192
      fsize: -1
    networks:
      - elk-network
    ports:
      - 9200:9200/tcp
      - 9300:9300/tcp
    volumes:
      - $PWD/var/lib/elasticsearch:/usr/share/elasticsearch/data
      - $PWD/etc/certs:/usr/share/elasticsearch/config/certificates
    environment:
      ES_JAVA_OPTS: '-Xms12g -Xmx12g'
      ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
      cluster.name: single-node-cluster
      node.name: elasticsearch-elk
      bootstrap.memory_lock: 'true'
      network.bind_host: 0.0.0.0
      network.publish_host: 172.31.0.74
      http.port: 9200
      discovery.type: single-node
      indices.query.bool.max_clause_count: 8192
      search.max_buckets: 250000
      action.destructive_requires_name: 'true'
      xpack.security.http.ssl.key: /usr/share/elasticsearch/config/certificates/node.key
      xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/certificates/node.pem
      xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/root-ca.pem
      xpack.security.http.ssl.verification_mode: 'none'
      xpack.security.http.ssl.enabled: 'true'
      xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/certificates/node.key
      xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/certificates/node.pem
      xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/root-ca.pem
      xpack.security.transport.ssl.verification_mode: 'none'
      xpack.security.transport.ssl.enabled: 'true'
      xpack.security.enabled: 'true'
      xpack.security.audit.enabled: 'false'

networks:
  elk-network:
    external: true

또한, 여기는 docker network inspect 결과입니다:

[
    {
        "Name": "elk-network",
        "Id": "59102b6438e42a7cdb7370bf32ab31d9c684ddc37af9e6a305b6a8503fcebc9c",
        "Created": "2024-05-15T10:17:33.212808194+03:30",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.22.0.0/16",
                    "Gateway": "172.22.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "ab6f430d9049283a02409acd2abf41553e571f5a973ed6c7c6138da31bf3645e": {
                "Name": "ELK_LG",
                "EndpointID": "3b60af61d274fa56a9706c37fb80b49cc614c2a46ac89858e79b67ca1a1a750d",
                "MacAddress": "02:42:ac:16:00:02",
                "IPv4Address": "172.22.0.2/16",
                "IPv6Address": ""
            },
            "c19bf038aae98277c9a6d605e8e7cbf09885288689ccafbec74088ac9a3ca9e6": {
                "Name": "kibana-elk",
                "EndpointID": "7da0a0cdfb6ba629b0e2e22515e81e8b90f849f99fed25f0f878ee2a17c36a50",
                "MacAddress": "02:42:ac:16:00:03",
                "IPv4Address": "172.22.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

그리고 여기는 프로덕션 환경이 아닌 제 .env 파일입니다:

ELASTIC_USER=elastic
ELASTIC_PASSWORD=oxe2NqMmH3nNTL
NODE_NAME=ELK_LG

그리고 마지막으로 Kibana 컨테이너 로그는 다음과 같습니다:

docker logs -f kibana-elk
Kibana is currently running with legacy OpenSSL providers enabled! For details and instructions on how to disable see Use Kibana in a production environment | Kibana Guide [8.13] | Elastic
{“log.level”:“info”,“@timestamp”:“2024-05-15T09:21:52.836Z”,“log.logger”:“elastic-apm-node”,“ecs.version”:“8.10.0”,“agentVersion”:“4.4.0”,“env”:{“pid”:7,“proctitle”:“/usr/share/kibana/bin/../node/bin/node”,“os”:“linux 5.15.0-105-generic”,“arch”:“x64”,“host”:“KIB_NODE_ELK”,“timezone”:“UTC+00”,“runtime”:“Node.js v20.12.2”},“config”:{“active”:{“source”:“start”,“value”:true},“breakdownMetrics”:{“source”:“start”,“value”:false},“captureBody”:{“source”:“start”,“value”:“off”,“commonName”:“capture_body”},“captureHeaders”:{“source”:“start”,“value”:false},“centralConfig”:{“source”:“start”,“value”:false},“contextPropagationOnly”:{“source”:“start”,“value”:true},“environment”:{“source”:“start”,“value”:“production”},“globalLabels”:{“source”:“start”,“value”:[[“git_rev”,“f5dc24d1969f80e4aa3ced7cc375dd00554f8c0c”]],“sourceValue”:{“git_rev”:“f5dc24d1969f80e4aa3ced7cc375dd00554f8c0c”}},“logLevel”:{“source”:“default”,“value”:“info”,“commonName”:“log_level”},“metricsInterval”:{“source”:“start”,“value”:120,“sourceValue”:“120s”},“serverUrl”:{“source”:“start”,“value”:“https://kibana-cloud-apm.apm.us-east-1.aws.found.io/“,“commonName”:“server_url”},“transactionSampleRate”:{“source”:“start”,“value”:0.1,“commonName”:“transaction_sample_rate”},“captureSpanStackTraces”:{“source”:“start”,“sourceValue”:false},“secretToken”:{“source”:“start”,“value”:”[REDACTED]",“commonName”:“secret_token”},“serviceName”:{“source”:“start”,“value”:“kibana”,“commonName”:“service_name”},“serviceVersion”:{“source”:“start”,“value”:“8.13.4”,“commonName”:“service_version”}},“activationMethod”:“require”,“message”:"Elastic APM Node.js Agent v4.4.0”}
Native global console methods have been overridden in production environment.
[2024-05-15T09:21:55.363+00:00][INFO ][root] Kibana is starting
[2024-05-15T09:21:55.448+00:00][INFO ][node] Kibana process configured with roles: [background_tasks, ui]
[2024-05-15T09:22:06.687+00:00][INFO ][plugins-service] The following plugins are disabled: “cloudChat,cloudExperiments,cloudFullStory,profilingDataAccess,profiling,securitySolutionServerless,serverless,serverlessObservability,serverlessSearch”.
[2024-05-15T09:22:06.793+00:00][INFO ][http.server.Preboot] http server running at http://0.0.0.0:5601
[2024-05-15T09:22:06.993+00:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
[2024-05-15T09:22:07.080+00:00][WARN ][config.deprecation] The default mechanism for Reporting privileges will work differently in future versions, which will affect the behavior of this cluster. Set “xpack.reporting.roles.enabled” to “false” to adopt the future behavior before upgrading.
[2024-05-15T09:22:11.606+00:00][INFO ][plugins-system.standard] Setting up [149] plugins: [devTools,translations,share,screenshotMode,usageCollection,telemetryCollectionManager,telemetryCollectionXpack,taskManager,kibanaUsageCollection,cloud,newsfeed,savedObjectsFinder,noDataPage,monitoringCollection,licensing,mapsEms,globalSearch,globalSearchProviders,features,guidedOnboarding,banners,licenseApiGuard,customBranding,ftrApis,fieldFormats,expressions,screenshotting,esUiShared,customIntegrations,contentManagement,dataViews,home,searchprofiler,painlessLab,management,spaces,security,telemetry,licenseManagement,snapshotRestore,lists,files,encryptedSavedObjects,eventLog,actions,notifications,cloudDataMigration,advancedSettings,grokdebugger,console,bfetch,data,savedObjectsTagging,savedObjectsManagement,unifiedSearch,graph,alerting,embeddable,uiActionsEnhanced,savedSearch,presentationUtil,expressionShape,expressionRevealImage,expressionRepeatImage,expressionMetric,expressionImage,controls,fileUpload,ingestPipelines,ecsDataQualityDashboard,dataViewFieldEditor,dataViewManagement,charts,watcher,visualizations,visTypeXy,visTypeVislib,visTypeVega,visTypeTimeseries,visTypeTimelion,visTypeTagcloud,visTypeTable,visTypeMetric,visTypeMarkdown,visTypeHeatmap,inputControlVis,expressionTagcloud,expressionPartitionVis,visTypePie,expressionMetricVis,expressionLegacyMetricVis,expressionHeatmap,expressionGauge,visTypeGauge,eventAnnotation,expressionXY,dashboard,lens,triggersActionsUi,transform,stackConnectors,stackAlerts,ruleRegistry,cases,timelines,sessionView,kubernetesSecurity,threatIntelligence,metricsDataAccess,aiops,links,discover,reporting,canvas,fleet,osquery,logsExplorer,indexManagement,rollup,remoteClusters,crossClusterReplication,indexLifecycleManagement,datasetQuality,cloudSecurityPosture,cloudDefend,discoverEnhanced,maps,dataVisualizer,ml,observabilityAIAssistant,logsShared,observabilityLogsExplorer,enterpriseSearch,observability,uptime,synthetics,observabilityOnboarding,elasticAssistant,securitySolution,securitySolutionEss,dashboardEnhanced,apmDataAccess,infra,upgradeAssistant,monitoring,logstash,assetManager,apm,ux]
[2024-05-15T09:22:11.900+00:00][INFO ][plugins.taskManager] TaskManager is identified by the Kibana UUID: e45dd955-125c-450e-8fcb-2ae4a1b863fd
[2024-05-15T09:22:12.416+00:00][INFO ][custom-branding-service] CustomBrandingService registering plugin: customBranding
[2024-05-15T09:22:13.222+00:00][WARN ][plugins.screenshotting.config] Chromium sandbox provides an additional layer of protection, but is not supported for Linux Ubuntu 20.04 OS. Automatically setting ‘xpack.screenshotting.browser.chromium.disableSandbox: true’.
[2024-05-15T09:22:13.713+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
[2024-05-15T09:22:13.754+00:00][WARN ][plugins.security.config] Session cookies will be transmitted over insecure connections. This is not recommended.
[2024-05-15T09:22:13.990+00:00][INFO ][plugins.encryptedSavedObjects] Hashed ‘xpack.encryptedSavedObjects.encryptionKey’ for this instance: +rW6aIzGO0BucOtdK6SaIjrcIqw3Lr+VwtL7U3j3C68=
[2024-05-15T09:22:14.199+00:00][INFO ][plugins.notifications] Email Service Error: Email connector not specified.
[2024-05-15T09:22:14.551+00:00][INFO ][plugins.alerting] using indexes and aliases for persisting alerts
[2024-05-15T09:22:17.617+00:00][INFO ][plugins.cloudSecurityPosture] Registered task successfully [Task: cloud_security_posture-stats_task]
[2024-05-15T09:22:21.650+00:00][INFO ][plugins.securitySolution.endpoint:user-artifact-packager:1.0.0] Registering endpoint:user-artifact-packager task with timeout of [20m], interval of [60s] and policy update batch size of [25]
[2024-05-15T09:22:22.262+00:00][INFO ][plugins.assetManager] Server is NOT enabled
[2024-05-15T09:22:22.885+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception
Root causes:
security_exception: unable to authenticate user [kibana_system] for REST request [/_nodes?filter_path=nodes..version%2Cnodes..http.publish_address%2Cnodes.*.ip]
[2024-05-15T09:22:23.818+00:00][INFO ][plugins.screenshotting.chromium] Browser executable: /usr/share/kibana/node_modules/@kbn/screenshotting-plugin/chromium/headless_shell-linux_x64/headless_shell

문제를 해결해줄 수 있나요? 정말 도움이 필요합니다!

원인인지는 확실하지 않지만 오타가 있습니다.
focker.ir/kibana/kibana:8.13.4는 docker.ir/kibana/kibana:8.13.4이어야 하고,
focker.ir/elasticsearch/elasticsearch:8.13.4도 docker.ir/elasticsearch/elasticsearch:8.13.4이어야 합니다.

이것은 인증서(certificate) 문제입니다.
Docker에서 단일 노드 클러스터를 생성하면 Elasticsearch는 인증 기관(CA)과 함께 실행됩니다.
이 인증서는 Kibana, Elasticsearch 및 기타 Beats 간 통신에 필요합니다.

Transport 및 HTTP 계층을 위한 인증서와 키가 생성됩니다.
TLS(Transport Layer Security) 구성 설정은 elasticsearch.yml에 작성됩니다.
Elastic 사용자에 대한 비밀번호가 생성되고, Kibana를 위한 등록 토큰(enrollment token)도 생성됩니다.

멀티 노드 클러스터를 생성하고 싶다면 다음 문서를 참조하세요:

command 섹션의 스크립트는 .ca 파일로부터 .crt 및 .key 인증서를 생성하며,
이 인증서들은 Docker Compose 파일에서 사용해야 합니다.