Add a new documentation page on Load Balancing Across Multiple Kibana Instances

[ppf2]

There is an increasing # of reports from the field from users who have set up multiple load-balanced Kibana instances seeing sessions getting invalidated and Kibana users required to login frequently. This is because Kibana encrypts the session cookie with the value of xpack.security.encryptionKey. If you do not set xpack.security.encryptionKey in your kibana.yml then every time kibana starts it will generate a new value. So it is important for these setups to set xpack.security.encryptionKey explicitly and to the same value on each Kibana server. Same thing for xpack.reporting.encryptionKey if Reporting is used.

It will be helpful to add a new page Using Kibana in a Production Environment > Load Balancing Across Multiple Kibana Instances to cover such important requirements.

Linking to the parent production doc improvement ticket (#5347). I am filing this as a separate ticket so the details above will not get lost in a long comment thread in the parent ticket :)

[MorrieAtElastic]

I'd also like to raise the question of whether setting xpack.security.encryptionKey and possibly also xpack.security.secureCookies is sufficient to support multiple kibana instances running behind a load balance and/or proxy. While the current documentation of xpack.security.secureCookies does mention using the parameter with load balancers and proxies , the discussion of xpack.security.encryptionKey says nothing about load balancers and proxies; and I am unclear how session persistence in enabling ~encryption key on separate Kibana instances would support multiple concurrent sessions on each of the instances.

Please add to the list of scheduled improvements in Kibana documentation a discussion of how to enable Kibana for multiple concurrent sessions behind a load balancer, and specifically which xpack.security parameters.