Cannot connect to localhost:9200 after installing search guard

vampire · August 30, 2019, 5:26pm

Hi Guys:

I am trying to install the Search guard 36.0.0 on Elasticsearch:7.1.1 using Docker. the Dockerfile looks like this

# https://github.com/elastic/elasticsearch-docker
FROM docker.elastic.co/elasticsearch/elasticsearch:7.1.1

COPY bin/ bin/
COPY config/elasticsearch.yml /usr/share/elasticsearch/config/elasticsearch.yml
COPY config/sg/CN=elasticsearch-0.elasticsearch-keystore.jks config/sg/CN=elasticsearch-0.elasticsearch-keystore.jks 
COPY config/sg/truststore.jks config/sg/truststore.jks 

# Search Guard plugin

RUN elasticsearch-plugin install --batch com.floragunn:search-guard-7:7.1.1-36.0.0 \
	&& chmod +x plugins/search-guard-7/tools/*.sh \
	&& chown -R elasticsearch config/sg/ \
	&& chmod -R go= config/sg/ 

# sgadmin and other third-party tools require a valid Java home
ENV JAVA_HOME /usr/share/elasticsearch/jdk
EXPOSE 9200 9300

COPY config/sg/CN=sgadmin-keystore.jks plugins/search-guard-7/tools
COPY config/sg/truststore.jks plugins/search-guard-7/tools
COPY config/sg/CN=elasticsearch-0.elasticsearch-keystore.jks plugins/search-guard-7/tools

and I have also downloaded the TLS certificates from the website. and setup the elasticsearch.yml file based on the README.md of the certificates. The elasticsearch.yml looks like the following:

---
## Default Elasticsearch configuration from Elasticsearch base image.
## https://github.com/elastic/elasticsearch/blob/master/distribution/docker/src/docker/config/elasticsearch.yml
#
cluster.name: "docker-cluster"
network.host: 0.0.0.0

# minimum_master_nodes need to be explicitly set when bound on a public IP
# set to 1 to allow single node clusters
# Details: https://github.com/elastic/elasticsearch/pull/17288
discovery.zen.minimum_master_nodes: 1

## Use single node discovery in order to disable production mode and avoid bootstrap checks
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html
#
discovery.type: single-node

## X-Pack settings
## see https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-xpack.html
#
xpack.license.self_generated.type: basic
xpack.security.enabled: false

## Search Guard
#
# searchguard.enterprise_modules_enabled: true
searchguard.ssl.http.enabled: true

searchguard.ssl.transport.keystore_filepath: sg/CN=elasticsearch-0.elasticsearch-keystore.jks
searchguard.ssl.transport.keystore_password: 6498ae88d9fa8f0f5424
searchguard.ssl.transport.truststore_filepath: sg/truststore.jks
searchguard.ssl.transport.truststore_password: eb78abdeb3026eb91afb
searchguard.ssl.transport.enforce_hostname_verification: false

searchguard.ssl.http.keystore_filepath: sg/CN=elasticsearch-0.elasticsearch-keystore.jks
searchguard.ssl.http.keystore_password: 6498ae88d9fa8f0f5424
searchguard.ssl.http.truststore_filepath: sg/truststore.jks
searchguard.ssl.http.truststore_password: eb78abdeb3026eb91afb


searchguard.authcz.admin_dn:
  - CN=sgadmin

#node.master: true
#node.data: false

I have successfully build the container using

docker run -d --name es -p 9200:9200 -p 9300:9300 -h elasticsearch-0.elasticsearch es:latest

However, when I ssh into the container docker exec -it 4f /bin/bas, and type curl localhost:9200

I got this error curl: (52) Empty reply from server

I have no idea where I done wrong, please help!

vampire · August 30, 2019, 6:26pm

problem solved, I need to use the

searchguard.ssl.http.enabled: false in the elasticsearch yaml file to enable the HTTPS, when running the curl localhost:9200

system · September 27, 2019, 6:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.