Connect ECONNREFUSED 192.168.138.12:9200

Elastic Stack Kibana
1

Hello,

This is odd, I got this working on an old Ubuntu VM and old Docker/Compose, it might not be this, but I've build a new Ubunutu server and with all the latest versions and can't get Elastisearch/Kibana to work.

It takes minutes to setup via here, maybe someone can test too? ElastiFlow-Tools/docker_install at main · elastiflow/ElastiFlow-Tools · GitHub

CONTAINER ID   IMAGE                                                  COMMAND                  CREATED        STATUS                    PORTS                                       NAMES
c38cafd4ea96   docker.elastic.co/kibana/kibana:8.14.0                 "/bin/tini -- /usr/l…"   11 hours ago   Up 11 hours (unhealthy)   0.0.0.0:5601->5601/tcp, :::5601->5601/tcp   mydocker-kibana-1
af12282fd456   docker.elastic.co/elasticsearch/elasticsearch:8.14.0   "/bin/tini -- /usr/l…"   11 hours ago   Up 11 hours (healthy)     9200/tcp, 9300/tcp                          mydocker-setup-1
f859e48941fb   elastiflow/flow-collector:7.1.1                        "/bin/sh -c $BINARY_…"   11 hours ago   Up 11 hours                                                           flow-collector

Logs

[2024-08-04T06:27:41.883+00:00][ERROR][plugins.security.authentication] License information could not be obtained from Elasticsearch due to an error: getaddrinfo EAI_AGAIN es01

So it can't get to es01. I've not added es01 to DNS as I have never had to before, should I add to the VMs local host file?

If I add es01 to the local host file as 127.0.0.1

[2024-08-04T06:30:43.325+00:00][WARN ][plugins.securitySolution] Unable to verify endpoint policies in line with license change: failed to fetch package policies: connect ECONNREFUSED 127.0.0.1:9200

If I change the local host to use the real IP I get the same issue:

[2024-08-04T06:32:24.021+00:00][ERROR][plugins.security.authentication] License information could not be obtained from Elasticsearch due to an error: connect ECONNREFUSED 192.168.138.12:9200
[2024-08-04T06:32:24.030+00:00][WARN ][plugins.licensing] License information could not be obtained from Elasticsearch due to ConnectionError: connect ECONNREFUSED 192.168.138.12:9200 error
Kibana

config

  kibana:
    depends_on:
      es01:
        condition: service_healthy
    image: docker.elastic.co/kibana/kibana:${STACK_VERSION}
    volumes:
      - certs:/usr/share/kibana/config/certs
      - kibanadata:/usr/share/kibana/data
    ports:
      - ${KIBANA_PORT}:5601
    environment:
      - SERVERNAME=kibana
      - ELASTICSEARCH_HOSTS=https://es01:9200
      - ELASTICSEARCH_USERNAME=kibana_system
      - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
    mem_limit: ${MEM_LIMIT}
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
        ]
      interval: 10s
      timeout: 10s
      retries: 120

I'm sure it's something simple I'm doing wrong.