Connection Refused when trying to connect using REST template client from outside

priyankajn · June 12, 2019, 11:09am

Hi, I have elastic search cluster of 2 nodes and trying to call the REST API from a spring boot application using a rest client. It's giving me connection refused error every time. It works when I set the network.host: 0.0.0.0
Since this is not recommended way for production server, what will work for production?

Elastic search cluster is working fine. My old settings which used to work with ES 6.6.1 is as follows:

network.host: local,host-1

The same setting does not work with ES 7.0.1

dadoonet · June 12, 2019, 11:28am

Why it's not recommended? Could you clarify?

priyankajn · June 12, 2019, 11:35am

Hi David,
I found out in some of the discussion forums that having the value 0.0.0.0 is not advisable for security reasons for PROD environment. Is it okay to use 0.0.0.0 in PROD environments?

Why it doesn't work when I bind to localhost and hostname both?

dadoonet · June 12, 2019, 12:39pm

You should not expose your cluster on internet for sure. Without any security, definitely.
But if you are in a backend layer, that's ok to expose elasticsearch to other backend machines like your own application.
If your application is not running on the same machine, then you need to define network.host to be reachable from the other application.

I wonder if you should write it that way though:

network.host: host-1, _local_

BTW this can be a bad practice as we recommend having 3 master eligible nodes in the cluster.

priyankajn · June 12, 2019, 2:46pm

My Applications are on the cloud. Both Elastic search and client are deployed on cloud. That's the reason I was trying to avoid using 0.0.0.0. ES nodes has a public IP and can be accessed from outside. Any suggestions how I can make it work?

Also I tried your suggestion of bringing the hostname before "local" and it did not work for me. I am getting the same connection refused error.

dadoonet · June 12, 2019, 3:06pm

Does cloud mean not secured for you? I mean that you can secure elasticsearch from 6.8 and 7.1.

Also I tried your suggestion of bringing the hostname before " local " and it did not work for me. I am getting the same connection refused error.

What are the logs then?

BTW did you look at Elastic Cloud: Hosted Elasticsearch, Hosted Search | Elastic?
Cloud by elastic is one way to have access to all features, all managed by us. Think about what is there yet like Security, Monitoring, Reporting, SQL, Canvas, APM, Logs UI, Infra UI and what is coming next ... It starts at around $15 per month IIRC.

priyankajn · June 13, 2019, 8:33am

We have our own hosted cloud environment where we want to run the Elastic search. Upgrading from v 6.6.1 to v 7.0.1.

Before the change:

publish_address {10.196.62.132:9200}, bound_addresses {10.196.62.132:9200}, {[::1]:9200}, {127.0.0.1:9200}

After the change:

publish_address {10.196.62.132:9200}, bound_addresses {10.196.62.132:9200}, {[::1]:9200}, {127.0.0.1:9200}

I just want to understand if there is any other setting that I can try instead of 0.0.0.0 in network.host to make it work? That means, I should be able to call the ES API from a rest client of my application.

dadoonet · June 13, 2019, 9:10am

So your application should be able to connect to:

10.196.62.132:9200 (from any machine)
[::1]:9200 (if the app runs on the same machine)
127.0.0.1:9200 (if the app runs on the same machine)

Is it the case?

priyankajn · June 13, 2019, 11:04am

If you look at the network.host, I am setting it to 'local' and hostname. I want to call the API using the hostname:9200, not the IP address.

network.host: local, host-1.abc.com

In logs:
publish_address {10.196.62.132:9200}, bound_addresses {10.196.62.132:9200}, {[::1]:9200}, {127.0.0.1:9200}

From my app I am calling http://host-1.abc.com:9200/_cat/count which is throwing Connection Refused exception.

dadoonet · June 13, 2019, 11:43am

What is the IP address of host-1.abc.com? Is it 10.196.62.132 or a public IP address? If the later, that's why it does not work.

priyankajn · June 14, 2019, 11:25am

When I do a nslookup I see this (from my app VM).

[root@host-1 opc]# nslookup host-1.abc.com
Server:         169.254.169.254
Address:        169.254.169.254#53

Non-authoritative answer:
Name:  host1.abc.com
Address: 10.196.62.132

I resolves to 2 IPs, but one of them is the one which is published by ES. Not sure why it doesn't work.

dadoonet · June 17, 2019, 4:42pm

Could you try with host1.abc.com instead of host-1.abc.com unless it's a typo?

priyankajn · June 18, 2019, 12:55am

host1.abc.com is just a dummy hostname
I am using the correct one everywhere.

Any idea?

dadoonet · June 20, 2019, 1:23pm

Any idea?

Running out ideas. And as I probably don't have the right names/IP may be you changed something in logs/config/... which makes that more complicated to diagnose.

Out of curiosity, are you exposing your cluster on internet and that's why you don't want to share the real logs, config?

system · July 18, 2019, 1:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.