Hi, I have elastic search cluster of 2 nodes and trying to call the REST API from a spring boot application using a rest client. It's giving me connection refused error every time. It works when I set the network.host: 0.0.0.0
Since this is not recommended way for production server, what will work for production?
Elastic search cluster is working fine. My old settings which used to work with ES 6.6.1 is as follows:
network.host: local,host-1
The same setting does not work with ES 7.0.1
Why it's not recommended? Could you clarify?
Hi David,
I found out in some of the discussion forums that having the value 0.0.0.0 is not advisable for security reasons for PROD environment. Is it okay to use 0.0.0.0 in PROD environments?
Why it doesn't work when I bind to localhost and hostname both?
You should not expose your cluster on internet for sure. Without any security, definitely.
But if you are in a backend layer, that's ok to expose elasticsearch to other backend machines like your own application.
If your application is not running on the same machine, then you need to define network.host to be reachable from the other application.
I wonder if you should write it that way though:
network.host: host-1, _local_
BTW this can be a bad practice as we recommend having 3 master eligible nodes in the cluster.
My Applications are on the cloud. Both Elastic search and client are deployed on cloud. That's the reason I was trying to avoid using 0.0.0.0. ES nodes has a public IP and can be accessed from outside. Any suggestions how I can make it work?
Also I tried your suggestion of bringing the hostname before "local" and it did not work for me. I am getting the same connection refused error.
Does cloud mean not secured for you? I mean that you can secure elasticsearch from 6.8 and 7.1.
Also I tried your suggestion of bringing the hostname before " local " and it did not work for me. I am getting the same connection refused error.
What are the logs then?
BTW did you look at Elastic Cloud: Hosted Elasticsearch, Hosted Search | Elastic?
Cloud by elastic is one way to have access to all features, all managed by us. Think about what is there yet like Security, Monitoring, Reporting, SQL, Canvas, APM, Logs UI, Infra UI and what is coming next 
... It starts at around $15 per month IIRC.
We have our own hosted cloud environment where we want to run the Elastic search. Upgrading from v 6.6.1 to v 7.0.1.
Before the change:
publish_address {10.196.62.132:9200}, bound_addresses {10.196.62.132:9200}, {[::1]:9200}, {127.0.0.1:9200}
After the change:
publish_address {10.196.62.132:9200}, bound_addresses {10.196.62.132:9200}, {[::1]:9200}, {127.0.0.1:9200}
I just want to understand if there is any other setting that I can try instead of 0.0.0.0 in network.host to make it work? That means, I should be able to call the ES API from a rest client of my application.
So your application should be able to connect to:
10.196.62.132:9200 (from any machine)[::1]:9200 (if the app runs on the same machine)127.0.0.1:9200 (if the app runs on the same machine)Is it the case?
If you look at the network.host, I am setting it to 'local' and hostname. I want to call the API using the hostname:9200, not the IP address.
network.host: local, host-1.abc.com
In logs:
publish_address {10.196.62.132:9200}, bound_addresses {10.196.62.132:9200}, {[::1]:9200}, {127.0.0.1:9200}
From my app I am calling http://host-1.abc.com:9200/_cat/count which is throwing Connection Refused exception.
What is the IP address of host-1.abc.com? Is it 10.196.62.132 or a public IP address? If the later, that's why it does not work.
When I do a nslookup I see this (from my app VM).
[root@host-1 opc]# nslookup host-1.abc.com
Server: 169.254.169.254
Address: 169.254.169.254#53
Non-authoritative answer:
Name: host1.abc.com
Address: 10.196.62.132
I resolves to 2 IPs, but one of them is the one which is published by ES. Not sure why it doesn't work.
Could you try with host1.abc.com instead of host-1.abc.com unless it's a typo?
host1.abc.com is just a dummy hostname 
I am using the correct one everywhere.
Any idea?
Any idea?
Running out ideas. And as I probably don't have the right names/IP may be you changed something in logs/config/... which makes that more complicated to diagnose.
Out of curiosity, are you exposing your cluster on internet and that's why you don't want to share the real logs, config?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.