Ec2 & public ip


(Karussell) #1

Hi,

I'm currently trying out Elasticsearch on an ec2 machine and
connecting to it via JSON or elasticsearch-head works using the public
IP. I simply want to make it insecure and open Elasticsearch to
everyone.

But using the transport client does not work - it waits some seconds
and then reports that there is no node available.
How can I tell elasticsearch to use the public IP adress as
elasticsearch says:
[2011-09-26 15:32:56,469][INFO ][transport ] [Starhawk]
bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/
THE_PRIVATE_IP:9300]}

I tried this in the config:

network.publish_host.ec2: publicIpv4

but it does not work. Also I do not understand why the ES-HEAD works
over 9200 and the transport client not, although both are binding to
the private adress (both ports + http are open). Can someone explain
this to a network noob :slight_smile: ?

Regards,
Peter.


(Paul Loy) #2

On Mon, Sep 26, 2011 at 4:43 PM, Karussell tableyourtime@googlemail.comwrote:

Hi,

I'm currently trying out Elasticsearch on an ec2 machine and
connecting to it via JSON or elasticsearch-head works using the public
IP. I simply want to make it insecure and open Elasticsearch to
everyone.

But using the transport client does not work - it waits some seconds
and then reports that there is no node available.
How can I tell elasticsearch to use the public IP adress as
elasticsearch says:
[2011-09-26 15:32:56,469][INFO ][transport ] [Starhawk]
bound_address {inet[/0:0:0:0:0:0:0:0:9300]}, publish_address {inet[/
THE_PRIVATE_IP:9300]}

I tried this in the config:

network.publish_host.ec2: publicIpv4

but it does not work. Also I do not understand why the ES-HEAD works
over 9200 and the transport client not, although both are binding to
the private adress (both ports + http are open). Can someone explain
this to a network noob :slight_smile: ?

Regards,
Peter.

I think the config is slightly wrong, try this:

network.publish_host: ec2:publicIpv4


Paul Loy
paul@keteracel.com
http://uk.linkedin.com/in/paulloy


(Karussell) #3

Cool, thanks Paul! now ES reports the public ip:

transport] [Razor Fist] bound_address {inet[/0:0:0:0:0:0:0:0:9300]},
publish_address {inet[/PUBLIC_IP:9300]}

but the transport client connection is not working.Not sure if this is
related but ES still reports private IP adresses at several points in
the logs:


(Karussell) #4

Do i need to configure the TransportClient (which is not on an ec2
machine) in a different way than the data node?

On 26 Sep., 19:03, Karussell tableyourt...@googlemail.com wrote:

Cool, thanks Paul! now ES reports the public ip:

transport] [Razor Fist] bound_address {inet[/0:0:0:0:0:0:0:0:9300]},
publish_address {inet[/PUBLIC_IP:9300]}

but the transport client connection is not working.Not sure if this is
related but ES still reports private IP adresses at several points in
the logs:

https://gist.github.com/1242740


(Shay Banon) #5

The log that you see means that when a nodes starts up, and tries to check
for the list of nodes to connect to, it goes to the amazon API and fetches
the list of machines. By default, it will use the private IP to try and
connect to the node. You don't really need to change, but you can, by
setting discovery.ec2.host_type to public_ip.

The instance started binds to "any host" address. The fact that you can
connect to it using elasticsearch-head means that it works host wise. Are
you sure you opened the 9300 port in the security group or other firewall
settings?

On Mon, Sep 26, 2011 at 8:08 PM, Karussell tableyourtime@googlemail.comwrote:

Do i need to configure the TransportClient (which is not on an ec2
machine) in a different way than the data node?

On 26 Sep., 19:03, Karussell tableyourt...@googlemail.com wrote:

Cool, thanks Paul! now ES reports the public ip:

transport] [Razor Fist] bound_address {inet[/0:0:0:0:0:0:0:0:9300]},
publish_address {inet[/PUBLIC_IP:9300]}

but the transport client connection is not working.Not sure if this is
related but ES still reports private IP adresses at several points in
the logs:

https://gist.github.com/1242740


(Karussell) #6

Hello Shay,

thanks for your answer!

I have re-enabled the port and but it is the same problem.
What I cannot understand is why I cannot even make it working when
using a ssh port forwarding:

ssh -l user -L 9999:localhost:9300 PUBLIC_IP

then using 9999 as port in the transport client (which btw does not
use the aws cloud settings)

I'll investigate it further ... :slight_smile:

Regards,
Peter.

On 26 Sep., 19:27, Shay Banon kim...@gmail.com wrote:

The log that you see means that when a nodes starts up, and tries to check
for the list of nodes to connect to, it goes to the amazon API and fetches
the list of machines. By default, it will use the private IP to try and
connect to the node. You don't really need to change, but you can, by
setting discovery.ec2.host_type to public_ip.

The instance started binds to "any host" address. The fact that you can
connect to it using elasticsearch-head means that it works host wise. Are
you sure you opened the 9300 port in the security group or other firewall
settings?

On Mon, Sep 26, 2011 at 8:08 PM, Karussell tableyourt...@googlemail.comwrote:

Do i need to configure the TransportClient (which is not on an ec2
machine) in a different way than the data node?

On 26 Sep., 19:03, Karussell tableyourt...@googlemail.com wrote:

Cool, thanks Paul! now ES reports the public ip:

transport] [Razor Fist] bound_address {inet[/0:0:0:0:0:0:0:0:9300]},
publish_address {inet[/PUBLIC_IP:9300]}

but the transport client connection is not working.Not sure if this is
related but ES still reports private IP adresses at several points in
the logs:

https://gist.github.com/1242740


(Karussell) #7

After creating a new ec2 machine it now works ...

On 27 Sep., 18:27, Karussell tableyourt...@googlemail.com wrote:

Hello Shay,

thanks for your answer!

I have re-enabled the port and but it is the same problem.
What I cannot understand is why I cannot even make it working when
using a ssh port forwarding:

ssh -l user -L 9999:localhost:9300 PUBLIC_IP

then using 9999 as port in the transport client (which btw does not
use the aws cloud settings)

I'll investigate it further ... :slight_smile:

Regards,
Peter.

On 26 Sep., 19:27, Shay Banon kim...@gmail.com wrote:

The log that you see means that when a nodes starts up, and tries to check
for the list of nodes to connect to, it goes to the amazon API and fetches
the list of machines. By default, it will use the private IP to try and
connect to the node. You don't really need to change, but you can, by
setting discovery.ec2.host_type to public_ip.

The instance started binds to "any host" address. The fact that you can
connect to it using elasticsearch-head means that it works host wise. Are
you sure you opened the 9300 port in the security group or other firewall
settings?

On Mon, Sep 26, 2011 at 8:08 PM, Karussell tableyourt...@googlemail.comwrote:

Do i need to configure the TransportClient (which is not on anec2
machine) in a different way than the data node?

On 26 Sep., 19:03, Karussell tableyourt...@googlemail.com wrote:

Cool, thanks Paul! now ES reports the public ip:

transport] [Razor Fist] bound_address {inet[/0:0:0:0:0:0:0:0:9300]},
publish_address {inet[/PUBLIC_IP:9300]}

but the transport client connection is not working.Not sure if this is
related but ES still reports private IP adresses at several points in
the logs:

https://gist.github.com/1242740


(system) #8