Elastic Cloud Elasticsearch with nginx reverse proxy

CrystalDesignDR · February 14, 2021, 11:02pm

Hi,
I'm trying to use nginx to have a better looking domain name for elastic cloud,
APM reverse proxy works so far, however the elasticsearch endpoint wont work, any ideas?

I've also tried everything listed here Nginx proxy for Elastic Cloud instance - Elastic Stack / Elasticsearch - Discuss the Elastic Stack

        location / {
          proxy_pass              https://uuid.apm.westeurope.azure.elastic-cloud.com/;
          proxy_set_header        X-Real-IP       $remote_addr;
        }
        location /es/ {
          proxy_pass              https://uuid.westeurope.azure.elastic-cloud.com:9243/;
          proxy_pass_request_headers      on;
          proxy_set_header Host uuid.westeurope.azure.elastic-cloud.com:9243;
        }
        location /apm/ {
          proxy_pass              https://uuid.apm.westeurope.azure.elastic-cloud.com/;
          proxy_set_header        X-Real-IP       $remote_addr;
        }

stephenb · February 12, 2021, 4:18pm

This is an excellent detailed article on how to do this by one of our engineers, I would highly recommend it.

CrystalDesignDR · February 15, 2021, 8:14am

Hi, thanks for your response, I actually went through this the other day, but no luck with this either.

#Neither this
        location /es/ {
          proxy_pass              https://xxElasticsearchUUIDxxx.westeurope.azure.elastic-cloud.com:9243/;
          proxy_set_header        X-Found-Cluster xxElasticsearchUUIDxxx;
        }

#nor this
        location /es/ {
          proxy_pass              https://xxElasticsearchUUIDxxx.westeurope.azure.elastic-cloud.com:9243/;
          proxy_http_version      1.1;
          proxy_set_header        Host xxElasticsearchUUIDxxx.westeurope.azure.elastic-cloud.com;
          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header        Connection "";
        }

#Nginx error log /var/log/nginx/error.log:

2021/02/15 08:01:40 [crit] 10965#0: *24 connect() to 20.50.174.29:9243 failed (13: Permission denied) while connecting to upstream, client: 20.82.106.29, server: my.customdomain.com, request: "GET /es/ HTTP/1.1", upstream: "https://20.50.174.29:9243/", host: "my.customdomain.com"

Running RHEL 7.9 with nginx/1.16.1 secured with Letsencrypt

Elastic Cloud on Azure WE

APM works as mentioned above, also briefly tried Kibana but wont work either (Kibana not important ATM though)

stephenb · February 16, 2021, 1:09am

Hi @CrystalDesignDR unfortunately my expertise does not lie in the reverse proxy space, I will poke around and see if anyone has a suggestion (no promises) perhaps @xeraa who wrote that article, might be able to comment. (no promises)

what does it look like if you just try to curl the elasticsearch endpoint what do you get?

One thing I did notice when I turned on the dev tools that that the headers from Kibana to Elasticsearch had the header defined as x-found-handling-cluster perhaps that header has changed.

CrystalDesignDR · February 16, 2021, 6:00am

Hi @stephenb thanks again for your response,
we figured it out, problem was with SELinux, it was set to enforcing. We turned it off and rebooted the server and now everything is working fine.
Config file (RHEL/CENTOS)

 vi /etc/selinux/config

set to permissive or disabled

SELINUX=disabled