Elasticsearch 7.0 can't bind to private address


I've just set up two ES nodes on GCP VMs. However, I can't set up it in a way the two of those can discover each other by private IP and no requests for the public IP would be answered. The configuration on both nodes is this:

cluster.name: test_ES
node.name: ${HOSTNAME}
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: "node1-PrivateIP"
network.bind_host: "node1-PrivateIP"
discovery.zen.ping.unicast.hosts: ["node2-PrivateIP"]
cluster.initial_master_nodes: ["node1-PrivateIP", "node2-PrivateIP"]

Any ideas?

Thank you!

P.s.: I know that from 7.1 security is available for basic license but at the moment I need to work with 7.0 before upgrading.


can those two nodes reach other? can you ping them? can you call curl on the elasticsearch webserver from the other node? Any logging statements?

You also may want to take a look at the gce discovery plugin



Yes, the two nodes are working as expected, but the issue is that I can curl both servers from anywhere with the public IP.


can you reach the tcp port 9300 for each other as well? Elasticsearch nodes do not use HTTP to communicate with each other.

Sorry, I was on vacation. The cluster works as intended, but I thought that if I bind the IP's to the private address then it'll deny requests from outside the cluster.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.