Elasticsearch 7.0 can't bind to private address

YvorL · August 15, 2019, 2:21pm

Hi!

I've just set up two ES nodes on GCP VMs. However, I can't set up it in a way the two of those can discover each other by private IP and no requests for the public IP would be answered. The configuration on both nodes is this:

cluster.name: test_ES
node.name: ${HOSTNAME}
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: "node1-PrivateIP"
network.bind_host: "node1-PrivateIP"
discovery.zen.ping.unicast.hosts: ["node2-PrivateIP"]
cluster.initial_master_nodes: ["node1-PrivateIP", "node2-PrivateIP"]

Any ideas?

Thank you!

P.s.: I know that from 7.1 security is available for basic license but at the moment I need to work with 7.0 before upgrading.

spinscale · August 16, 2019, 1:43pm

hey,

can those two nodes reach other? can you ping them? can you call curl on the elasticsearch webserver from the other node? Any logging statements?

You also may want to take a look at the gce discovery plugin

--Alex

YvorL · August 16, 2019, 3:02pm

Hi!

Yes, the two nodes are working as expected, but the issue is that I can curl both servers from anywhere with the public IP.

YvorL

spinscale · August 19, 2019, 6:43am

can you reach the tcp port 9300 for each other as well? Elasticsearch nodes do not use HTTP to communicate with each other.

YvorL · August 28, 2019, 10:37am

Sorry, I was on vacation. The cluster works as intended, but I thought that if I bind the IP's to the private address then it'll deny requests from outside the cluster.

system · September 25, 2019, 10:41am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.