I'm testing out a 3 x ES Node cluster on EC2. When I set my Security Group to inbound allow all (outbound is allow all in all cases), the cluster has no issue.
But when I set a new SG to allow inbound 9200, 9300, 22, 443, 80 from ANY source (0.0.0.0/0) and use it on 1 of the nodes, that node becomes disconnected with the rest of the cluster.
When i add a new rule to allow inbound any port from the any of the 3 nodes into the SG, the affected node can now join the cluster again.
Are there any additional ports I need to allow inbound for an EC2 ES cluster?
By default Elasticsearch nodes communicate with each other on port 9300, but maybe you're not using the default config.
When the node disconnects from the cluster, it will likely log some useful details. Can you share the logs? Look in particular for messages from the ClusterFormationFailureHelper.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.