Elasticsearch 7.5.2 Cluster on EC2: Security Group

Hi There,

I'm testing out a 3 x ES Node cluster on EC2. When I set my Security Group to inbound allow all (outbound is allow all in all cases), the cluster has no issue.

But when I set a new SG to allow inbound 9200, 9300, 22, 443, 80 from ANY source ( and use it on 1 of the nodes, that node becomes disconnected with the rest of the cluster.

When i add a new rule to allow inbound any port from the any of the 3 nodes into the SG, the affected node can now join the cluster again.

Are there any additional ports I need to allow inbound for an EC2 ES cluster?

Thanks in advance!

By default Elasticsearch nodes communicate with each other on port 9300, but maybe you're not using the default config.

When the node disconnects from the cluster, it will likely log some useful details. Can you share the logs? Look in particular for messages from the ClusterFormationFailureHelper.

1 Like

Strangely when I took out the rules and put them back again, it works. Thanks for your help.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.