Elasticsearch Network Bind for Public & Private

Hello,

I previously had a small ELK version 2.x stack deployment for a staging & qa environment, all 3 services running on a single node. Also had elasticsearch contactable locally by logstash & kibana eg. localhost & externally to locked down public IP's for quries by remote servers. I had this setup using network.bind_host: 0.0.0.0 in my elasticsearch config.

Looking to do the same with version 5.x but i seem unable to do so as the same cfg does not work nor does the half dozen other things i've tried.

Anything I try seems to only allow me to connect via one method eg. local only or public only ie. breaking my kibana trying to connect on locahost 9200.

How can achieve the same configuration having elasticsearch reachable via localhost and its public ip as I previously had setup via v2.x?

Cheers

To clarify, this is for an ec2 instance with an Elastic IP.

ElasticSearch needs to be reachable via logstash & kibana on localhost (served publicly via nginx) and remotely via curl on the ElasticIP:9200

Have you seen https://www.elastic.co/guide/en/elasticsearch/reference/5.3/modules-network.html#network-interface-values?

Also, 0.0.0.0 should bin to everything?

Yep that is the document I was going off of. Tried every value, "eth0", "0.0.0.0", etc.

Tentatively seems to work if I have the following cfg setings in addition to network.host: 0.0.0.0:

transport.host: localhost
transport.tcp.port: 9300
http.port: 9200
network.host: 0.0.0.0

Looks like you need other specific settings to go with what I am attempting, because I was either getting elasticsearch failing to start with no loopback errors or kibana failing to reach it on http://localhost:9200.

So I am guessing the network bound to public requires some additional settings for the transport host to be local.

Some clarity on this might be a good addition to the documents, I'm sure i wasted a day or two figuring this out for version 2.x thankfully only a morning this time.

1 Like

ok so the above was only working for access publicly via the elasticIP. however, kibana was failing on localhost, i had to directly specify the actual private ip of the server.

seems to work better with:

transport.host: localhost
transport.tcp.port: 9300
http.port: 9200
network.bind_host: 0.0.0.0

I guess this binds all? not 100% but its working. guess eth0 priv & public ip and the loopback address are bound, allowing for kibana to be configured as http://localhost:9200

hooray.

network.host: 0.0.0.0 should bind everything for HTTP and transport.

If not, can you show us the logs on startup.

Heres what happens with just "network.host: 0.0.0.0"

From es logs:

[2017-04-26T23:33:26,133][INFO ][o.e.n.Node ] initialized
[2017-04-26T23:33:26,134][INFO ][o.e.n.Node ] [mleWblr] starting ...
[2017-04-26T23:33:26,254][WARN ][i.n.u.i.MacAddressUtil ] Failed to find a usable hardware address from the network interfaces; using random bytes: d6:1d:6b:32:d5:99:50:6a
[2017-04-26T23:33:26,328][INFO ][o.e.t.TransportService ] [mleWblr] publish_address {10.10.1.142:9300}, bound_addresses {[::]:9300}
[2017-04-26T23:33:26,338][INFO ][o.e.b.BootstrapChecks ] [mleWblr] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks
[2017-04-26T23:33:26,341][ERROR][o.e.b.Bootstrap ] [mleWblr] node validation exception
bootstrap checks failed
memory locking requested for elasticsearch process but memory is not locked
[2017-04-26T23:33:26,353][INFO ][o.e.n.Node ] [mleWblr] stopping ...
[2017-04-26T23:33:26,397][INFO ][o.e.n.Node ] [mleWblr] stopped
[2017-04-26T23:33:26,397][INFO ][o.e.n.Node ] [mleWblr] closing ...
[2017-04-26T23:33:26,419][INFO ][o.e.n.Node ] [mleWblr] closed

From kibana:

plugin:elasticsearch@5.3.0 Unable to connect to Elasticsearch at http://localhost:9200.

What settings do you have at the moment?

kibana cfg = elasticsearch.url: "http://localhost:9200"

doesnt work with:

network.host: 0.0.0.0
http.port: 9200

works with:

network.bind_host: 0.0.0.0
node.master: true
node.data: true
transport.host: localhost
transport.tcp.port: 9300

1 Like

Please read https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.