Elasticsearch picking wrong port

harijld · November 15, 2022, 4:13pm

Hi Team,

I am facing strange behavior in prod environment.
I used same configuration in prod and DR servers but in prod its working fine, in DR elasticserch is not connecting to different node when I am configuring cluster.

in logs i saw its connecting to different port. i have mentioned 9200 in .yml file but its taking 9300 port.
But in prod servers its different behaviour. its taking 9200 port .

.yml file -

#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 0.0.0.0
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
**http.port: 9200**

#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["XXXX.YYYY.ab","XXXXX2.YYYYY.ab"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["XXXX.YYYY.ab"]
#
# For more information, consult the discovery and cluster formation module documentation.

from log file -

[2022-11-15T10:46:30,481][INFO ][o.e.t.n.NettyAllocator   ] [machine-46] creating NettyAllocator with the following configs: [name=elasticsearch_configured, chunk_size=1mb, suggested_max_allocation_size=1mb, factors={es.unsafe.use_netty_default_chunk_and_page_size=false, g1gc_enabled=true, g1gc_region_size=8mb}]
[2022-11-15T10:46:30,510][INFO ][o.e.i.r.RecoverySettings ] [machine-46] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2022-11-15T10:46:30,549][INFO ][o.e.d.DiscoveryModule    ] [machine-46] using discovery type [multi-node] and seed hosts providers [settings]
[2022-11-15T10:46:31,858][INFO ][o.e.n.Node               ] [machine-46] initialized
[2022-11-15T10:46:31,859][INFO ][o.e.n.Node               ] [machine-46] starting ...
[2022-11-15T10:46:31,887][INFO ][o.e.x.s.c.f.PersistentCache] [machine-46] persistent cache index loaded
[2022-11-15T10:46:31,888][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [machine-46] deprecation component started
**[2022-11-15T10:46:32,005][INFO ][o.e.t.TransportService   ] [machine-46] publish_address {10.00.00.00:9300}, bound_addresses {[::]:9300}**
[2022-11-15T10:46:32,247][INFO ][o.e.b.BootstrapChecks    ] [machine-46] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2022-11-15T10:46:32,251][INFO ][o.e.c.c.ClusterBootstrapService] [machine-46] this node has not joined a bootstrapped cluster yet; [cluster.initial_master_nodes] is set to XXXX.yyyy.ab
[2022-11-15T10:46:32,260][INFO ][o.e.c.c.ClusterBootstrapService] [machine-46] skipping cluster bootstrapping as local node does not match bootstrap requirements: [XXXX.yyyy.ab]
[2022-11-15T10:46:42,267][WARN ][o.e.c.c.ClusterFormationFailureHelper] [machine-46] master not discovered yet, this node has not previously joined a bootstrapped cluster, and this node must discover master-eligible nodes [DSPCLTIBELST1.network.sa] to bootstrap a cluster: have discovered [{machine-46}{xGG_f_I6QxSV7BE4RyCKBA}{3SbUxDaUT8KNyZHFMkFzEQ}{machine-46}{10.97.12.46}{10.97.12.46:9300}{cdfhilmrstw}, {machine-45}{dXWgJGseQYSLT6poxxSaAw}{hICJAM41Sm6PH5rYVODK8Q}{machine-45}{10.00.10.00}{00.00.00.00:9300}{cdfhilmrstw}]; discovery will continue using [10.00.00.00:9300] from hosts providers and [{machine-46}{xGG_f_I6QxSV7BE4RyCKBA}{3SbUxDaUT8KNyZHFMkFzEQ}{machine-46}{10.97.12.46}{10.97.12.46:9300}{cdfhilmrstw}] from last-known cluster state; node term 0, last-accepted version 0 in term 0

In yml i configured 9200 but its trying to use 9300.

Same configure file is working fine in another machine.

Christian_Dahlqvist · November 15, 2022, 4:18pm

Elasticsearch uses both ports 9200 and 9300. Port 9200 is for client traffic via HTTPS. Post 9300 is used for internal communication between nodes in the cluster.

harijld · November 15, 2022, 4:24pm

HI @Christian_Dahlqvist , Thanks for your quick response.
But i have explicitly mentioned http.port as a 9200 but its taking 9300. I think because of this elastic cluster set up is not working.

"
this node has not joined a bootstrapped cluster yet; [cluster.initial_master_nodes] is set to XXXX.yyyy.ab "

Christian_Dahlqvist · November 15, 2022, 4:32pm

That is for the transport service, which internal cluster communication.

harijld · November 16, 2022, 4:42am

Hi @Christian_Dahlqvist ,
Dahlqvist I agree with you, however I have an issue with the fact that we are in a restricted area and must expressly allow firewall rules to pass between the servers.

I've now opened the firewall rules between these two servers on ports 9200 and 9300.

Now, 9300 is being chosen for transportation.

It was using 9200 in several other machines, and the cluster arrangement was good.

However, I am unable to configure the cluster on these machines.

I believe there is a firewall problem affecting these 2 servers. because in our scenario we must explicitly open the firewall rules.

How can I obtain the ports that ES will utilize while configuring the cluster?

Christian_Dahlqvist · November 16, 2022, 5:39am

Those are the two default ports, so unless you have changed that those are the ones that need to be open. Port 9300 will be used for connections between nodes in the cluster and port 9200 is used by clients connecting to Elasticsearch.

harijld · November 16, 2022, 7:32am

HI @Christian_Dahlqvist ,

The configurations and ports are working fine in production region but its not working in DR regions.

elasticsearch.yml --

#
cluster.name: elastic-cluster
node.name: machine-45
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["ABC1.xxx.yy", "ABC2.xxx.yy"]
cluster.initial_master_nodes: ["ABC1.xxx.yy"]
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/elastic-stack-http.p12
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/elastic-stack-http.p12
  truststore.path: certs/elastic-stack-http.p12
http.host: 0.0.0.0

ELasticsearch logs-

[2022-11-16T01:49:46,686][INFO ][o.e.p.PluginsService     ] [machine-45] loaded module [x-pack-watcher]
[2022-11-16T01:49:46,686][INFO ][o.e.p.PluginsService     ] [machine-45] no plugins loaded
[2022-11-16T01:49:49,156][WARN ][stderr                   ] [machine-45] Nov 16, 2022 1:49:49 AM org.apache.lucene.store.MMapDirectory lookupProvider
[2022-11-16T01:49:49,156][WARN ][stderr                   ] [machine-45] WARNING: You are running with Java 19. To make full use of MMapDirectory, please pass '--enable-preview' to the Java command line.
[2022-11-16T01:49:49,172][INFO ][o.e.e.NodeEnvironment    ] [machine-45] using [1] data paths, mounts [[/ (/dev/sda3)]], net usable_space [44.5gb], net total_space [49.8gb], types [xfs]
[2022-11-16T01:49:49,172][INFO ][o.e.e.NodeEnvironment    ] [machine-45] heap size [15.6gb], compressed ordinary object pointers [true]
[2022-11-16T01:49:49,193][INFO ][o.e.n.Node               ] [machine-45] node name [machine-45], node ID [P1Xmx3IUTduaVRzjTQ4nMw], cluster name [elastic-cluster], roles [data_frozen, ml, data_hot, transform, data_content, data_warm, master, remote_cluster_client, data, data_cold, ingest]
[2022-11-16T01:49:52,234][INFO ][o.e.x.s.Security         ] [machine-45] Security is enabled
[2022-11-16T01:49:52,589][INFO ][o.e.x.s.a.s.FileRolesStore] [machine-45] parsed [0] roles from file [/etc/elasticsearch/roles.yml]
[2022-11-16T01:49:53,127][INFO ][o.e.x.s.InitialNodeSecurityAutoConfiguration] [machine-45] Auto-configuration will not generate a password for the elastic built-in superuser, as we cannot  determine if there is a terminal attached to the elasticsearch process. You can use the `bin/elasticsearch-reset-password` tool to set the password for the elastic user.
[2022-11-16T01:49:53,221][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [machine-45] [controller/936356] [Main.cc@123] controller (64 bit): Version 8.5.1 (Build ac5909e3891a6b) Copyright (c) 2022 Elasticsearch BV
[2022-11-16T01:49:53,835][INFO ][o.e.t.n.NettyAllocator   ] [machine-45] creating NettyAllocator with the following configs: [name=elasticsearch_configured, chunk_size=1mb, suggested_max_allocation_size=1mb, factors={es.unsafe.use_netty_default_chunk_and_page_size=false, g1gc_enabled=true, g1gc_region_size=8mb}]
[2022-11-16T01:49:53,862][INFO ][o.e.i.r.RecoverySettings ] [machine-45] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2022-11-16T01:49:53,902][INFO ][o.e.d.DiscoveryModule    ] [machine-45] using discovery type [multi-node] and seed hosts providers [settings]
[2022-11-16T01:49:55,210][INFO ][o.e.n.Node               ] [machine-45] initialized
[2022-11-16T01:49:55,210][INFO ][o.e.n.Node               ] [machine-45] starting ...
[2022-11-16T01:49:55,234][INFO ][o.e.x.s.c.f.PersistentCache] [machine-45] persistent cache index loaded
[2022-11-16T01:49:55,235][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [machine-45] deprecation component started
[2022-11-16T01:49:55,335][INFO ][o.e.t.TransportService   ] [machine-45] publish_address {10.00.000.45:9300}, bound_addresses {[::]:9300}
[2022-11-16T01:49:55,509][INFO ][o.e.b.BootstrapChecks    ] [machine-45] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2022-11-16T01:49:55,513][INFO ][o.e.c.c.ClusterBootstrapService] [machine-45] this node has not joined a bootstrapped cluster yet; [cluster.initial_master_nodes] is set to [ABC1.xxx.yy]
[2022-11-16T01:49:55,521][INFO ][o.e.c.c.ClusterBootstrapService] [machine-45] skipping cluster bootstrapping as local node does not match bootstrap requirements: [ABC1.xxx.yy]
[2022-11-16T01:50:05,528][WARN ][o.e.c.c.ClusterFormationFailureHelper] [machine-45] master not discovered yet, this node has not previously joined a bootstrapped cluster, and this node must discover master-eligible nodes [ABC1.xxx.yy] to bootstrap a cluster: have discovered [{machine-45}{P1Xmx3IUTduaVRzjTQ4nMw}{TlZEKO6hSrWDCZX-XBmoYQ}{machine-45}{10.00.000.45}{10.00.000.45:9300}{cdfhilmrstw}]; discovery will continue using [10.00.000.46:9300] from hosts providers and [{machine-45}{P1Xmx3IUTduaVRzjTQ4nMw}{TlZEKO6hSrWDCZX-XBmoYQ}{machine-45}{10.00.000.45}{10.00.000.45:9300}{cdfhilmrstw}] from last-known cluster state; node term 0, last-accepted version 0 in term 0

Both the nodes are not able to connect or join the cluster.
Please let me know incase incase issues with set up or what could be the reason for this issue.

Christian_Dahlqvist · November 16, 2022, 7:39am

Tat sounds like a networking issue. Are you able to telnet from one Elasticsearch node to all the others on port 9300?

Also note that Elasticsearch relies on low latency networking with good bandwidth, so it is not recommended to deploy a cluster across multiple regions.

harijld · November 16, 2022, 7:57am

I am able to do the telnet to other machines on 9200 and 9300 and all my machines are in same zone.

Is there any way i can find out the exact issue with this logs ?

how can trace it exactly ? any suggestion s??

system · December 14, 2022, 7:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.