Hi,
I want to create 3 nodes of ES and Kibana in production network. I would like to see ES in local network (site) and Kibana from Internet.
My first (master) node is running.
If I put network.host: 0.0.0.0
:
I can connect with curl localhost:9200
but with my local/public IP curl 192.168.141.18:9200
(Failed to connect. connection time out)
If I put network.host: _site_
(it's what I want)
Can't connect even with localhost:
curl localhost:9200
curl: (7) Failed to connect to localhost port 9200: Connection refused
My config/elasticsearch.yml file is this:
# ======================== Elasticsearch Configuration =========================
# Use a descriptive name for your cluster:
cluster.name: My-Cluster
# ------------------------------------ Node ------------------------------------
# Use a descriptive name for the node:
node.name: node-1
# ----------------------------------- Paths ------------------------------------
path.data: /opt/elastic/app/data
path.logs: /opt/elastic/app/logs
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
# ---------------------------------- Network -----------------------------------
network.host: _site_
# Set a custom port for HTTP:
#
#http.port: 9200
# --------------------------------- Discovery ----------------------------------
#
discovery.seed_hosts: ["127.0.0.1", "192.168.141.18"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
cluster.initial_master_nodes: ["node-1"]
# ---------------------------------- Gateway -----------------------------------
#...
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
I have to start elasticsearch with user "elasticsearch" because can't run with root user:
$su - elasticsearch -c "/opt/elastic/app/elasticsearch-7.10.0-master/bin/elasticsearch"
This is the log when it starts (it seems that it's OK)
[INFO ][o.e.n.Node ] [node-1] version[7.10.0], pid[79884], build[default/tar/51e9d6f22758d0374a0f3f5c6e8f3a7997850f96/2020-11-09T21:30:33.964949Z], OS[Linux/4.9.0-4-amd64/amd64], JVM[AdoptOpenJDK/OpenJDK 64-Bit Server VM/15.0.1/15.0.1+9]
[INFO ][o.e.n.Node ] [node-1] JVM home [/opt/elastic/app/elasticsearch-7.10.0-master/jdk], using bundled JDK [true]
[INFO ][o.e.n.Node ] [node-1] JVM arguments [-Xshare:auto, -Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -XX:+ShowCodeDetailsInExceptionMessages, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.locale.providers=SPI,COMPAT, -Xms1g, -Xmx1g, -XX:+UseG1GC, -XX:G1ReservePercent=25, -XX:InitiatingHeapOccupancyPercent=30, -Djava.io.tmpdir=/tmp/elasticsearch-17043675956963884129, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=data, -XX:ErrorFile=logs/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -XX:MaxDirectMemorySize=536870912, -Des.path.home=/opt/elastic/app/elasticsearch-7.10.0-master, -Des.path.conf=/opt/elastic/app/elasticsearch-7.10.0-master/config, -Des.distribution.flavor=default, -Des.distribution.type=tar, -Des.bundled_jdk=true]
[INFO ][o.e.p.PluginsService ] [node-1] loaded module [aggs-matrix-stats]
[INFO ][o.e.p.PluginsService ] [node-1] loaded module [analysis-common]
[INFO ][o.e.p.PluginsService ] [node-1] loaded module [lang-mustache]
...loaded module...
[INFO ][o.e.p.PluginsService ] [node-1] loaded module [x-pack-watcher]
[INFO ][o.e.p.PluginsService ] [node-1] no plugins loaded
[INFO ][o.e.e.NodeEnvironment ] [node-1] using [1] data paths, mounts [[/ (/dev/xvda3)]], net usable_space [193.9gb], net total_space [489.7gb], types [ext4]
[INFO ][o.e.e.NodeEnvironment ] [node-1] heap size [1gb], compressed ordinary object pointers [true]
[INFO ][o.e.n.Node ] [node-1] node name [node-1], node ID [REeLUVR4SAaBtiUl3qNwgw], cluster name [My-Cluster], roles [transform, master, remote_cluster_client, data, ml, data_content, data_hot, data_warm, data_cold, ingest]
[INFO ][o.e.x.m.p.l.CppLogMessageHandler] [node-1] [controller/80040] [Main.cc@114] controller (64 bit): Version 7.10.0 (Build ac991e2e31f99d) Copyright (c) 2020 Elasticsearch BV
[INFO ][o.e.x.s.a.s.FileRolesStore] [node-1] parsed [0] roles from file [/opt/elastic/app/elasticsearch-7.10.0-master/config/roles.yml]
[INFO ][o.e.t.NettyAllocator ] [node-1] creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=256kb, factors={es.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=1mb, heap_size=1gb}]
[INFO ][o.e.d.DiscoveryModule ] [node-1] using discovery type [zen] and seed hosts providers [settings]
[WARN ][o.e.g.DanglingIndicesState] [node-1] gateway.auto_import_dangling_indices is disabled, dangling indices will not be automatically detected or imported and must be managed manually
[INFO ][o.e.n.Node ] [node-1] initialized
[INFO ][o.e.n.Node ] [node-1] starting ...
[INFO ][o.e.t.TransportService ] [node-1] publish_address {192.168.141.18:9300}, bound_addresses {192.168.141.18:9300}
[INFO ][o.e.b.BootstrapChecks ] [node-1] bound or publishing to a non-loopback address, enforcing bootstrap checks
[INFO ][o.e.c.c.Coordinator ] [node-1] cluster UUID [DZRON6eQR1Wdb-Wapn2ppw]
[INFO ][o.e.c.s.MasterService ] [node-1] elected-as-master ([1] nodes joined)[{node-1}{REeLUVR4SAaBtiUl3qNwgw}{hyFCMm8KR1meJ2kE7F-H4w}{192.168.141.18}{192.168.141.18:9300}{cdhilmrstw}{ml.machine_memory=1021546496, xpack.installed=true, transform.node=true, ml.max_open_jobs=20} elect leader, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 10, version: 70, delta: master node changed {previous [], current [{node-1}{REeLUVR4SAaBtiUl3qNwgw}{hyFCMm8KR1meJ2kE7F-H4w}{192.168.141.18}{192.168.141.18:9300}{cdhilmrstw}{ml.machine_memory=1021546496, xpack.installed=true, transform.node=true, ml.max_open_jobs=20}]}
[INFO ][o.e.c.s.ClusterApplierService] [node-1] master node changed {previous [], current [{node-1}{REeLUVR4SAaBtiUl3qNwgw}{hyFCMm8KR1meJ2kE7F-H4w}{192.168.141.18}{192.168.141.18:9300}{cdhilmrstw}{ml.machine_memory=1021546496, xpack.installed=true, transform.node=true, ml.max_open_jobs=20}]}, term: 10, version: 70, reason: Publication{term=10, version=70}
[INFO ][o.e.h.AbstractHttpServerTransport] [node-1] publish_address {192.168.141.18:9200}, bound_addresses {192.168.141.18:9200}
[o.e.n.Node ] [node-1] started
[INFO ][o.e.l.LicenseService ] [node-1] license [e986a3a9-1e39-4950-990a-c13a1776e91b] mode [basic] - valid
[INFO ][o.e.x.s.s.SecurityStatusChangeListener] [node-1] Active license is now [BASIC]; Security is enabled
[INFO ][o.e.g.GatewayService ] [node-1] recovered [1] indices into cluster_state
[INFO ][o.e.c.r.a.AllocationService] [node-1] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.security-7][0]]]).
I have already created user/pass (with network.host: _local_
)
What is going wrong with my configuration?
Thx