I'm running a small test cluster via docker-compose on a desktop in my office, I've configured each node via environment variables. Not by using elasticsearch.yml.
My main node looks like:
version: '3.3'
services:
esnode1:
image: docker.elastic.co/elasticsearch/elasticsearch:7.5.1
container_name: esnode1
environment:
- cluster.name=reagan3-cluster
- node.name=esnode1
- node.master=true
- discovery.seed_hosts=esnode1,esnode2,esnode3
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms6000m -Xmx6000m"
- http.cors.enabled=true
- http.cors.allow-origin="*"
- http.cors.allow-headers=X-Requested-With,X-Auth-Token,Content-Type,Content-Length,Authorization
- http.cors.allow-credentials=true
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- r3_cluster_esdata1:/usr/share/elasticsearch/data
- r3_cluster_snapshots:/opt/elasticsearch/snapshots
ports:
- 127.0.0.1:9201:9200
healthcheck:
test: ["CMD", "curl","-s" ,"-f", "http://localhost:9200/_cat/health"]
networks:
- elknet
restart: always
I have Apache running as a reverse proxy in front of ES so I can use LDAP auth.
I've been trying to test Mirage and Dejavu from my laptop, a simple curl call with my username and password works just fine, so the proxy is working. I can also access my Kibana instance just fine, and my cluster health is green.
But when I try to connect to the cluster using Mirage or Dejavu, Firefox's console spits out errors like this:
Mirage:
This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. localhost:3030
Source map error: Error: request failed with status 404
Resource URL: http://localhost:3030/dist/css/vendor.min.css
Source Map URL: bootstrap.min.css.map
Angular 2 is running in the development mode. Call enableProdMode() to enable the production mode. core.umd.js:201:17
Object { url: "http://username:password@internalhostname:9200", appname: "metricbeat-7.5.1-2019.12.29", username: "", password: "", host: "" }
Object { username: "username", password: "password", url: "http://internalhostname:9200" }
app.component.ts:336:12
setting up appbase appbase.service.ts:73:12
http://internalhostname:9200/metricbeat-7.5.1-2019.12.29/_settings appbase.service.ts:182:12
http://internalhostname:9200/metricbeat-7.5.1-2019.12.29/_mapping/ appbase.service.ts:163:14
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29/_mapping/. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29/_settings. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29/_mapping/. (Reason: CORS request did not succeed).
Object { _body: error, status: 0, ok: false, statusText: "", headers: {…}, type: 3, url: null }
app.component.ts:446:16
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29/_settings. (Reason: CORS request did not succeed).
Not able to get the version. app.component.ts:382:16
Dejavu:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29. (Reason: CORS request did not succeed).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://internalhostname:9200/metricbeat-7.5.1-2019.12.29. (Reason: CORS request did not succeed).
I also tried a curl request on my desktop that set the Origin header. (Found the idea here )
$ curl --head http://localhost:9201 -H 'Origin: http://foo.com'
HTTP/1.1 403 Forbidden
Judging from the docs, http.cors.allow-origin="*"
should open my cluster up to any origin, correct?
That, combined with the "node attributes" error I mention here, makes me wonder if my settings are just not being applied correctly.
Is that the case? Do I have to use elasticsearch.yml to get those settings applied? Any other ideas?