How to access elasticsearch as localhost from Nginx server as reverse proxy

Elastic Stack Elasticsearch
1

How to access as localhost from Nginx server as reverse proxy
I have 4 elasticsearch node on 4 separate servers:
xx.xxx.1.20
xx.xxx.1.21
xx.xxx.1.22
xx.xxx.1.23

Nginx is running on separate server:
xx.xxx.6.14

In elasticsearch.yml on each of the above elasticsearch nodes
http.host: 127.0.0.1
http.port: 9200

I want to access elasticsearch through NGINX as reverse proxy server as http://xx.xxx.6.14:9211

Going by the Elasticsearch Ip restriction using NGINX
I tried with iptables to restrict elasticsearch access through only NGINX as below on each of the easticsearch nodes

iptables -A INPUT -p tcp --dport 9200 -s xx.xxx.6.14 -j ACCEPT
iptables -A INPUT -p tcp --dport 9200 -j DROP

It is not working. I am unable access elasticsearch as http://127.0.0.1:9200 from nginx server

Can nobody please help me here.

2

if you bind to localhost/127.0.0.1, nginx will not be able to reach elasticsearch over the network.

3

My idea of having Nginx in front of elastisearch is to protect elasticsearch. I want to restrict direct access of elasticsearch from data/and master nodes without any authorization.
In Nginx config file I am applying Authentication for Elasticsearch.

upstream elasticsearch {
server 127.0.0.1:9200;
server 127.0.0.1:9201;
server 127.0.0.1:9202;
server 127.0.0.1:9203;
keepalive 15;
}
server {
listen 8050;
server_name xx.xxx.6.14;
auth_basic "Protected Elasticsearch";
auth_basic_user_file /u11/nginx/config/conf.d/elasticsearch.htpasswd;

  location / {
  proxy_pass http://elasticsearch;
  proxy_set_header Connection "Keep-Alive";
  proxy_set_header Proxy-Connection "Keep-Alive";
  proxy_redirect off;
}

}

What action is to be taken in network to proxy_pass from nginx to remote elastic server where in the remote server elasticsearch runs as localhost

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.