alexus
March 14, 2017, 7:18pm
1
I'm trying to perform Reindex from Remote and I'm getting following error:
@dest :
# curl --request POST 0:9200/_reindex?pretty -d @reindex.json
{
"error" : {
"root_cause" : [
{
"type" : "illegal_argument_exception",
"reason" : "[X:X] not whitelisted in reindex.remote.whitelist"
}
],
"type" : "illegal_argument_exception",
"reason" : "[X:X] not whitelisted in reindex.remote.whitelist"
},
"status" : 400
}
# cat reindex.json
{
"dest" : {
"index" : "index1"
},
"source" : {
"query" : {
"match_all" : {}
},
"remote" : {
"password" : "password",
"username" : "username",
"host" : "https://URL:443"
},
"index" : "index1"
}
}
#
@source : reindex.remote.whitelist :
# grep ^reindex.remote.whitelist elasticsearch.yml
reindex.remote.whitelist: *:*
#
Please advise.
warkolm
(Mark Walkom)
March 14, 2017, 10:57pm
2
Is there a space in front of reindex.remote.whitelist
in the config file? yaml is sensitive to that.
alexus
March 15, 2017, 12:08am
3
no, there is no space...
is there way to see reindex.remote.whitelist
variable through curl
somehow? I tried without square braces, but with same result(
JKhondhu
(Jymit Singh Khondhu)
March 29, 2017, 12:25pm
4
Has this since been resolved?
Something along the lines of reindex.remote.whitelist: localhost:* works well in the elasticsearch.yml
And for multiples, a comma delimited list of allowed remote host and port combinations is suffice.
alexus
April 3, 2017, 3:47pm
5
No, I'm still experiencing issue even with wildcard for host and port:
# tail -1 elasticsearch.yml
reindex.remote.whitelist: *:*
#
I may have found my issue...
elk | Caused by: while scanning an alias
elk | in 'reader', line 100, column 27:
elk | reindex.remote.whitelist: *:*
elk | ^
elk | expected alphabetic or numeric character, but found but found :
elk | in 'reader', line 100, column 28:
elk | reindex.remote.whitelist: *:*
elk | ^
I tried changing syntax to following:
root@166ac979a194:/# tail -1 /etc/elasticsearch/elasticsearch.yml
reindex.remote.whitelist: '*:*'
root@166ac979a194:/#
and even like following:
root@166ac979a194:/# tail -1 /etc/elasticsearch/elasticsearch.yml
reindex.remote.whitelist: ["*:*"]
root@166ac979a194:/#
neither resolve my issue(
1 Like
nik9000
(Nik Everett)
April 3, 2017, 4:26pm
6
We test reindex-from-remote with an elasticsearch.yml file like this:
reindex.remote.whitelist: 127.0.0.1:*
and it works. You probably don't want to whitelist 127.0.0.1 though. Not too useful.
It looks like you can see the settings with curl -s 'localhost:9200/_cluster/settings?pretty&include_defaults'
.
alexus
April 3, 2017, 4:30pm
8
thank you for that curl
command, that's useful)
alexus
April 3, 2017, 4:31pm
9
I've gotten a little further and now I'm getting following error instead:
{
"error" : {
"root_cause" : [
{
"type" : "s_s_l_handshake_exception",
"reason" : "General SSLEngine problem"
}
],
"type" : "s_s_l_handshake_exception",
"reason" : "General SSLEngine problem",
"caused_by" : {
"type" : "s_s_l_handshake_exception",
"reason" : "General SSLEngine problem",
"caused_by" : {
"type" : "validator_exception",
"reason" : "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
"caused_by" : {
"type" : "sun_cert_path_builder_exception",
"reason" : "unable to find valid certification path to requested target"
}
}
}
},
"status" : 500
}
I'm using letsencrypt certificate.
Please advise.
nik9000
(Nik Everett)
April 3, 2017, 5:08pm
10
Something like this ought to work:
system
(system)
Closed
May 1, 2017, 5:09pm
11
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.