Remote Access to Elastic Search

sancroth · November 17, 2017, 10:23am

I have created a demo server to play around and i am trying to make elasticsearch remotely accessible for some services of mine.

I have set
network.host : 0.0.0.0 -> not working
network.host : xxx.xxx.xxx.xxx -> not working

I can get replies from browser level trying queries etc. bt curl gets access refused.
This leads to the extension i am tryng out(not mine) to say that elastic is unreachable.
Also curl from any other machine other then the local one responds with access refused.

Ip tables are flushed and no rules are being applied atm.

Any tips?

Christian_Dahlqvist · November 17, 2017, 10:31am

Have you looked in the Elasticsearch logs? Are you by any chance running into and failing some bootstrap check?

sancroth · November 17, 2017, 10:35am

If bootstrap check fails then elastic does not start.
So no. I have even configured optimizations that the elastic docs suggest , except the ones for locking the memory since i run a ton of stuff every now and then on that demo.

Also it's not a resource matter. Machine got a spare 50gigs of ram and 8 cores doing nothing atm.

Logs suggest absolutely nothing at this point.

sancroth · November 17, 2017, 10:43am

with
network.host : 0.0.0.0
http.port :0.0.0.0

netstat -anutp | grep 9200
tcp 0 0 136.243.xxxxx:59994 136.243.xxxxx:9200 ESTABLISHED 24168/node
tcp 0 0 136.243.xxxxx:59996 136.243.xxxxx:9200 ESTABLISHED 24168/node
tcp6 0 0 :::9200 :::* LISTEN 31172/java
tcp6 0 0 136.243.xxxxx:9200 136.243.xxxxx:59996 ESTABLISHED 31172/java
tcp6 0 0 136.243.xxxxx:9200 136.243.xxxxx:59994 ESTABLISHED 31172/java
tcp6 0 0 136.243.xxxxx:9200 136.243.xxxxx:59680 TIME_WAIT -
tcp6 1 0 127.0.0.1:55524 127.0.0.1:9200 CLOSE_WAIT 10242/java
tcp6 0 0 136.243.xxxxx:9200 136.243.xxxxx:59682 TIME_WAIT -

sancroth · November 17, 2017, 10:53am

I cant figure out why it responds through browser but not Curl.

No errors on logfiles or anything.
Not even the mention that someone tried to query elastic through curl and failed.

Christian_Dahlqvist · November 17, 2017, 11:16am

It looks like it might only be listening to tcp6. Which address do you use with curl?

sancroth · November 17, 2017, 11:21am

If that is the problem what is the workaround to make it listen to tcp?

using
curl -XGET '136.243.xxx:9200/'
curl -XGET 'http://136.243.xxx:9200/'

sancroth · November 17, 2017, 11:36am

Running on CentOS 7 and installed via yum f that helps.

Also i've had a similar problem with udp6 before that i never managed to solve.
tcp6 seems that it should be working with both ipv4 and ipv6. This is beyond me though.

Disabling ipv6 seems like a bad solution for 2017.

Christian_Dahlqvist · November 17, 2017, 11:43am

The network settings seem to allow you to specify this.

sancroth · November 17, 2017, 12:32pm

Ok Just FYI it was another firewall that the hosting company uses and we got no access to that blocked the connections.
Called them and they fixed it.

Btw i used what you recommened and went for :
network.host: hugeInterfaceName:ipv4

And i still get tcp6 showing up. But after the fix with the firewall everything run smooth.

Thank you for all the assistance you gave me and pointing out the tcp6 thingy.

system · December 15, 2017, 12:33pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.