Strange behavior in PHP Elasticsearch 8.5 API

abkrim · November 10, 2022, 8:01am

I feel totally lost.

Having spent some time understanding that to connect to an Elasticsearch single-node, built with docker-compose, without security, I should use the configuration below, now I find that it doesn't work correctly.

I enter perfectly through curl, without CA certificate, without user and without password.

Of course the installation done with docker-compose.yml works.
That is, I access kibana WITHOUT authorization, user, or enrollment.

docker-compose.yml

elasticsearch:
       image: 'docker.elastic.co/elasticsearch/elasticsearch:8.5.0'
       container_name: sitelight-es01
       environment:
           - discovery.type=single-node
#            - xpack.license.self_generated.type=basic
           - xpack.security.enabled=false
           - ES_JAVA_OPTS=-Xms1g -Xmx1g
       ulimits:
           memlock:
               soft: -1
               hard: -1
       ports:
           - '9200:9200'
           - '9300:9300'
       volumes:
           - 'sail-elasticsearch:/usr/share/elasticsearch/data'
       networks:
           - sail
   kibana:
       image: 'docker.elastic.co/kibana/kibana:8.5.0'
       container_name: sitelight-kibana
       depends_on:
           -  elasticsearch
       environment:
           ELASTICSEARCH_HOSTS: http://sitelight-es01:9200
       ports:
           - '5601:5601'
       networks:
           - sail

And I try it in the shell and it works

curl -XGET "http://localhost:9200/"
{
  "name" : "44edbbb60101",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "6seEH0VRR8mX98dIkzSySg",
  "version" : {
    "number" : "8.5.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "c94b4700cda13820dad5aa74fae6db185ca5c304",
    "build_date" : "2022-10-24T16:54:16.433628434Z",
    "build_snapshot" : false,
    "lucene_version" : "9.4.1",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}


❯ curl -XPUT "http://localhost:9200/analyzers"
{"acknowledged":true,"shards_acknowledged":true,"index":"analyzers"}%                                                                                                                                                                        
❯ curl -XGET "http://localhost:9200/_cat/indices"
yellow open analyzers zqWTHOgATtO8_1IRr--Ujg 1 1 0 0 225b 225b
❯ curl -XDELETE "http://localhost:9200/analyzers"
{"acknowledged":true}%

PHP Client

Now I will go to the use of the PHP client

$client = ClientBuilder::create()
   ->setHosts(['localhost'])
   ->build();

$params['index'] = 'analyzers';

$response = $client->info();

Throw an error

08:43:14401 Unauthorized: {"message":"Unauthenticated."}

Change password for user elastic not work.

If I can access via CURL without a username and password, I have no other option than it is a client error, but hey, let's waste a little time trying to turn it around.

Thinking,... well we will have to put the user, its password, etc... we will use what I use in production, to change the password. But not.

I can't understand, because if I try to change the elastic user's password, I can't either.

sh-5.0$ cd /usr/share/elasticsearch/
sh-5.0$ ls
LICENSE.txt  NOTICE.txt  README.asciidoc  bin  config  data  jdk  lib  logs  modules  plugins
sh-5.0$ ./bin/elasticsearch-reset-password -u elastic
WARNING: Owner of file [/usr/share/elasticsearch/config/users] used to be [root], but now is [elasticsearch]
WARNING: Owner of file [/usr/share/elasticsearch/config/users_roles] used to be [root], but now is [elasticsearch]
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y



ERROR: Failed to reset password for the [elastic] user

And now but still. According to the 8.5 documentation Get users API

with curl -XGET "http://localhost:9200/_security/user" you should get the list of users and built-in users.

But neither…

curl -XGET "http://localhost:9200/_security/user"

{"error":"Incorrect HTTP method for uri [/_security/user] and method [GET], allowed: [POST]","status":405}%

It is desperation.

dadoonet · November 10, 2022, 8:21am

In the php client, you defined localhost and not localhost:9200. Could it be the issue?

abkrim · November 10, 2022, 8:36am

If use localhost:9220 show my another incredible error:

09:35:00

No alive nodes. All the 1 nodes seem to be down.

Code

$client = ClientBuilder::create()
            ->setHosts(['localhost:9200'])
            ->build();

        //$params['index'] = 'analyzers';

        $response = $client->info();

dadoonet · November 10, 2022, 8:57am

I don't know the PHP client but as you disabled security (which I DO NOT recommend), you might have to switch from https to http?

abkrim · November 10, 2022, 9:14am

I use in DOCKER DEVELOP local enviroment.
I use this for deploy ElasticSeacrh and Kibana with docker-compose.yml

In this environment there is nothing wrong with working like this. Moreover, it is an obligation given that the documentation on how to deploy docker with docker compose is rather confusing and full of problems.

dadoonet · November 10, 2022, 9:41am

Well... It won't be the same behavior and code as you will see in production...
The documentation is pretty clear about security by default.

Anyway. Did you try something like the following?

$client = ClientBuilder::create()
            ->setHosts(['http://localhost:9200'])
            ->build();
$response = $client->info();

abkrim · November 10, 2022, 11:32am

A lot of thanks.

A mistake on trait when I build client for my app, get wrong address for develop environment.

Now is correct and working

abkrim · November 10, 2022, 3:57pm

Well no. It was a fleeting dream.

I don't know how, but I'm still the same, and more desperate, about to do everything without the use of the client, via guzzle that works perfectly for me.

<?php

namespace App\Console\Commands\ELK;

use Elastic\Elasticsearch\ClientBuilder;
use Exception;
use Illuminate\Console\Command;

class TestingElk extends Command
{

    protected $signature = 'elk:test';

    protected $description = 'Dirty code for rapid tests';

    public function handle()
    {
        $client = ClientBuilder::create()
            ->setHosts(['http://localhost:9200'])
            ->build();
        $response = $client->info();
    }
}

Error

No alive nodes. All the 1 nodes seem to be down.

$next->markAlive(true);
                return $next;
            }
            $dead++;
        }
 
        throw new NoNodeAvailableException(sprintf(
            'No alive nodes. All the %d nodes seem to be down.',
            $totNodes
        ));
    }
}

Check on shell

curl -XGET "http://localhost:9200/_cat/indices"
yellow open analyzers 3UFdZFMnRLa6k4AzKrF6_g 1 1 0 0 225b 225b

dadoonet · November 10, 2022, 4:15pm

A simple test. Could you try with the default installation of Elasticsearch?
Without disabling security.

And follow then the PHP client documentation?

So we can at least understand where to look at?

abkrim · November 10, 2022, 4:57pm

After some time get solution.

Well, I use Laravel sail and in doc for use Elasticsearch with docker, I get an idea.

If on command shell of host work fine problem is on side of the container for my app, that not connect with elastic container.

This is the question.

I run command from the shell of the host.
Code run from conainter larevel app, and in shell of container don't connect to localhost.

Probe

# curl -XGET "http://localhost:9200/_cat/indices" 
curl: (7) Failed to connect to localhost port 9200 after 0 ms: Connection refused
# ping sitelight-es01
/bin/sh: 4: ping: not found
# curl -XGET "http://sitelight-es01:9200/
> ^C
# culr -XGET "http://sitelight-es01:9200/"
/bin/sh: 6: culr: not found
# curl -XGET "http://sitelight-es01:9200/"
{
  "name" : "9e89cfc0e2ff",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "6seEH0VRR8mX98dIkzSySg",
  "version" : {
    "number" : "8.5.0",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "c94b4700cda13820dad5aa74fae6db185ca5c304",
    "build_date" : "2022-10-24T16:54:16.433628434Z",
    "build_snapshot" : false,
    "lucene_version" : "9.4.1",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

Solution

The name of the container on elasticsearch on my Laravel Sail project is sitelight-es01, and now it works.

Change my code to

ClientBuilder::create()
   ->setHosts(['http://sitelight-es01:9200'])
   ->build();

system · December 8, 2022, 4:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elastic and Kibana 8.1.0 via Docker Compose Elastic Search docker	6	5259	November 4, 2022
Using ElasticSerach 8 via Docker without certificate Elasticsearch docker	2	8801	May 28, 2022
Update ELK-Stack with new security features in docker Elasticsearch	5	684	June 19, 2019
Missing authentication credential for REST request Kibana elastic-stack-security , docker	3	3662	August 5, 2023
Not able to create basic authentication with username and password on elasticsearch 8.15.0 and kibana 8.15.0 Elasticsearch elastic-stack-security , docker , kql-kibana-query-language	5	65	October 16, 2024