Why curl command is not showing o/p in proxy server

curl os not responding in proxy side,

i have restarted ES nodes and then start working fine but again stopped from first response ,

but get the output in devtools.

kindly let me know what all steps need to perform for trouble-suite the issue?

It's not entirely clear what your problem here is sorry to say.

If you are sending requests to Elasticsearch then it'd be good to see what they are, as well as the response you are getting.

502 Proxy Error

Proxy Error

The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request

Reason: Error reading from remote server

This is error we are getting while running the curl Get command

Which version of Elasticsearch are you using? What is the command/request you are running? Do you get any error if you send it directly to the cluster, avoiding the proxy?

version of elastic is 7.10.0
curl --user uid:pass -X GET https://dafinfrantools-es.sero.wh.rnd.internal.ericsson.com/_cat/indices?pretty
if i run the above command in any of the ES node, its just hung up and after sometime saying like below error

502 Proxy Error

Proxy Error

The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request

Reason: Error reading from remote server

Do you have Elasticsearch running on the default 9200 port? If so should you not be specifying this in the URL (or does the proxy handle this mapping)?

we have changed the port to 9201 as per our requirement .

i'm sure about mapping
now kibana url is not working as its saying "kibana server is not ready yet"

logs are
{"type":"log","@timestamp":"2022-02-22T17:48:27Z","tags":["error","savedobjects-service"],"pid":22996,"message":"Unable to retrieve version information from Elasticsearch nodes."}
{"type":"log","@timestamp":"2022-02-22T17:48:27Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [indices:admin/get] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:29Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [cluster:monitor/nodes/info] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:29Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [indices:admin/get] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:32Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [cluster:monitor/nodes/info] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:32Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [indices:admin/get] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:34Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [cluster:monitor/nodes/info] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:34Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [indices:admin/get] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}
{"type":"log","@timestamp":"2022-02-22T17:48:37Z","tags":["error","Elasticsearch","data"],"pid":22996,"message":"[security_exception]: no permissions for [indices:admin/get] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}

adding

port is load LB one , so we have tried with port also but still it is in hang,

but i did the restart of ES node and run the curl command that time it went fine for first try only later again(2nd try of same curl) in hang state

Can you please specify the port in the URL when you curl the cluster? Can you run the command with port specified from the node itself to bypass the load balancer?

we specified and tried but no luck

What does your node configuration file look like?

..hope you got it

i have sent yml file

No. Please post it here.

======================== Elasticsearch Configuration =========================

---------------------------------- Cluster -----------------------------------

cluster.name: ELK-dafinfrantools
node.name: seroiudb01470.sero.gic.ericsson.se
node.master: true
node.data: true
node.ingest: true

----------------------------------- Paths ------------------------------------

path.data: /u02/ELK/7.10.0/data/dafinfrantools/9201/
path.logs: /u03/ELK/7.10.0/logs/dafinfrantools/9201/
path.repo: /u05/ELK/7.10.0/exp/dafinfrantools/9201/

----------------------------------- Memory -----------------------------------

bootstrap.memory_lock: true

---------------------------------- Network -----------------------------------

#network.host: [global, local]
network.host: [ens160, local]
http.port: 9201
transport.tcp.port: 9301
#transport.host: [global, local]
transport.host: [ens160, local]

--------------------------------- Discovery ----------------------------------

discovery.seed_hosts: ["seroiudb01470.sero.gic.ericsson.se","seroiudb01471.sero.gic.ericsson.se","seroiudb01472.sero.gic.ericsson.se","seroiudb01473.sero.gic.ericsson.se","seroiudb01474.sero.gic.ericsson.se"]
cluster.initial_master_nodes: ["seroiudb01470.sero.gic.ericsson.se","seroiudb01471.sero.gic.ericsson.se","seroiudb01472.sero.gic.ericsson.se","seroiudb01473.sero.gic.ericsson.se","seroiudb01474.sero.gic.ericsson.se"]

---------------------------------- OpenDistro for Elasticsearch Security ---------------------------------

opendistro_security.ssl.transport.pemcert_filepath: node.pem
opendistro_security.ssl.transport.pemkey_filepath: node-key.pem
opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
opendistro_security.ssl.transport.enforce_hostname_verification: false
opendistro_security.ssl.http.enabled: false
opendistro_security.allow_unsafe_democertificates: true
opendistro_security.allow_default_init_securityindex: true
opendistro_security.authcz.admin_dn:

  • 'CN=elk-admin.ericsson.com,OU=IT,O=Ericsson,L=Stockholm,ST=Stockholm,C=SE'
    opendistro_security.nodes_dn:
  • 'CN=ericsson.com,OU=IT,O=Ericsson,L=Stockholm,ST=Stockholm,C=SE'
    opendistro_security.audit.type: internal_elasticsearch
    opendistro_security.enable_snapshot_restore_privilege: true
    opendistro_security.check_snapshot_restore_write_privileges: true
    opendistro_security.restapi.roles_enabled: [all_access, security_rest_api_access]
    opendistro_security.system_indices.enabled: true
    opendistro_security.system_indices.indices: [.opendistro-alerting-config, .opendistro-alerting-alert*, .opendistro-anomaly-results*, .opendistro-anomaly-detector*, .opendistro-anomaly-checkpoints, .opendistro-anomaly-detection-state, .opendistro-reports-, .opendistro-notifications-]

---------------------------------- Gateway -----------------------------------

gateway.recover_after_nodes: 2
gateway.recover_after_time: 5m
gateway.expected_nodes: 2

Opendistro is an AWS run product and differs from the original Elasticsearch and Kibana products that Elastic builds and maintains. You may need to contact them directly for further assistance.

(This is an automated response from your friendly Elastic bot. Please report this post if you have any suggestions or concerns :elasticheart: )

hope you got now

sometimes , ES node url showing below error
{"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [cluster:monitor/main] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [cluster:monitor/main] and User [name=elastic, backend_roles=[admin], requestedTenant=null]"},"status":403}

we thought like admin/super user role is removed?

as i'm from india, its too late night to me, can you please make your suggestions quickly