How do I curl my elasticsearch on AWS EC2 - elasticsearch

I installed elasticsearch(docker) 8.2 on aws ec2(ubuntu 20.04.)
Everything is working.My only problem is that I can't reach(curl) it from other instances and my backend server(it is on same vpc).
I added my node to its discovery node, and also set network.host: 0.0.0.0
but I still can't reach it
(I tried with both private and public ip)
Is it necessary to install SSL/TSL on it with elastic 8?
Does anyone has any suggestion how to access it?

Looks like you forgot to bind the docker container port to host port, you need to add below config, to your Elasticsearch container docker yml
ports:
- "9202:9200" (bind 9200 port of host to docker port of 9200, 9200 is the Elasticsearch port by default)
After that you should be able to do the curl from other instances in the VPC.

Related

Kibana is not accessible from external browser

I am trying to install Elasticsearch and Kibana on Debian 10. they both work and active in the current machine. I want to access Kibana through different machine's browser, but it cannot be reached.
I have changed Kibana.yml configuration,
server.port: 5601
server.host: "IP" - my IP address
elasticsearch.hosts: ["http://IP:9200"]
Also, I have enabled 5601 and 9200 ports through he firewall by using UFW commands.
even though, still not working. Any idea how to fix that??
Thanks,
almo

Kibana startup fails with License information and later with Unable to retrieve version information

I'm tried to follow this guideline for installing ELK on Centos 8 (on top of one AWS cluster).
After installing elastic and kibana, the kibana startup failed with:
*"message":"License information could not be obtained from Elasticsearch
I googled it, and realized I should use OSS version (latest is 7.10.2)
so make sure to install only OSS version. you can use this guideline
after that, I got new error from kibana.log
-08T07:19:32Z","tags":["error","savedobjects-service"],"pid":62767,"message":"Unable to retrieve version information from Elasticsearch nodes."}
I tried to google it, but no solution worked for me.
my kibana.yaml:
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: "[my public AWS instance ip:9200]"
my elasticsearch.yaml:
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: "[my private AWS instance ip]"
cluster.initial_master_nodes: "[my private AWS instance ip]"
Update:
If I'm changing this line in kibana.yaml file to:
elasticsearch.hosts: "http://localhost:9200"
Then it works. what is the root cause? why it can't access elastic public IP but only local?
Per #leandrojmp comment, the issue was indeed with the public IP in elasticsearch.hosts. Once I replaced it to my private ip, it works
also:
When installing the Elastic Stack, you must use the same version across the entire stack. For example, if you are using Elasticsearch 7.9.3, you install Beats 7.9.3, APM Server 7.9.3, Elasticsearch Hadoop 7.9.3, Kibana 7.9.3, and Logstash 7.9.3.
Using docker, I had to specify the elasticsearch.hosts as an environment variable: -e "ELASTICSEARCH_HOSTS=http://localhost:9200", so:
docker run -p 5601:5601 -e "ELASTICSEARCH_HOSTS=http://localhost:9200" arm64v8/kibana:7.16.3
Set elasticsearch.hosts ipaddress as local system's host ipaddress in kibana.yml file. Also you need to mount local kibana.yml file while running docker container.
docker run -d --name kibana -p 5601:5601 -v /home/users/mySystemUserName/config/kibana.yml:/opt/kibana/config/kibana.yml kibana:7.16.3
Add the below configs in
kibana.yml
server.name: kibana
server.port: 5601
server.host: "0.0.0.0"
elasticsearch.hosts: [ "http://192.168.0.102:9200" ]

ElasticSearch Connection Timed Out in EC2 Instance

I am setting up an ELK Stack (which consists of ElasticSearch, LogStash and Kibana) in a single EC2 instance. AWS EC2 instance. I am following the documentation from the elastic.co site.
TL;DR; I cannot access my ElasticSearch interface hosted in an EC2 from the Web URL. How to fix that?
Type : m4.large
vCPU : 2
Memory : 8 GB
Storage: 25 GB (EBS)
Note : I have provisioned the EC2 instance inside a VPC and with an Elastic IP.
I have installed all 3 components. ElasticSearch and LogStash are running as services while Kibana is running via the command ./bin/kibana inside kibana-7.10.1-linux-x86_64/ directory.
When I curl the ElasticSearch endpoint using
curl http://localhost:9200
I get this JSON output. (Which means the service is running and is accessible via Port 9200).
However, when I try to access the same URL via my browser, I get an error saying
Connection Timed Out
Isn't this supposed to return the same JSON output as the one I've mentioned above?
I have attached the elasticsearch.yml file here (Hosted in gofile.io).
Here are the Inbound Rules for the EC2 instance.
EDIT : I tried changing the network.host: 'localhost'
to network.host: 0.0.0.0 and restarted the service but this time I got an error while starting the service. I attached the screenshot of that.
EDIT 2 : I have uploaded the updated elasticsearch.yml to Gofile.org).
The problem is the following line in your elasticsearch.yml configuration file:
node.name: node-1
network.host: 'localhost'
With that configuration, your ES cluster is only accessible from the same host and not from the outside. According to the official documentation, you need to either specify 0.0.0.0 or a specific publicly accessible IP address, otherwise that won't work.
Note that you also need to configure the following two lines in order for the cluster to properly form:
discovery.seed_hosts: ["node-1-ip-address"]
# Bootstrap the cluster using an initial set of master-eligible nodes:
cluster.initial_master_nodes: ["node-1"]

Jhipster microservices cause conflict on port 9300 of Elasticsearch

Elasticsearch works with ports 9200 and 9300, but if I start a JHipster micro-service configured to work with Elasticsearch before starting the Elasticsearch service Elasticsearch fails because something in the JHipster service starts at port 9300.
I checked this situation by running the netstat -a command in Windows CMD.
If Elasticsearch uses port 9300 and the microservice will use Elasticsearch, why is the microservice occupying port 9300?
Need to change anything else for the service to use Elasticsearch in dev mode?
You can run elasticsearch on different ports than the default one. To do so add/update in elasticsearch.yml file the following:
http.port: 9201
transport.port: 9301

elasticsearch setup on Gcloud VM fails

I wish to run my elasticsearch remotely on gcloud VM, this is configured to run at 127.0.0.1 at a specific port 9200. How to access this from a website outside this vm? If I change the network host to 0.0.0.0 on the yml file, even 9200 port becomes inaccessible. How do I overcome this problem?
Changed network.host: [_site_ , _local_ , _global_ ]
_site_ = internal ip given by google cloud vm,
_local_ = 127.0.0.1,
_global_ = found using curl ifconfig.me,
Opened a specific port (9200) and tried to connect with global IP address.
curl to the global ip gives
>Output: Failed to connect to (_global_ ip) port 9200: connection refused.
So put network.host:0.0.0.0 and then try to allow 9200 and 9201 port and restart the elasticsearch service.If you are using ubuntu then sudo service elasticsearch restart then check by doing curl -XGET 'http://localhost:9200?pretty'.Let me know if you are still facing any issues.
Use following configurations for elasticsearch.yml
network.host: 0.0.0.0
action.auto_create_index: false
index.mapper.dynamic: false
Solved this problem by going through the logs and found out that the public ip address is re-mapped to the internal ip address, hence network.host can't be set to external ip directly. Elasticsearch yml config is as follows:
'network.host: xx.xx.xxx.xx' is set to the internal ip (given by google),
'http.cors.enabled: true',
'http.cors.allow-origin:"*", (Do not use * in production, its a security issue)
'discovery.type: single-node' in my case to make it work independently and not in a cluster
Now this sandboxed version can be accessed from outside the VM using the external IP address given by Google.

Resources