Hallo, is anyone here using elasticsearch on centos? I tried several configs to configure external access but nothing is working. My tests: telnet localhost or 127.0.0.1 9200 works local on the machine telnet 192.168.242.4 9200 connection refused local on the machine. So it is clear that access from other systems can not work. Is there perhaps something special to consider when using centos 7?
Thanks for hints.
Ralf
Hi Ralf,
You should check you firewall configuration ... most probably you need to allow port 9200. Also check if elasticsearch service is listening on all interfaces or just localhost (127.0.0.1).
-I.
On Tue, Feb 19, 2019 at 2:48 PM Ralf Prengel ralf.prengel@rprengel.de wrote:
Hallo, is anyone here using elasticsearch on centos? I tried several configs to configure external access but nothing is working. My tests: telnet localhost or 127.0.0.1 9200 works local on the machine telnet 192.168.242.4 9200 connection refused local on the machine. So it is clear that access from other systems can not work. Is there perhaps something special to consider when using centos 7?
Thanks for hints.
Ralf
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Am 19.02.2019 um 13:55 schrieb Ionut Hoza:
Hi Ralf,
You should check you firewall configuration ... most probably you need to allow port 9200. Also check if elasticsearch service is listening on all interfaces or just localhost (127.0.0.1).
Hallo, the firewall is disabled. I tried several variations in the config-file. 0.0.0.0 192.168.242.4
Only 127.0.0.1 is working buth only withz local access.
Ralf
Selinux will not allow connections on other than default http ports.
semanage port -m -t http_port_t -p tcp 9200
Andrea
-----Original Message----- From: CentOS [mailto:centos-bounces@centos.org] On Behalf Of Ralf Prengel Sent: Tuesday, February 19, 2019 8:09 AM To: centos@centos.org Subject: {EXTERNAL} Re: [CentOS] elasticsearch connection refused
Am 19.02.2019 um 13:55 schrieb Ionut Hoza:
Hi Ralf,
You should check you firewall configuration ... most probably you need to allow port 9200. Also check if elasticsearch service is listening on all interfaces or just localhost (127.0.0.1).
Hallo, the firewall is disabled. I tried several variations in the config-file. 0.0.0.0 192.168.242.4
Only 127.0.0.1 is working buth only withz local access.
Ralf _______________________________________________ CentOS mailing list CentOS@centos.org https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.centos.org_mailma...
********************************************************************** The information contained in this e-mail may be privileged and/or confidential, and protected from disclosure, and no waiver of any attorney-client, work product, or other privilege is intended. If you are the intended recipient, further disclosures are prohibited without proper authorization. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden and possibly a violation of federal or state law and regulations. The sender and Baylor Scott & White Health, and its affiliated entities, hereby expressly reserve all privileges and confidentiality that might otherwise be waived as a result of an erroneous or misdirected e-mail transmission. No employee or agent is authorized to conclude any binding agreement on behalf of Baylor Scott & White Health, or any affiliated entity, by e-mail without express written confirmation by the CEO, the Senior Vice President of Supply Chain Services or other duly authorized representative of Baylor Scott & White Health.
On Tue, 2019-02-19 at 14:26 +0000, Pete Biggs wrote:
On Tue, 2019-02-19 at 14:17 +0000, Laack, Andrea P wrote:
Selinux will not allow connections on other than default http ports.
semanage port -m -t http_port_t -p tcp 9200
It's not a web server port - elasticsearch is a database.
Sorry, that was a bit abrupt - yes, it sort of looks like a web server. Does selinux interpret it as such?
P.
We can either set selinux to permissive (not suggested) or open a port. Writing custom ports in selinux is not my specialty.
Andrea
-----Original Message----- From: CentOS [mailto:centos-bounces@centos.org] On Behalf Of Pete Biggs Sent: Tuesday, February 19, 2019 8:33 AM To: centos@centos.org Subject: {EXTERNAL} Re: [CentOS] elasticsearch connection refused
On Tue, 2019-02-19 at 14:26 +0000, Pete Biggs wrote:
On Tue, 2019-02-19 at 14:17 +0000, Laack, Andrea P wrote:
Selinux will not allow connections on other than default http ports.
semanage port -m -t http_port_t -p tcp 9200
It's not a web server port - elasticsearch is a database.
Sorry, that was a bit abrupt - yes, it sort of looks like a web server. Does selinux interpret it as such?
P.
_______________________________________________ CentOS mailing list CentOS@centos.org https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.centos.org_mailma...
********************************************************************** The information contained in this e-mail may be privileged and/or confidential, and protected from disclosure, and no waiver of any attorney-client, work product, or other privilege is intended. If you are the intended recipient, further disclosures are prohibited without proper authorization. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden and possibly a violation of federal or state law and regulations. The sender and Baylor Scott & White Health, and its affiliated entities, hereby expressly reserve all privileges and confidentiality that might otherwise be waived as a result of an erroneous or misdirected e-mail transmission. No employee or agent is authorized to conclude any binding agreement on behalf of Baylor Scott & White Health, or any affiliated entity, by e-mail without express written confirmation by the CEO, the Senior Vice President of Supply Chain Services or other duly authorized representative of Baylor Scott & White Health.
On 2019-02-19, Pete Biggs pete@biggs.org.uk wrote:
On Tue, 2019-02-19 at 14:26 +0000, Pete Biggs wrote:
It's not a web server port - elasticsearch is a database.
Sorry, that was a bit abrupt - yes, it sort of looks like a web server.
It's a bit of both. It is queryable like a database, but it answers requests using HTTP methods.
--keith
Am 22.02.2019 um 04:06 schrieb Keith Keller kkeller@wombat.san-francisco.ca.us:
On 2019-02-19, Pete Biggs pete@biggs.org.uk wrote:
On Tue, 2019-02-19 at 14:26 +0000, Pete Biggs wrote:
It's not a web server port - elasticsearch is a database.
Sorry, that was a bit abrupt - yes, it sort of looks like a web server.
It's a bit of both. It is queryable like a database, but it answers requests using HTTP
Hallo, se-linux was active. My automated installation in the office disables se-linux but this was a manual private setup. Thanks for all hints Ralf
On Tue, 2019-02-19 at 15:09 +0100, Ralf Prengel wrote:
Am 19.02.2019 um 13:55 schrieb Ionut Hoza:
Hi Ralf,
You should check you firewall configuration ... most probably you need to allow port 9200. Also check if elasticsearch service is listening on all interfaces or just localhost (127.0.0.1).
Hallo, the firewall is disabled. I tried several variations in the config-file. 0.0.0.0 192.168.242.4
Only 127.0.0.1 is working buth only withz local access.
Can you see if it is listening on 9200 on the non localhost address?
I have the line
network.host: 10.0.0.1
in my config that binds it to that specific IP address and I have lines like
java 48111 elasticsearch 382u IPv6 1550135 0t0 TCP 10.0.0.1:vrace (LISTEN) java 48111 elasticsearch 530u IPv6 1608995 0t0 TCP 10.0.0.1:wap-wsp (LISTEN)
in the lsof output.
P.
On 2/19/19 4:48 AM, Ralf Prengel wrote:
telnet localhost or 127.0.0.1 9200 works local on the machine telnet 192.168.242.4 9200 connection refused local on the machine. So it is clear that access from other systems can not work.
Set your network address as "network.host" in /etc/elasticsearch/elasticsearch.yml
-
Gordon Messmer -
Ionut Hoza -
Keith Keller -
Laack, Andrea P -
Pete Biggs -
Ralf Prengel