Search code examples
azureelasticsearchelastic-stackazure-virtual-machineazure-virtual-network

Connection Refused to Elastic's "App-Search" Endpoint on Azure VM

I'm currently setting up a production stack of Elasticsearch on an azure linux server and have had success thus far, but have hit a road bump. I am currently at the point to which I have the core Elasticsearch, Kibana, and EnterpriseSearch services up and running on my server, I can reach all of these services fine using "curl -XGET" on the local host, and I can reach an exposed Kibana on a remote machine to the server using the server public ip.

The only problem I am now facing is that the App-Search engine endpoint is returning err_connection_refused when pinged remotely. An example of this is: when generating a search UI template for the template national park data engine, I receive the error "This site refused to connect". I have confirmed that port 3002 is open for all inbound and outbound traffic through azure networking interface (and that the firewall is disabled on the machine), so I'm left thinking I have a configuration issue. Below are the configurations that I added to each respective yml file. Any help would be huge.

elasticsearch.yml

xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
cluster.initial_master_nodes: ["Elastic"]
http.host: [_local_, _site_]

kibana.yml

server.host: "0.0.0.0"
enterpriseSearch.host: http://localhost:3002

enterprise-search.yml

secret_management.encryption_keys: ['I have a 256-bit encryption key here']
allow_es_settings_modification: true
elasticsearch.host: https://127.0.0.1:9200
elasticsearch.username: elastic
elasticsearch.password: password
elasticsearch.ssl.enabled: true
elasticsearch.ssl.certificate_authority: /path/config/certs/http_ca.crt
kibana.host: http://localhost:5601
kibana.external_url: http://azure-public-ip:5601
ent_search.external_url: http://azure-public-ip:3002
ent_search.listen_host: 127.0.0.1
ent_search.listen_port: 3002
Solution

  • Solution found.

    The configuration variable I had set wrong was "ent_search.listen_host". I had it set to my local host ip where it should have been set to 0.0.0.0

    It is interesting to note that I had originally set this variable to the virtual machines ip, however this always reported back "failed to bind to ip".

    I will keep this solution up incase anyone needs it.