Search code examples
azureelasticsearchnetwork-programmingkibanaperformance-testing

Encountering a “No route to host” error when trying to access my Elasticsearch cluster?

I have a elastic search cluster installed in my Azure Virtual machine (linux) with private ip 10.176.83.156 and the elasticsearch.yml file have following values

cluster.name: Test-cluster
node.name: node-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["l01q23705150001"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0

I'm able to access the elastic search from inside the linux machine(10.176.83.156) from where it is installed.

curl -u elastic:NYC59UxNJ3FRNZUpNhKa https://10.176.83.156:9200 -k
  {
  "name" : "l01q23705150001",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "wOepv5C_T3md3a0K6f1yOw",
  "version" : {
  "number" : "8.12.2",
  "build_flavor" : "default",
  "build_type" : "rpm",
  "build_hash" : "48a287ab9497e852de30327444b0809e55d46466",
  "build_date" : "2024-02-19T10:04:32.774273190Z",
  "build_snapshot" : false,
  "lucene_version" : "9.9.2",
  "minimum_wire_compatibility_version" : "7.17.0",
  "minimum_index_compatibility_version" : "7.0.0"
    },
  "tagline" : "You Know, for Search"
  }

But accessing it from outside from my local machine with VPN I'm getting error

curl -u elastic:NYC59UxNJ3FRNZUpNhKa https://10.176.83.156:9200 -k
   curl: (7) Failed to connect to 10.192.85.168 port 9200: No route to host 
enter code here

Also added the following inbound rules to the Linux machine's NSG.

enter image description here

Solution

  • To resolve the error I had to add the following rule to the Linux server's local firewall

    firewall-cmd --add-port=9200/tcp --permanent

firewall-cmd --reload