Reputation: 9722
ssh tunnel for elasticsearch
I am on a vpn which does not allow access to elasticsearch directly, so I am trying to ssh tunnel to an external box that has access.
I am tunneling with the following:
ssh -L 12345:<elastic_ip>-east-1.aws.found.io:9200
but then if I curl:
curl http://user:pass@localhost:12345
I get:
{"ok":false,"message":"Unknown cluster."}
Yet, if I try this from the box directly:
curl http://user:pass@<elastic_ip>-east-1.aws.found.io:9200
I get:
{
"status" : 200,
"name" : "instance",
"cluster_name" : “<cluster>”,
"version" : {
"number" : "1.7.2",
"build_hash" : “<build>“,
"build_timestamp" : "2015-09-14T09:49:53Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}
What am I doing wrong?
Upvotes: 1
Views: 7318
Answers (2)
Reputation: 770
Here is how you can do it using #SSH tunneling with #Putty.
Below are the steps you need to take in order to configure SSH tunneling using Putty:
- Download Putty from here and install it.
- Configure Putty tunneling for Elasticsearch 9300 and 9200 ports as shown in the screenshot below:
- After configuring you’ll need to open the SSH connection and make sure it is connected.
- You may look at the SSH event log in order to validate your tunnel. Here is a link on how to do it.
Below is an #Elasticsearch code written in #Java that shows how to connect to the remote Elasticsearch cluster using local (9090 and 9093) ports forwarded over Putty SSH client.
public class App
{
public static void main( String[] args ) throws Exception
{
Settings settings = ImmutableSettings.settingsBuilder().
put("cluster.name", "my-cluster").build();
TransportClient client = new TransportClient(settings)
.addTransportAddress(
new netSocketTransportAddress(
"localhost", 9093));
CreateIndexResponse rs = client.admin().indices().create(
new CreateIndexRequest("tunnelingindex"))
.actionGet();
System.out.println(rs.isAcknowledged());
client.close();
}
}
The code creates an index named tunnelingindex on Elasticsearch.
Hope it helps.
Upvotes: 1
Reputation: 25926
This is a problem of HTTP protocol. It contains also hostnames and not only IP addresses and if you issue request on the localhost, this hostname is passed to the cluster.
There are basically two solutions, both quite hacky:
- Set up your elasticsearch hostname to
localhostso it will recognize your query. - Set up your
/etc/hoststo direct<elastic_ip>-east-1.aws.found.ioto your127.0.0.1, connect to yoursshwith direct IP and thencurlto the real address.
Upvotes: 0
Related Questions
- How to specify the private SSH-key to use when executing shell command on Git?
- How to use SSH to run a local shell script on a remote machine?
- ssh "permissions are too open"
- How do I remove the passphrase for the SSH key without having to create a new key?
- SSH Key - Still asking for password and passphrase
- How do I access my SSH public key?
- Error when rebuilding search index in ElasticSearch/Django
- jhipster elasticsearch connect