Accessing elasticsearch from a public domain name or IP

Question

Am running elastic search version 2.3.1 on ubuntu-server 16.04
I can access the elastic api locally as seen below on the default host as show below

curl -X GET 'http://localhost:9200'

{
"name" : "oxo-cluster-node",
"cluster_name" : "oxo-elastic-cluster",
"version" : {
  "number" : "2.3.1",
  "build_hash" : "bd980929010aef404e7cb0843e61d0665269fc39",
  "build_timestamp" : "2016-04-04T12:25:05Z",
  "build_snapshot" : false,
  "lucene_version" : "5.5.0"
},
"tagline" : "You Know, for Search"
}

I need to be able to access elastic search via my domain name or IP Address
I've tried adding the following setting http.publish_host: my.domain file but the server refuses client http connections. Am running the service on default port 9200

When i run

curl -X GET 'http://my.domain:9200'

the result is

curl: (7) Failed to connect to my.domain port 9200: Connection refused

My domain (my.domain) is publicly accessible on the internet and port 9200 is configured to accept connections from anywhere

What am i missing ?

Answer 1

First off, exposing an Elasticsearch node directly to the internet without protections in front of it is usually bad, bad news. Don't do it - especially older versions. You're going to end up with security problems in a hurry. I recommend using something like nginx to do basic authentication + HTTPS, and then to proxy_pass it to your locally-bound Elasticsearch instance. This gives you an encrypted and authenticated public connection to your server.

That said, see the networking config documentation. You want either network.host or network.bind_host. network.publish_host is the name that the node advertises to other nodes so that they can connect for clustering. You will also want to make sure that your firewall (iptables or similar) is set up to allow traffic on 9200, and that you don't have any upstream networking security preventing access to the machine (such as AWS security groups or DigitalOcean's networking firewalls).