1

I am on a vpn which does not allow access to elasticsearch directly, so I am trying to ssh tunnel to an external box that has access.

I am tunneling with the following:

ssh -L 12345:<elastic_ip>-east-1.aws.found.io:9200

but then if I curl:

curl http://user:pass@localhost:12345

I get:

{"ok":false,"message":"Unknown cluster."}

Yet, if I try this from the box directly:

curl http://user:pass@<elastic_ip>-east-1.aws.found.io:9200

I get:

{
  "status" : 200,
  "name" : "instance",
  "cluster_name" : “<cluster>”,
  "version" : {
    "number" : "1.7.2",
    "build_hash" : “<build>“,
    "build_timestamp" : "2015-09-14T09:49:53Z",
    "build_snapshot" : false,
    "lucene_version" : "4.10.4"
  },
  "tagline" : "You Know, for Search"
}

What am I doing wrong?

Improve this question
2
  • I could be wrong, but it may use the port number as a form of identification - just for testing purposes, can you try using ssh -L 9200:<ip>:9200 and then curl localhost:9200? Commented May 25, 2016 at 0:08
  • stackoverflow.com/questions/25048045/… Commented Jul 20, 2020 at 21:43

2 Answers 2

Reset to default
1

Here is how you can do it using #SSH tunneling with #Putty.

Below are the steps you need to take in order to configure SSH tunneling using Putty:

  • Download Putty from here and install it.
  • Configure Putty tunneling for Elasticsearch 9300 and 9200 ports as shown in the screenshot below: enter image description here
  • After configuring you’ll need to open the SSH connection and make sure it is connected.
  • You may look at the SSH event log in order to validate your tunnel. Here is a link on how to do it.

Below is an #Elasticsearch code written in #Java that shows how to connect to the remote Elasticsearch cluster using local (9090 and 9093) ports forwarded over Putty SSH client.

public class App 
{
    public static void main( String[] args ) throws Exception
    {
        Settings settings = ImmutableSettings.settingsBuilder().
             put("cluster.name", "my-cluster").build();

        TransportClient client = new TransportClient(settings)
                                 .addTransportAddress(
                                  new netSocketTransportAddress(
                                  "localhost", 9093));

        CreateIndexResponse rs = client.admin().indices().create(
                      new CreateIndexRequest("tunnelingindex"))
                     .actionGet();

        System.out.println(rs.isAcknowledged());
        client.close();
    }
}

The code creates an index named tunnelingindex on Elasticsearch.

Hope it helps.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Works fine with Kaizen (ES GUI client). But if your ES server accessible from destination SSH server only then you must provide 127.0.0.1:9200 as Destination
0

This is a problem of HTTP protocol. It contains also hostnames and not only IP addresses and if you issue request on the localhost, this hostname is passed to the cluster.

There are basically two solutions, both quite hacky:

  1. Set up your elasticsearch hostname to localhost so it will recognize your query.
  2. Set up your /etc/hosts to direct <elastic_ip>-east-1.aws.found.io to your 127.0.0.1, connect to your ssh with direct IP and then curl to the real address.
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.