问题
I am on a vpn which does not allow access to elasticsearch directly, so I am trying to ssh tunnel to an external box that has access.
I am tunneling with the following:
ssh -L 12345:<elastic_ip>-east-1.aws.found.io:9200
but then if I curl:
curl http://user:pass@localhost:12345
I get:
{"ok":false,"message":"Unknown cluster."}
Yet, if I try this from the box directly:
curl http://user:pass@<elastic_ip>-east-1.aws.found.io:9200
I get:
{
"status" : 200,
"name" : "instance",
"cluster_name" : “<cluster>”,
"version" : {
"number" : "1.7.2",
"build_hash" : “<build>“,
"build_timestamp" : "2015-09-14T09:49:53Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}
What am I doing wrong?
回答1:
This is a problem of HTTP protocol. It contains also hostnames and not only IP addresses and if you issue request on the localhost, this hostname is passed to the cluster.
There are basically two solutions, both quite hacky:
- Set up your elasticsearch hostname to
localhostso it will recognize your query. - Set up your
/etc/hoststo direct<elastic_ip>-east-1.aws.found.ioto your127.0.0.1, connect to yoursshwith direct IP and thencurlto the real address.
回答2:
Here is how you can do it using #SSH tunneling with #Putty.
Below are the steps you need to take in order to configure SSH tunneling using Putty:
- Download Putty from here and install it.
- Configure Putty tunneling for Elasticsearch 9300 and 9200 ports as shown in the screenshot below:
- After configuring you’ll need to open the SSH connection and make sure it is connected.
- You may look at the SSH event log in order to validate your tunnel. Here is a link on how to do it.
Below is an #Elasticsearch code written in #Java that shows how to connect to the remote Elasticsearch cluster using local (9090 and 9093) ports forwarded over Putty SSH client.
public class App
{
public static void main( String[] args ) throws Exception
{
Settings settings = ImmutableSettings.settingsBuilder().
put("cluster.name", "my-cluster").build();
TransportClient client = new TransportClient(settings)
.addTransportAddress(
new netSocketTransportAddress(
"localhost", 9093));
CreateIndexResponse rs = client.admin().indices().create(
new CreateIndexRequest("tunnelingindex"))
.actionGet();
System.out.println(rs.isAcknowledged());
client.close();
}
}
The code creates an index named tunnelingindex on Elasticsearch.
Hope it helps.
来源:https://stackoverflow.com/questions/37425761/ssh-tunnel-for-elasticsearch