Allowing remote access to Elasticsearch
In config/elasticsearch.yml, put network.host: 0.0.0.0.And also add Inbound Rule in firewall for your ElasticSearch port(9200 ByDefault).It worked in ElasticSearch version 2.3.0
Edit: As Sisso mentions in his comment below, Elasticsearch as of 2.0 at least binds to localhost by default. See https://www.elastic.co/guide/en/elasticsearch/reference/2.0/modules-network.html for more information.
As Damien mentions in his answer, by default ES allows all access to port 9200. In fact, you need to use external tools to provide authentication to the ES resource - something like a webapp frontend or just simple nginx with Basic Auth turned on.
Things that can prevent you from accessing a remote system (you probably know these):
- network configuration problems
- ES host firewall blocks incoming requests on port
9200 - remote host firewall blocks outgoing requests to ES host and/or port
9200 - ES is configured to bind to the wrong IP address (by default however, it binds to all available IPs)
Best guess? Check that you can connect from remote host to ES host, then check firewall on both systems. If you can't diagnose further, maybe someone on the ES mailing list (https://groups.google.com/forum/#!forum/elasticsearch) or IRC channel (#elasticsearch on Freenode) can help.
When elasticsearch is installed and run without any configuration changes by default it binds to localhost only. To access the elasticsearch REST API endpoint remotely the below changes has to be made on the server where elasticsearch has been installed.
Elasticsearch Configuration ChangeUpdate the network.host property in elasticsearch.yml as per the guidelines provided in the elasticsearch documentationFor example to bind to all IPv4 addresses on the local machine, change as belownetwork.host : 0.0.0.0
Firewall Rules UpdateUpdate the Linux firewall to allow access to port 9200. Please refer your Linux documentation for adding rules to the firewall.
For example to allow access to all the servers(public) in CentosOS use the firewall-cmd
sudo firewall-cmd --zone=public --permanent --add-port=9200/tcpsudo firewall-cmd --reloadNote : In production environment public access is discouraged. A restricted access should be preferred.