Access EC2 port 9200 from external service

Question

I'm struggling to get EC2 and ElasticSearch up and running. Specifically I'm trying to reach my node from outside Amazon's cloud for verification purposes. I've set up the security group so that I have a "Custom TCP" rule on port 9200 and ElasticSearch is listening on that port, which I can see with netstat -l. When I curl -XGET https://localhost:9200 I get the response expected from ElasticSearch. When I curl -XGET https://publicIP:9200 from WITHIN Amazon (ie. another node that I have running) I get the response expected from ElasticSearch. When I try to do the same request from my desktop I get "no response". I can not, for the life of me, figure out why this is happening.

Answer 1

There are several things to check:

• Accessing the public URL of an instance from inside the amazon cloud will map to its private IP. In you test above, where you specify publicIP, did you use the public IP or public domain name? Make sure to test with the IP, not the domain name.
• If access to the public IP works from the same machine, try the same thing from another EC2 instance.
• Finally, you may have a firewall rule on your desktop, or your work network, preventing outgoing access on port 9200.

Answer 2

If you are running Elasticsearch as a service, then go to /etc/elasticsearch/elasticsearch.yml and make the

network.host: "0.0.0.0"

This solution worked for me.