Edit 1: Solved with opening the port 9200 in instance console. Only opening port http is not enough for accessing from the public ip address. (See comment by Hùng Nguyễn)

I have an instance on EC2 that has Elasticsearch hosted.

On that instance, with this line

curl -XGET http://localhost:9200/_cluster/health?pretty

I got the following response, showing Elasticsearch service started

{
  "cluster_name" : "production",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 1,
  "number_of_data_nodes" : 1,
  "active_primary_shards" : 3,
  "active_shards" : 3,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

I have the same result when I am using http://<private address>:9200

However, I never made it to happen using the public ip-address of that EC2 instance, even inside that instance.

I have tried to add the following config to elasticsearch.yml

network.host: 0.0.0.0

I also opened ports by enabling inbound rules for http, https and ssh in the EC2 instance setting page. But still have no sign of working.
It is possible for a machine outside the EC2 network/instance (such as a WSL linux machine) to connect to the elasticsearch server?

CodePudding user response：

Couple of reasons.

1. EC2 in private subnet with public ip. external traffic wont be able to communicate as it needs Internet Gateway to expose the EC2 over public IP.
2. Check the security group of the EC2 if it allows external traffic on that port, generally the VPC CIDR range is allowed on default security groups in some orgs.