발단
root@ubuntu:/var/log/elasticsearch# curl -X GET "localhost:9200"
curl: (52) Empty reply from server
[WARN ][o.e.h.n.Netty4HttpServerTransport] [ubuntu] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/127.0.0.1:9200, remoteAddress=/127.0.0.1:52654}
root@ubuntu:/var/lib# systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2024-02-05 01:48:23 UTC; 2min 53s ago
Docs: https://www.elastic.co
Main PID: 32382 (java)
Tasks: 82 (limit: 19140)
Memory: 8.4G
CPU: 1min 35.089s
CGroup: /system.slice/elasticsearch.service
├─32382 /usr/share/elasticsearch/jdk/bin/java -Xms4m -Xmx64m -XX:+UseSerialGC -Dcli.name=server -Dcli.script=/usr/share/elasticsearch/bin/elasticsearch -Dcli.libs=lib/tools/server-
├─32442 /usr/share/elasticsearch/jdk/bin/java -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -Djava.security.manager=allow -XX:+AlwaysPreTouch -Xss1m -D
└─32466 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller
Feb 05 01:47:55 ubuntu systemd[1]: Starting Elasticsearch...
Feb 05 01:48:05 ubuntu systemd-entrypoint[32442]: CompileCommand: exclude org/apache/lucene/util/MSBRadixSorter.computeCommonPrefixLengthAndBuildHistogram bool exclude = true
Feb 05 01:48:05 ubuntu systemd-entrypoint[32442]: CompileCommand: exclude org/apache/lucene/util/RadixSelector.computeCommonPrefixLengthAndBuildHistogram bool exclude = true
Feb 05 01:48:06 ubuntu systemd-entrypoint[32382]: Feb 05, 2024 1:48:06 AM sun.util.locale.provider.LocaleProviderAdapter <clinit>
Feb 05 01:48:06 ubuntu systemd-entrypoint[32382]: WARNING: COMPAT locale provider will be removed in a future release
Feb 05 01:48:23 ubuntu systemd[1]: Started Elasticsearch.
ESCOC- elasticsearch 설치 후 확인을 위해 'curl -X GET "localhost:9200"'을 쳤으나 'Empty reply from server'를 받음
- elasticsearch의 로그 확인결과 디폴트 포트인 9200으로 수신은 확인됨
- 혹시몰라 'systemctl status elasticsearch' elasticsearch의 정상작동 또한 확인함
조치
- 해당 문제는 elasticsearch의 기본 보안 설정 문제로 판명남(SSL/TLS)
- 이 문제를 해결하는 방법은 2가지가 있는데 하나는 설정파일을 건들어서 해당부분을 아에 꺼버리거나 다른하나는 로그인 인증서를 등록하여 접속하는 방법임이다
- 두가지 방법 다 적어볼 생각이다.
- 필자는 참고로 방법 1를 사용하였다.
방법1 (보안사항 끄기)
root@ubuntu:/usr/share/elasticsearch# vi /etc/elasticsearch/elasticsearch.yml
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["ubuntu"]
# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0
# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0
>>>>>>>>>
#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------
#
# The following settings, TLS certificates, and keys have been automatically
# generated to configure Elasticsearch security features on 05-02-2024 01:43:07
#
# --------------------------------------------------------------------------------
# Enable security features
xpack.security.enabled: false
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: false
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["ubuntu"]
# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0
# Allow other nodes to join the cluster from anywhere
# Connections are encrypted and mutually authenticated
#transport.host: 0.0.0.0
#----------------------- END SECURITY AUTO CONFIGURATION -------------------------- 'elasticsearch.yml' 설정 파일에서 맨밑 보안 관련 항목들의 'true'부분을 다 'false' 수정하면 된다
- 직후 elasticsearch를 재시작하면 된다.
방법2 (보안 계정 설정 후 인증서 로그인하기)
root@ubuntu:/var/lib# cd /usr/share/elasticsearch/
root@ubuntu:/usr/share/elasticsearch# ll
total 2228
drwxr-xr-x 7 root root 4096 Feb 5 01:43 ./
drwxr-xr-x 120 root root 4096 Feb 5 01:42 ../
-rw-r--r-- 1 root root 2239562 Jan 11 10:07 NOTICE.txt
-rw-r--r-- 1 root root 8426 Jan 11 10:04 README.asciidoc
drwxr-xr-x 2 root root 4096 Feb 5 01:43 bin/
drwxr-xr-x 8 root root 4096 Feb 5 01:43 jdk/
drwxr-xr-x 5 root root 4096 Feb 5 01:43 lib/
drwxr-xr-x 82 root root 4096 Feb 5 01:43 modules/
drwxr-xr-x 2 root root 4096 Jan 11 10:12 plugins/
#보안 설정을 위해 이동
root@ubuntu:/usr/share/elasticsearch# ./bin/elasticsearch-reset-password -u elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y
Password for the [elastic] user successfully reset.
New value: ~~~~~~~~~~~~
#계정 생성
root@ubuntu:/usr/share/elasticsearch# curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Enter host password for user 'elastic':
{
"name" : "ubuntu",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "iAMpG8AsRcyhOARhPzc1Rg",
"version" : {
"number" : "8.12.0",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "1665f706fd9354802c02146c1e6b5c0fbcddfbc9",
"build_date" : "2024-01-11T10:05:27.953830042Z",
"build_snapshot" : false,
"lucene_version" : "9.9.1",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}- 환경이 Dockck면 http_ca.crt의 위치가 다를 것이며 해당부분은 공식메뉴얼을 참고바란다.
(https://www.elastic.co/guide/en/elasticsearch/reference/8.12/install-elasticsearch.html)
참고
https://nanglam.tistory.com/33
curl: (52) Empty reply from server #ElasticSearch 8.3.3
Elasticsearch를 윈도우에서 다운로드하고, ElasticSearch 8.3.3을 실행시켰다. 그 후 curl 명령을 날리면 다음과 같은 에러가 나타난다. >curl http://localhost:9200 curl: (52) Empty reply from server [@timestamp][WARN ][o.e.x.
nanglam.tistory.com
https://velog.io/@junsugi/Elasticsearch-curl-52-Empty-reply-from-server-에러
'트러블슈팅' 카테고리의 다른 글
| [Linux] 실수로 atp(-get) remove를 사용해서 관련 패키지를 삭제했을때 대처법 (0) | 2024.03.21 |
|---|---|
| dpkg로 deb 삭제파일 복구 방법 (1) | 2024.02.08 |
| [jenkins] 설치 파일 권한 관련 오류 (0) | 2024.01.29 |
| [OpenVpn] openvpn.log에 timestamps 추가하기 (0) | 2024.01.24 |
| [OpenStack] openstack cinder volume 삭제 오류 (1) | 2023.12.19 |