Question

我在AWS Elasticsearch服务上使用以下配置创建了一个ES集群（采用Terraform格式，但一般配置应该易于人类阅读）

resource "aws_elasticsearch_domain" "es" {
  domain_name           = "tf-test"
  elasticsearch_version = "5.1"
  cluster_config {
    instance_type = "t2.small.elasticsearch"
  }

  ebs_options {
    ebs_enabled = "true"
    volume_type = "gp2"
    volume_size = "15"

  }

  advanced_options {
    "rest.action.multi.allow_explicit_index" = "true"
  }

  access_policies = <<CONFIG
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "es:*",
      "Condition": {
        "IpAddress": {
          "aws:SourceIp": [
            "my-ipv4/32"
          ]
        }
      },
      "Resource": "arn:aws:es:eu-central-1:my-account-id:domain/tf-test/*"
    }
  ]
}
CONFIG
}

并尝试使用

插入文档

curl -v -XPUT my-endpoint:9200/movies/movie/tt0116996 -d '{"name":"John Doe"}'

它返回错误：

curl: (7) Failed to connect to my-endpoint port 9200: Operation timed out

与命令相同：

curl 'my-endpoint:9200/_cat/health?v'

Answer 1

听起来像卷曲无法连接。这可能来自elasticsearch的访问控制设置。看看https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg-configure-access.html

您可以通过发出telnet来验证这一点，看看您是否连接到tcp套接字：

telnet my-endpoint 9200

你应该看到类似的内容（sub你的ip和servername）：

Trying 123.123.123.123...
Connected to my-endpoint
Escape character is '^]'.

如果你没有连接 - 它是访问控制。

AWS Elasticsearch Operation超时

1 个答案: