[Apiman-user] Having trouble connecting to Amazon Elasticsearch service
Paul Blair
pblair at clearme.com
Tue Dec 8 13:13:26 EST 2015
It isn't too complicated -- I started here
https://aws.amazon.com/elasticsearch-service/
Basically you find "Elasticsearch Service" under the "Analytics" section
of the AWS dashboard, hit the "Create a new domain" button, and follow the
instructions.
My access policy looks like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "es:*",
"Resource": "arn:aws:es:us-west-2[ARN]/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"[IP ADDRESS 1]", "[CIDR BLOCK 2]",...
]
}
}
}
]
}
On 12/8/15, 12:30 PM, "Eric Wittmann" <eric.wittmann at redhat.com> wrote:
>Nope - I was worried that you were using 2.x, which we do not currently
>support.
>
>Do you happen to have any instructions handy for setting up an AMZ
>elasticsearch instance so I can try to reproduce this error?
>
>On 12/8/2015 12:28 PM, Paul Blair wrote:
>> Amazon says their current version is 1.5.2. Does apiman require version
>> 2.x?
>>
>> On 12/8/15, 12:21 PM, "Eric Wittmann" <eric.wittmann at redhat.com> wrote:
>>
>>> What version of elasticsearch are you using?
>>>
>>> On 12/8/2015 12:12 PM, Paul Blair wrote:
>>>> The stack trace is below. Note that the instance seems to start fine;
>>>> it's
>>>> only when I make a request to the Gateway that I get this error.
>>>>
>>>> Thanks!
>>>>
>>>> 16:18:04,746 ERROR [io.undertow.request] (default task-1) UT005023:
>>>> Exception handling request to /apiman-gateway/test_api/1.7:
>>>> java.lang.RuntimeException: org.apache.http.NoHttpResponseException:
>>>> search-testapi-....us-west-2.es.amazonaws.com:443 failed to respond
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.ESClientFactory.initializeClient(ESClientFa
>>>>ct
>>>> or
>>>> y.java:200) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.ESClientFactory.createJestClient(ESClientFa
>>>>ct
>>>> or
>>>> y.java:140) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.ESClientFactory.createJestClient(ESClientFa
>>>>ct
>>>> or
>>>> y.java:101) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.ESClientFactory.createClient(ESClientFactor
>>>>y.
>>>> ja
>>>> va:66) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.AbstractESComponent.getClient(AbstractESCom
>>>>po
>>>> ne
>>>> nt.java:45) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>> io.apiman.gateway.engine.es.ESRegistry.getService(ESRegistry.java:315)
>>>> [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>> io.apiman.gateway.engine.es.ESRegistry.getService(ESRegistry.java:304)
>>>> [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.CachingESRegistry.getService(CachingESRegis
>>>>tr
>>>> y.
>>>> java:189) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.impl.SecureRegistryWrapper.getService(SecureRe
>>>>gi
>>>> st
>>>> ryWrapper.java:97) [apiman-gateway-engine-core-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.execute(Servic
>>>>eR
>>>> eq
>>>> uestExecutorImpl.java:252)
>>>>[apiman-gateway-engine-core-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.platforms.servlet.GatewayServlet.doAction(GatewayServ
>>>>le
>>>> t.
>>>> java:236) [apiman-gateway-platforms-servlet-1.1.9.Final.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.platforms.servlet.GatewayServlet.doGet(GatewayServlet
>>>>.j
>>>> av
>>>> a:82) [apiman-gateway-platforms-servlet-1.1.9.Final.jar:]
>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
>>>> [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>>>> [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandle
>>>>r.
>>>> ja
>>>> va:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handle
>>>>Re
>>>> qu
>>>> est(ServletSecurityRoleHandler.java:62)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(Se
>>>>rv
>>>> le
>>>> tDispatchingHandler.java:36)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>org.wildfly.extension.undertow.security.SecurityContextAssociationHandl
>>>>er
>>>> .h
>>>> andleRequest(SecurityContextAssociationHandler.java:78)
>>>> at
>>>>
>>>>
>>>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHan
>>>>dl
>>>> er
>>>> .java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.
>>>>ha
>>>> nd
>>>> leRequest(SSLInformationAssociationHandler.java:131)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.
>>>>ha
>>>> nd
>>>> leRequest(ServletAuthenticationCallHandler.java:57)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHan
>>>>dl
>>>> er
>>>> .java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequ
>>>>es
>>>> t(
>>>> AbstractConfidentialityHandler.java:46)
>>>> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.security.ServletConfidentialityConstraintH
>>>>an
>>>> dl
>>>> er.handleRequest(ServletConfidentialityConstraintHandler.java:64)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.security.handlers.AuthenticationMechanismsHandler.handleReq
>>>>ue
>>>> st
>>>> (AuthenticationMechanismsHandler.java:58)
>>>> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler
>>>>.h
>>>> an
>>>> dleRequest(CachedAuthenticatedSessionHandler.java:70)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.security.handlers.SecurityInitialHandler.handleRequest(Secu
>>>>ri
>>>> ty
>>>> InitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHan
>>>>dl
>>>> er
>>>> .java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handl
>>>>eR
>>>> eq
>>>> uest(JACCContextIdHandler.java:61)
>>>> at
>>>>
>>>>
>>>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHan
>>>>dl
>>>> er
>>>> .java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHan
>>>>dl
>>>> er
>>>> .java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(S
>>>>er
>>>> vl
>>>> etInitialHandler.java:261)
>>>> [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(Serv
>>>>le
>>>> tI
>>>> nitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletIn
>>>>it
>>>> ia
>>>> lHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(Serv
>>>>le
>>>> tI
>>>> nitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>> io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
>>>> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761
>>>>)
>>>> [undertow-core-1.1.8.Final.jar:1.1.8.Final]
>>>> at
>>>>
>>>>
>>>>java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.ja
>>>>va
>>>> :1
>>>> 142) [rt.jar:1.8.0_25]
>>>> at
>>>>
>>>>
>>>>java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.j
>>>>av
>>>> a:
>>>> 617) [rt.jar:1.8.0_25]
>>>> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_25]
>>>> Caused by: org.apache.http.NoHttpResponseException:
>>>> search-testapi-....us-west-2.es.amazonaws.com:443 failed to respond
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHt
>>>>tp
>>>> Re
>>>> sponseParser.java:143) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHt
>>>>tp
>>>> Re
>>>> sponseParser.java:57) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessagePars
>>>>er
>>>> .j
>>>> ava:261) [httpcore-4.4.1.jar:4.4.1]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader
>>>>(D
>>>> ef
>>>> aultBHttpClientConnection.java:165) [httpcore-4.4.1.jar:4.4.1]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.j
>>>>av
>>>> a:
>>>> 167) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequ
>>>>es
>>>> tE
>>>> xecutor.java:272) [httpcore-4.4.1.jar:4.4.1]
>>>> at
>>>>
>>>>
>>>>org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecuto
>>>>r.
>>>> ja
>>>> va:124) [httpcore-4.4.1.jar:4.4.1]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.ja
>>>>va
>>>> :2
>>>> 71) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:1
>>>>84
>>>> )
>>>> [httpclient-4.5.jar:4.5]
>>>> at
>>>>org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
>>>> [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:1
>>>>10
>>>> )
>>>> [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpCl
>>>>ie
>>>> nt
>>>> .java:184) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpCl
>>>>ie
>>>> nt
>>>> .java:82) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>
>>>>org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpCl
>>>>ie
>>>> nt
>>>> .java:107) [httpclient-4.5.jar:4.5]
>>>> at
>>>>
>>>>io.searchbox.client.http.JestHttpClient.execute(JestHttpClient.java:50)
>>>> [jest-0.1.6.jar:]
>>>> at
>>>>
>>>>
>>>>io.apiman.gateway.engine.es.ESClientFactory.initializeClient(ESClientFa
>>>>ct
>>>> or
>>>> y.java:193) [apiman-gateway-engine-es-1.1.9.Final.jar:]
>>>> ... 39 more
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 12/8/15, 11:48 AM, "Eric Wittmann" <eric.wittmann at redhat.com>
>>>>wrote:
>>>>
>>>>> You definitely need to set the protocol to 'https', for the record.
>>>>> Beyond that I'm not quite sure. Do you have a full stack trace or
>>>>>just
>>>>> that part of it?
>>>>>
>>>>> On 12/8/2015 11:19 AM, Paul Blair wrote:
>>>>>> Not quite sure what to make of this: I'm getting
>>>>>>
>>>>>> org.apache.http.NoHttpResponseException: [endpoint_URI]:443
>>>>>> failed
>>>>>> to respond
>>>>>>
>>>>>> But if I do:
>>>>>>
>>>>>> curl https://[endpont_URI]:443
>>>>>>
>>>>>> I get a response from Elasticsearch‹this is because I have the
>>>>>>Amazon
>>>>>> Elasticsearch instance permissioned to accept any connections from
>>>>>>the
>>>>>> IP address where apiman is running.
>>>>>>
>>>>>> The apiman configurations look like this:
>>>>>>
>>>>>> apiman.es.protocol=http
>>>>>> apiman.es.host=[endpoint_URI]
>>>>>> apiman.es.port=443
>>>>>> apiman.es.username=
>>>>>> apiman.es.password=
>>>>>>
>>>>>> Changing protocol from http to https doesn't appear to help, nor
>>>>>>does
>>>>>> removing the username and password properties entirely. Any
>>>>>> suggestions?
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Apiman-user mailing list
>>>>>> Apiman-user at lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>>>>>
>>>>
>>
More information about the Apiman-user
mailing list