Why Do I Fail to Access the 9200 Port?
Symptom
In the scenario where a VPN private line or VPC peering connection is used to access the CSS cluster, no result is returned when the cURL command is used to connect to the CSS cluster.
For example, if you run the following command to connect to the cluster, no result is returned:
curl -s 'http://< node private access address >:9200'
Possible Cause
In the scenario where the VPN private line or VPC peering connection is used to access the CSS, the client and CSS are not in the same VPC. Therefore, the subnet of the CSS must be in a different network segment from that of the VPC.
For example, for a CSS cluster, the VPC is vpc-8e28 and its network segment is 192.168.0.0/16. The subnet subnet-4a81 of the VPC is selected, whose network segment is 192.168.0.0/16. This segment is the same as that of the vpc-8e28. In this case, if the VPN private line or the VPC peering connection is used to access the CSS cluster, the host created on the subnet does not have the gateway corresponding to the VPC. As a result, the default route of the CSS service is affected and the 9200 port fails to be accessed.
Procedure
When the 9200 port fails to be accessed and the CSS is available, the execution procedures are as follows:
- Go to the CSS management console. In the cluster list, click the cluster name to view the VPC and subnet used by the cluster.
- Go to the VPC management console. In the VPC list, click the name of the VPC used by the CSS cluster. The VPC details page is displayed. View the VPC and subnet network segment information.
As shown in Figure 1, the VPC network segment information is the same as the subnet network segment information. When a VPN private line or a VPC peer connection is used for access, the 9200 port fails to be accessed.
- If the preceding error occurs, create a cluster again and select a subnet that is different from the VPC subnet. If the subnet does not exist, create another subnet on the VPC management console.
After a new CSS cluster is created, migrate the data of the old cluster to the new cluster, and then use the VPN private line or the VPC peer to access the cluster.
If the VPN private line access is required or the VPC peer connection is used to access the CSS cluster, ensure that the VPC and subnet of the newly created CSS have different network segment information.
Last Article: Ports
Next Article: Change History

Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.