Getting net/http: TLS handshake timeout while accessing AWS managed Elasticsearch service

Question

Getting net/http: TLS handshake timeout while accessing AWS managed Elasticsearch service

nsvijay04b1 opened this issue 4 years ago · 1 comments

Created a container with image abutaha/aws-es-proxy:v1.1 with below args

Args:
      -endpoint=https://vpc-XXXX-logging-tracing-XXXXXXXXXX.eu-west-1.es.amazonaws.com
      -listen=:9200
      -pretty
      -verbose
      -debug

Created another container in same k8s cluster with "curl" in it and did curl
curl http://<aws-es-proxy container IP>:9200/_app/kibana

Instead of giving HTTP success getting error
Get "https://vpc-XXXX-logging-tracing-XXXXXXXXXX.eu-west-1.es.amazonaws.com/_app/kibana": net/http: TLS handshake timeout

If i run curl -k https://vpc-vijay05-logging-tracing-vcyvcp7ulgghot4gu45wgjlm4i.eu-west-1.es.amazonaws.com from the same container, i get response.

{
  "name" : "15f4f1f450sf34545420e318bd0fe",
  "cluster_name" : "123456789:\<ES-domain-name\>",
  "cluster_uuid" : "aPeEUUdag3565yjFisHCsA",
  "version" : {
    "number" : "7.4.2",
    "build_flavor" : "oss",
    "build_type" : "tar",
    "build_hash" : "unknown",
    "build_date" : "2020-06-22T06:09:23.151801Z",
    "build_snapshot" : false,
    "lucene_version" : "8.2.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

VPC based Elasticsearch access policy is open and the aws-es-proxy container is created in same VPC.

Env :-
K8S: v1.16.8-eks-e16311
docker: 19.3.6
OS: Amazon Linux 2

please advise.

Answer 1 · 2020-08-24T21:30:22.000Z

Issue resolved after adding NO_PROXY=es.amazonaws.com .
Sorry for raising issue.