[graylog2] Re: graylog-server 1.1.5 - Enabling HTTPS REST api binds graylog-server service to loopback instead of eth0 address

[Tim Cooper]

When I removed that line I then had to then also manually specify the bind 
addresses for the Elasticsearch client, but otherwise that got it working. 
Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/6c38a873-0ae2-4f31-b181-4f1a82df22a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog-server 1.1.5 - Enabling HTTPS REST api binds graylog-server service to loopback instead of eth0 address

[Jochen Schalanda]

Hi Tim,

since you're using the hostname "hostname.example.com" to specify the 
network interface the Graylog REST API should listen on (using 
rest_listen_uri), Graylog is resolving the hostname on startup and using 
the first IP address this request returns – in your case 127.0.0.1 from 
your /etc/hosts file.

In my opinion it doesn't make much sense to have multiple IP addresses per 
hostname on a local machine (enforced by your /etc/hosts file) as this is 
usually also a source of strange errors regarding networking. I'd recommend 
removing the following line completely:

127.0.1.1   hostname.example.com hostname


Cheers,
Jochen

On Friday, 31 July 2015 11:30:56 UTC+2, Tim Cooper wrote:
>
> I am currently in the process of switching to HTTPS for REST communication 
> between my graylog-web frontend and graylog-server nodes but I am having an 
> issue that when I configure the graylog-server to use https the service 
> only binds to the loopback 127.0.1.1 instead of the eth0 address:
>
> netstat -an | grep 12900
> tcp6   0  0 127.0.1.1:12900 :::*LISTEN
>
> My rest_listen_uri is set to match the certificate I'm using and as https 
> (real domain removed) and the certificate and key are configured (real 
> paths removed) and the graylog-server service startsup fine, connects to 
> elasticsearch and the inputs start as normal:
>
> rest_listen_uri = https://hostname.example.com:12900/
>
> rest_enable_tls = true
> rest_tls_cert_file = cert.cer
> rest_tls_key_file = key.key
>
>
> This is an Ubuntu 14.04.2 box and my /etc/hosts looks like this (real 
> domains removed)
>
> 127.0.0.1   localhost
> 127.0.1.1   hostname.example.com hostname
> 10.106.249.71   hostname.example.com hostname
>
>
> Is this something I am doing wrong, or should the graylog-server process 
> know from this config it's not supposed to start on the loopback IP?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/bc22d940-a006-42c3-baa6-be2589f2d18d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.