Elastic Search is a Lucene based search server.It provides a distributed multi-user capability full-text search engine based on a RESTful web interface.
Elastic search, developed in the Java language and released as open source under the Apache license, is a popular enterprise search engine.ElasticSearch is used in cloud computing to achieve real-time search, stability, reliability, speed and ease of installation.The official client is available in Java,.net (C#), PHP, Python, Apache Groovy, Ruby, and many other languages.Elasticsearch is the most popular corporate search engine, according to db-engines' ranking.
Elastic search does not take authentication by default because it is not designed in an open network environment. When you allow port 9200 external access, your data and cluster are not secure.
Typically elasticsearch clusters are protected by VPN, firewall and other means of restriction.But if you want to connect to elasticsearch clusters on an external network, you can only authenticate with the user's password.
Here are two ways to add password authentication:
- use the x-pack plug-in
- use the Nginx
> use x-pack to authentication steps
1. install x-pack
(Only Before Elastic search 6.3 previously required manual download of the x-pack plug-in)
$cd ~/elasticsearch-6.2.4
$./bin/elasticsearch-plugin install x-pack
2.set password for Elastic search、logstash、kibana
$cd ~/elasticsearch-6.2.4/bin/x-pack
$./setup-passwords interactive
3.Set up elastic search configuration file
$vim ~/elasticsearch-6.2.4/config/elasticsearch.yml
Add the following three lines
http.cors.enabled: true
http.cors.allow-origin: '*'
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
4.restart elastic search
now we can use username password to visit
curl http://127.0.0.1:9200 -u [username]:[password]
> use nginx to authentication
In this way, the request is sent to nginx, which forwards it to elastic search. Configure HTTP basic authentication in nginx, and the request must be able to pass nginx's basic authentication, otherwise the elastic search cannot be accessed.
It's very simple.Elastic search does not require authentication, so it works with all versions of elastic search, and it is free.
steps
- config nginx auth_basic
open nginx.conf
$vi ~/nginx/conf/nginx.conf
set upstream and turn on auth_basic
http {
upstream esservice{
server 127.0.0.1:9200;
}
server {
listen 8080;
auth_basic "Elasticsearch Login";
auth_basic_user_file passwords; //this is a file
location / {
proxy_pass http://esservice;
proxy_redirect off;
}
}
}
use openssl set password
$ printf "username:$(openssl passwd -crypt password)\n" > passwords
- run nginx
$ nginx -p $PWD/nginx/ -c $PWD/nginx_http_auth_basic.conf
- close port 9200 external access
- use username password to access elastic search
$ curl -i -X POST username:password@localhost:8080/_cluster/nodes/
now the authentication is work.
The above two methods are what I tried in the project. Finally, I chose to use nginx's basic authentication, because our project happened to use nginx, and our ES version was too low.
Hope the above content can help you. thanks for your read.