Cannot connect to AWS elasticsearch cluster with flask app and Python elasticsearch wrapper

Christian_Dahlqvist · December 19, 2018, 2:04pm

If you are on AWS you can set up a VPC and connect using an internal IP address that is not open to the internet. You will need to open up port 9200, but it will only be accessible within the VPC. This way all traffic goes through your Python application and Elasticsearch can not be accessed from the internet.

ichiban88 · December 19, 2018, 2:07pm

that sounds the way to do it. I will examine that, thank you.

tcass · December 24, 2018, 1:18pm

is the flask app running on the same instance as ES?

If so, use 'host': '0.0.0.0' in your python code above. Also you don't need the http:// in your host value.

tcass · December 24, 2018, 1:25pm

Even if your flask app is not on the same server as the index, if you do have some flask app running on that server, that can serve as the layer between the user and elastic search.

All incoming queries to elasticsearch from wherever on the internet can talk to that app instead, through whatever port, and that app can then query elasticsearch. It would only support the kinds of queries you want users to be able to issue to elasticsearch. Even if the API for this app was something like:

{'query': 'your full es query goes here'}

you could have some string matching filters to prevent malicious queries. This wouldn't be ideal, but the point is you can control what gets to elasticsearch with the logic in that flask app.

ichiban88 · December 24, 2018, 4:06pm

Yes it is. 0.0.0.0 in my python code means that the connection string would be:

es = Elasticsearch("0.0.0.0") ?

I suspect that is not what you mean. I will give it a try though. Perhaps you mean:

if __name__ == '__main__':
    application.debug = True
    application.run(host="0.0.0.0")

At the moment I am exploring the private IP address in a vpc with acces that way.

I appreciate you thinking about my problem, thank you.

tcass · December 24, 2018, 4:25pm

I'm using elasticsearch 5.5, but what works for me is:

es_hosts = [{"host":"0.0.0.0","port":9200}]
Elasticsearch(hosts=es_hosts)

Also, just in case, your flask app isn't containerized in any way right?

ichiban88 · December 24, 2018, 7:23pm

thank you, very helpful. No it isn't. Happy Christmas!

tcass · December 24, 2018, 7:52pm

no problem, same to you!

system · January 21, 2019, 7:52pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.