I got this running - it's been running now for a week now.
There's really 2 things you need to do to secure it:
- Firewall the box - make sure you don't have access to 9200 or 9300
from everywhere - just the IPs that need it.
- If you have a Rackspace Cloud Load Balancer, you need to also limit
access through that.
For #1 - I did this in my chef recipe:
That allows each IP address in my data bag to have access to each other.
For #2 - you need to use their interface that allows you to deny all,
then add the IPs that are required to have access.
Hopefully that helps - but it works great for us.
If somebody would like the Chef recipe that builds my boxes - I'll
sanitize and clean them up to post.
On Tue, Dec 6, 2011 at 8:10 PM, Darron Froese firstname.lastname@example.org wrote:
I'm working on a setup right now that uses firewall rules to keep
things pretty tight - once I get the last few kinks worked out I'll
post it here.
On Sun, Dec 4, 2011 at 1:29 PM, marcuslongmuir email@example.com wrote:
I'm looking into using RackSpace Cloud Servers for my application and
I've set up a single node successfully, but without firewall rules and
such the node is completely public and I assume that it won't be able
to create a cluster because of discovery settings.
Has anyone setup an ElasticSearch cluster on RackSpace successfully?