Does the nodes need private networking between servers?


Hi all.,

lets say i am creating cluster of 5 nodes .

all are in the same Data Center and each having 16 GIGs of RAM.

  1. Does the nodes needs local IP and private networking or they can communicate with each other over internet using public ip ?

  2. Is this good practice if i set cluster in One Data-center while Application in different region which will be using REST-api to query the cluster
    a) what are the drawback in this case ?
    b) how much delay can i expect ? in receiving the reply from cluster ?
    c) is anybody else doing something like this ?

Thanks for your time. have a great day ahead.,

(Nik Everett) #2

Elasticsearch shouldn't be publicly accessible over the internet. It is too
easy to craft bad requests and, without extra stuff, doesn't have
authentication. This doesn't mean it needs private NICs or anything, just
binding to a non public IP.

You can totally use the http API from another DC. At that point it is just
an ok there application in another DC so you have normal connectivity and
latency concerns, but nothing special. Forming a cluster across DCs is
still not a great choice.


Thank you for your reply.

i feel kind of lost here,

When you say "easy to craft bad requests" , does it mean, people can drop my indexes ?
i am asking this, because i wont be having any important data on the server, just titles and tags and using for Fulltext searches.

one more thing, " binding to a non public IP " isnt it same as using private networking between servers ?

i am confused.

Thanks for your time.
have a great day ahead.

(Nik Everett) #4

I thought of "private network" as some kind of electrically isolated network. All that matter is that requests from the internet can't be routed into Elasticsearch. They have to go through your server.

If you can send any request, sure. Elastic has a security product that'll add ACLs and stuff which helps, but I still wouldn't allow the internet to hit your Elasticsearch server.

By bad requests I mean that you can write search requests that consume tons and tons of resources. In 5.0 it is better, we have protection against bad aggregations. But it is still possible to write really slow search requests. You really should have an application between Elasticsearch and the internet.

(system) #5