I've just played a little on Elastic Search today as a complete newbie.
That's not so hard once you know lucene already. But that's not my point ^^
I planned to use ES on Heroku and so I tried the two ES services available
: bonsai and searchbox. I'm quite sceptical about how it works:
ES instances are open to the world, there is no tight integration with my
heroku app and so it seems to me the security of my data are compromised.
Of course performance decrease dramatically if I compare to a local
instance. I can't control distance between heroku app and ES service. It
seems to me hazardous to rely on the network blindly.
And you, how do you use ES ? Do you manage your own deployment on inhouse
servers ? Amazon EC2 ?
I suppose the best security is an IP restriction between the application
server and the cluster. Is there some other way ?
I planned to use ES on Heroku and so I tried the two ES services
available
[...]
I don't yet have any experience with ES on Heroku.
And you, how do you use ES ? Do you manage your own deployment on
inhouse servers ? Amazon EC2 ? I suppose the best security is an
IP restriction between the application server and the cluster. Is
there some other way ?
ES should run anywhere the JVM does, although Linux is probably the
most common platform. It will work fine in-house or on any cloud
provider that gives you a JVM with some configurability (you need
access to the file system, for example).
About your performance concerns, Heroku and SearchBox are both located in
the same AWS zone(us-east-1a). Network communication will be faster than
search operation itself.
For your security concerns, SearchBox api endpoints are guarded with
api-keys. You are right, api end point is accessible from anywhere not only
from Heroku.
Api end point supports https communication to keep it secure.
There is no way to risk your data if your api-key or dashboard password is
known by others.
If you want to run your own instance, you can use http-basic authentication
with Nginx+ES.
On Thursday, October 25, 2012 12:04:53 AM UTC+3, hugo lassiege wrote:
Hi,
I've just played a little on Elastic Search today as a complete newbie.
That's not so hard once you know lucene already. But that's not my point ^^
I planned to use ES on Heroku and so I tried the two ES services available
: bonsai and searchbox. I'm quite sceptical about how it works:
ES instances are open to the world, there is no tight integration with
my heroku app and so it seems to me the security of my data are compromised.
Of course performance decrease dramatically if I compare to a local
instance. I can't control distance between heroku app and ES service. It
seems to me hazardous to rely on the network blindly.
And you, how do you use ES ? Do you manage your own deployment on inhouse
servers ? Amazon EC2 ?
I suppose the best security is an IP restriction between the application
server and the cluster. Is there some other way ?
About your performance concerns, Heroku and SearchBox are both located
in the same AWS zone(us-east-1a). Network communication will be faster
than search operation itself.
For your security concerns, SearchBox api endpoints are guarded with
api-keys. You are right, api end point is accessible from anywhere not
only from Heroku.
Api end point supports https communication to keep it secure.
There is no way to risk your data if your api-key or dashboard
password is known by others.
If you want to run your own instance, you can use http-basic
authentication with Nginx+ES.
On Thursday, October 25, 2012 12:04:53 AM UTC+3, hugo lassiege wrote:
Hi,
I've just played a little on Elastic Search today as a complete
newbie. That's not so hard once you know lucene already. But
that's not my point ^^
I planned to use ES on Heroku and so I tried the two ES services
available : bonsai and searchbox. I'm quite sceptical about how it
works:
- ES instances are open to the world, there is no tight
integration with my heroku app and so it seems to me the security
of my data are compromised.
- Of course performance decrease dramatically if I compare to a
local instance. I can't control distance between heroku app and ES
service. It seems to me hazardous to rely on the network blindly.
And you, how do you use ES ? Do you manage your own deployment on
inhouse servers ? Amazon EC2 ?
I suppose the best security is an IP restriction between the
application server and the cluster. Is there some other way ?
Thanks for sharing your thoughts
Hugo
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.