Elastic Search on the cloud, your feedback


(hugo lassiege) #1

Hi,

I've just played a little on Elastic Search today as a complete newbie.
That's not so hard once you know lucene already. But that's not my point ^^

I planned to use ES on Heroku and so I tried the two ES services available
: bonsai and searchbox. I'm quite sceptical about how it works:

  • ES instances are open to the world, there is no tight integration with my
    heroku app and so it seems to me the security of my data are compromised.
  • Of course performance decrease dramatically if I compare to a local
    instance. I can't control distance between heroku app and ES service. It
    seems to me hazardous to rely on the network blindly.

And you, how do you use ES ? Do you manage your own deployment on inhouse
servers ? Amazon EC2 ?
I suppose the best security is an IP restriction between the application
server and the cluster. Is there some other way ?

Thanks for sharing your thoughts
Hugo

--


(Drew Raines) #2

hugo lassiege wrote:

I planned to use ES on Heroku and so I tried the two ES services
available

[...]

I don't yet have any experience with ES on Heroku.

And you, how do you use ES ? Do you manage your own deployment on
inhouse servers ? Amazon EC2 ? I suppose the best security is an
IP restriction between the application server and the cluster. Is
there some other way ?

ES should run anywhere the JVM does, although Linux is probably the
most common platform. It will work fine in-house or on any cloud
provider that gives you a JVM with some configurability (you need
access to the file system, for example).

-Drew

--


(ferhatsb) #3

Hi Hugo,

Thanks for trying SearchBox.io

About your performance concerns, Heroku and SearchBox are both located in
the same AWS zone(us-east-1a). Network communication will be faster than
search operation itself.

For your security concerns, SearchBox api endpoints are guarded with
api-keys. You are right, api end point is accessible from anywhere not only
from Heroku.
Api end point supports https communication to keep it secure.
There is no way to risk your data if your api-key or dashboard password is
known by others.

If you want to run your own instance, you can use http-basic authentication
with Nginx+ES.

Ferhat
www.searchbox.io

On Thursday, October 25, 2012 12:04:53 AM UTC+3, hugo lassiege wrote:

Hi,

I've just played a little on Elastic Search today as a complete newbie.
That's not so hard once you know lucene already. But that's not my point ^^

I planned to use ES on Heroku and so I tried the two ES services available
: bonsai and searchbox. I'm quite sceptical about how it works:

  • ES instances are open to the world, there is no tight integration with
    my heroku app and so it seems to me the security of my data are compromised.
  • Of course performance decrease dramatically if I compare to a local
    instance. I can't control distance between heroku app and ES service. It
    seems to me hazardous to rely on the network blindly.

And you, how do you use ES ? Do you manage your own deployment on inhouse
servers ? Amazon EC2 ?
I suppose the best security is an IP restriction between the application
server and the cluster. Is there some other way ?

Thanks for sharing your thoughts
Hugo

--


(hugo lassiege) #4

Thanks a lot for your answer.

(By the way, your Jest library is nice to use)

Hugo

Le 27/10/2012 09:26, ferhatsb a écrit :

Hi Hugo,

Thanks for trying SearchBox.io

About your performance concerns, Heroku and SearchBox are both located
in the same AWS zone(us-east-1a). Network communication will be faster
than search operation itself.

For your security concerns, SearchBox api endpoints are guarded with
api-keys. You are right, api end point is accessible from anywhere not
only from Heroku.
Api end point supports https communication to keep it secure.
There is no way to risk your data if your api-key or dashboard
password is known by others.

If you want to run your own instance, you can use http-basic
authentication with Nginx+ES.

Ferhat
www.searchbox.io

On Thursday, October 25, 2012 12:04:53 AM UTC+3, hugo lassiege wrote:

Hi,

I've just played a little on Elastic Search today as a complete
newbie. That's not so hard once you know lucene already. But
that's not my point ^^

I planned to use ES on Heroku and so I tried the two ES services
available : bonsai and searchbox. I'm quite sceptical about how it
works:
- ES instances are open to the world, there is no tight
integration with my heroku app and so it seems to me the security
of my data are compromised.
- Of course performance decrease dramatically if I compare to a
local instance. I can't control distance between heroku app and ES
service. It seems to me hazardous to rely on the network blindly.

And you, how do you use ES ? Do you manage your own deployment on
inhouse servers ? Amazon EC2 ?
I suppose the best security is an IP restriction between the
application server and the cluster. Is there some other way ?

Thanks for sharing your thoughts
Hugo

--

--


(system) #5