I'm curious if there has been any discussion around the ideal network infrastructure setup for Elasticsearch running on EC2 instances on AWS. I set up a few clusters before using public EC2 instances that had been configured with Security Groups that only allowed traffic to and from the appropriate sources (e.g. from Logstash and the API server) and then have only one instance that was publicly accessible: the API server.
However, there are so many networking configuration options, and networking is not my greatest strength. Should Elasticsearch be in a private subnet and use a NAT Gateway? Should it be configured the way I mentioned I was doing it above? Some other way?
I know that, as with most software at this level, that it probably depends on your use case and you CAN configure it any way you want, but there surely must be some relatively ideal practice for most use cases, isn't there?
Any thoughts on this would be much appreciated.