Elasticsearch server


(Abhishek Jajoria) #1

My elasticsearch server detects other clusters which are running in
the same network similarly other server detects my cluster. How can I
configure the elasticsearch.yml so that no other server can detect my
cluster.


(kalyan.sweta) #2

By Setting ur cluster name in elasticsearch.yml
Eg : cluster.name: clustername

On Wed, Feb 22, 2012 at 11:01 AM, jajoria abhishek <
jajoria.abhishek@gmail.com> wrote:

My elasticsearch server detects other clusters which are running in
the same network similarly other server detects my cluster. How can I
configure the elasticsearch.yml so that no other server can detect my
cluster.


(Shay Banon) #3

Or, disalbe multicast and use unicast discovery.

On Wednesday, February 22, 2012 at 7:38 AM, sweta kalyan wrote:

By Setting ur cluster name in elasticsearch.yml
Eg : cluster.name (http://cluster.name): clustername

On Wed, Feb 22, 2012 at 11:01 AM, jajoria abhishek <jajoria.abhishek@gmail.com (mailto:jajoria.abhishek@gmail.com)> wrote:

My elasticsearch server detects other clusters which are running in
the same network similarly other server detects my cluster. How can I
configure the elasticsearch.yml so that no other server can detect my
cluster.


(Abhishek Jajoria) #4

By disabling the multicast discovery can other network elasticserver can
acess my indexes by specifying the port and adress in the client
client = new TransportClient().addTransportAddress(new
InetSocketTransportAddress(192.168.5.212,9300));

On Fri, Feb 24, 2012 at 7:02 PM, Shay Banon kimchy@gmail.com wrote:

Or, disalbe multicast and use unicast discovery.

On Wednesday, February 22, 2012 at 7:38 AM, sweta kalyan wrote:

By Setting ur cluster name in elasticsearch.yml
Eg : cluster.name: clustername

On Wed, Feb 22, 2012 at 11:01 AM, jajoria abhishek <
jajoria.abhishek@gmail.com> wrote:

My elasticsearch server detects other clusters which are running in
the same network similarly other server detects my cluster. How can I
configure the elasticsearch.yml so that no other server can detect my
cluster.


(Shay Banon) #5

Yes.

On Saturday, February 25, 2012 at 1:48 PM, jajoria abhishek wrote:

By disabling the multicast discovery can other network elasticserver can acess my indexes by specifying the port and adress in the client
client = new TransportClient().addTransportAddress(new InetSocketTransportAddress(192.168.5.212,9300));

On Fri, Feb 24, 2012 at 7:02 PM, Shay Banon <kimchy@gmail.com (mailto:kimchy@gmail.com)> wrote:

Or, disalbe multicast and use unicast discovery.

On Wednesday, February 22, 2012 at 7:38 AM, sweta kalyan wrote:

By Setting ur cluster name in elasticsearch.yml
Eg : cluster.name (http://cluster.name): clustername

On Wed, Feb 22, 2012 at 11:01 AM, jajoria abhishek <jajoria.abhishek@gmail.com (mailto:jajoria.abhishek@gmail.com)> wrote:

My elasticsearch server detects other clusters which are running in
the same network similarly other server detects my cluster. How can I
configure the elasticsearch.yml so that no other server can detect my
cluster.


(Abhishek Jajoria) #6

But that's the security issue by accessing my indexes other network can
delete it or modify it I want to make my cluster safe from other clusters
in the network so that no other network can access my cluster or can read
data from the indexes how can I do that in ES.

On Mon, Feb 27, 2012 at 1:06 AM, Shay Banon kimchy@gmail.com wrote:

Yes.

On Saturday, February 25, 2012 at 1:48 PM, jajoria abhishek wrote:

By disabling the multicast discovery can other network elasticserver can
acess my indexes by specifying the port and adress in the client
client = new TransportClient().addTransportAddress(new
InetSocketTransportAddress(192.168.5.212,9300));

On Fri, Feb 24, 2012 at 7:02 PM, Shay Banon kimchy@gmail.com wrote:

Or, disalbe multicast and use unicast discovery.

On Wednesday, February 22, 2012 at 7:38 AM, sweta kalyan wrote:

By Setting ur cluster name in elasticsearch.yml
Eg : cluster.name: clustername

On Wed, Feb 22, 2012 at 11:01 AM, jajoria abhishek <
jajoria.abhishek@gmail.com> wrote:

My elasticsearch server detects other clusters which are running in
the same network similarly other server detects my cluster. How can I
configure the elasticsearch.yml so that no other server can detect my
cluster.


(Mark Waddle) #7

Have you considered configuring that at the OS network configuration level using iptables or something similar?


(Abhishek Jajoria) #8

Sir,
I can't debarred other systems to connect to my network but I also do not
want them to access my elasticserver cluster in any form by specifying the
port and server.

client = new TransportClient().addTransportAddress(new
InetSocketTransportAddress(IndexserverName.toString(),port));
It is very difficult to configure that on OS network.
Is it possible in any from in ES configure level?

On Mon, Feb 27, 2012 at 2:24 PM, Mark Waddle mark@markwaddle.com wrote:

Have you considered configuring that at the OS network configuration level
using iptables or something similar?


(Shay Banon) #9

You need to set your own firewall rules if you want to restrict connection from specific hosts.

On Monday, February 27, 2012 at 12:41 PM, jajoria abhishek wrote:

Sir,
I can't debarred other systems to connect to my network but I also do not want them to access my elasticserver cluster in any form by specifying the port and server.

client = new TransportClient().addTransportAddress(new InetSocketTransportAddress(IndexserverName.toString(),port));
It is very difficult to configure that on OS network.
Is it possible in any from in ES configure level?

On Mon, Feb 27, 2012 at 2:24 PM, Mark Waddle <mark@markwaddle.com (mailto:mark@markwaddle.com)> wrote:

Have you considered configuring that at the OS network configuration level using iptables or something similar?


(Darron Froese) #10

If you're deploying your Elasticsearch cluster via Chef, it's pretty
simple to add each IP address to a data bag, then configure the
firewall on each node from the data bag.

I can post my recipe if anyone's interested.

On Mon, Feb 27, 2012 at 3:41 AM, jajoria abhishek
jajoria.abhishek@gmail.com wrote:

Sir,
I can't debarred other systems to connect to my network but I also do not
want them to access my elasticserver cluster in any form by specifying the
port and server.

client = new TransportClient().addTransportAddress(new
InetSocketTransportAddress(IndexserverName.toString(),port));
It is very difficult to configure that on OS network.
Is it possible in any from in ES configure level?

On Mon, Feb 27, 2012 at 2:24 PM, Mark Waddle mark@markwaddle.com wrote:

Have you considered configuring that at the OS network configuration level
using iptables or something similar?


(system) #11