How to set up elasticsearch to run on the web?


(Jhwhite) #1

I wrote a search app locally and everything is running fine. It's just an angular front end hitting the elasticsearch.

I installed elasticsearch on my digitalocean droplet running Ubuntu 14.04 apache. I have a domain for my app and I've already got one domain there. So I'm running multiple Virtual Hosts.

My service for my angular app is set to hit the elasticsearch cluster at: host: 'http://cvilleclinicaltrials.com:9200'

But my console says ERR_CONNECTION_REFUSED. I'm assuming that's because my .yml file is still set to accept localhost requests only. I changed that to accept from eth0 (which I'm fairly certain is a bad idea but I wanted to get this working) and then I get an error about CORS.

So at the end of the .yml file I added:

http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With,X-Auth-Token,Content-Type, Content-Length"

But then when I restart elasticsearch service my log file shows the node stopping, stopped, closing, closed but it never restarts. If I comment out the above lines or remove them and restart the service it starts up fine.

So my question is, what is the correct way to set this up so my angular app will hit elasticsearch running on my domain on digitalocean?


(Magnus Bäck) #2

Do not expose ES to the web without some kind of filter or proxy that can restrict what clients are allowed to do.


(Jhwhite) #3

Yes, that would be ideal.

I'm not a sys admin guy. Is there some guide somewhere on how to do all of this? How do I setup elasticsearch for a web app?

How do I set it up using Apache or nginx?

How do I setup the filter or proxy?

Is there some trick to editing the .yml file? The one locally works but not on my server.


(Magnus Bäck) #4

I'm not a sys admin guy. Is there some guide somewhere on how to do all of this? How do I setup elasticsearch for a web app?

ES has no "safe web app mode". You need to run a custom proxy to filter the requests.

How do I set it up using Apache or nginx?

You can read up on the REST API and use the proxy to only allow exactly the kind of requests that should be allowed, i.e. what's absolutely necessary for your web app to function.

Alternatively, write your own custom back end that has full access to ES and exposes a custom API that suits your web app.

Is there some trick to editing the .yml file? The one locally works but not on my server.

No, a YAML file is just a plain text file.


(Jhwhite) #5

How do I run a custom proxy? I'm not sure what that means. Do I want to have elasticsearch only allow localhost requests and forward requests sent to port :9200 through to elasticsearch using apache?


(Magnus Bäck) #6

Yes, that'd work. Apache's access control language isn't exactly a joy to work with, but you can probably set it up to only allow access that what the webapp really needs.


(system) #7