Hi,
I have a cluster setup with around 11 nodes, consisting of:
3 master nodes
6 data nodes
2 coordinating-only nodes
I am planning to integrate LDAP for authentication purposes, but I am unsure where to apply the configuration. Should I add the LDAP settings in the elasticsearch.yml for all nodes (masters, data, and coordinators), or is it sufficient to configure LDAP only on the 2 coordinating-only nodes since they handle the client requests?
Thank you in advance.
Best regards
You need to add the LDAP configuration to the nodes where you will have users authenticating, the nodes to which Kibana will communicate.
For example, if you configure Kibana to connect to the coordinating-only nodes, than you need the put the LDAP configuration on them.
But the main issue here is that LDAP is a licensed feature, personally I do not see any reason to have coordinating nodes for such a small cluster, it is basically spending 2 nodes license that could be used for other data nodes in the future.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.