Welcome Guest! Log in


SearchGuard is a security system that can be used to protect Elasticsearch clusters.

When secured, a cluster requires the use of keystores, truststores, and user / password authentication to be accessed.

This article demonstrates how to connect to this kind of clusters in Stambia DI.

Prerequisites:

  • addons.elasticsearch_1.0.4.201612161602 or higher

 

Installation of libraries

The first step is to install in the Runtime the Elasticsearch and SearchGuard libraries.

We cannot provide the exact list of libraries as it depends on the Searchguard and Elasticsearch versions.

But, make sure to use the same libraries versions between Elasticsearch and SearchGuard

Copy all those libraries in the <stambiaRuntime>/lib/addons/elasticsearch folder.

Then restart the Runtime.

 

As an example, here are the libraries for the 2.4.1 version of Elasticsearch / SearchGuard

apache-log4j-extras-1.2.17.jar
commons-cli-1.3.1.jar
compiler-0.8.13.jar
compress-lzf-1.0.2.jar
elasticsearch-2.4.1.jar
guava-18.0.jar
HdrHistogram-2.1.6.jar
hppc-0.7.1.jar
jackson-core-2.8.1.jar
jackson-dataformat-cbor-2.8.1.jar
jackson-dataformat-smile-2.8.1.jar
jackson-dataformat-yaml-2.8.1.jar
jna-4.1.0.jar
joda-convert-1.2.jar
joda-time-2.9.4.jar
jsr166e-1.1.0.jar
jts-1.13.jar
log4j-1.2.17.jar
lucene-analyzers-common-5.5.2.jar
lucene-backward-codecs-5.5.2.jar
lucene-core-5.5.2.jar
lucene-grouping-5.5.2.jar
lucene-highlighter-5.5.2.jar
lucene-join-5.5.2.jar
lucene-memory-5.5.2.jar
lucene-misc-5.5.2.jar
lucene-queries-5.5.2.jar
lucene-queryparser-5.5.2.jar
lucene-sandbox-5.5.2.jar
lucene-spatial-5.5.2.jar
lucene-spatial3d-5.5.2.jar
lucene-suggest-5.5.2.jar
netty-3.10.6.Final.jar
netty-buffer-4.0.37.Final.jar
netty-codec-4.0.37.Final.jar
netty-common-4.0.37.Final.jar
netty-handler-4.0.37.Final.jar
netty-tcnative-1.1.33.Fork17-linux-x86_64.jar
netty-transport-4.0.37.Final.jar
search-guard-ssl-2.4.1.16.jar
securesm-1.0.jar
snakeyaml-1.15.jar
spatial4j-0.5.jar
t-digest-3.0.jar

 

Again this is just an example for the 2.4.1 version, it can vary for other versions.

In most cases, the required libraries can be found in the lib/ folder of the Elasticsearch server installation.

 

Metadata Configuration

Open the Elasticsearch Metadata and configure it as follow.

  1. Set the HTTP user and password
  2. Set the Path Home
  3. Open the Security tab and fill the Security settings

 

Metadata

 

HTTP User and Password

The HTTP user and password will be used when performing reverse operations on the cluster.

This is the login asked when trying to access the cluster from a browser, for instance.

 

Path Home

The Path Home is the Elasticsearch installation path on the server.

You can use "." to tell the Elasticsearch driver to use the current installation.

 

Security

Metadata security tab

The security settings allow to define the location and properties of the Key Store and Trust Store that will be used by the Runtime when executing Elasticsearch flows.

The Key Store and Trust Store to use are the ones authorized on SearchGuard.

Here is the list of the available Properties:

Property Description Example
Enable SSL Set it to true to enable the security  
Plugin Class

The Java class to use for security.

For SearchGuard:

com.floragunn.searchguard.ssl.SearchGuardSSLPlugin

Key Store

Location of the Key Store file.

The Runtime must be able to access it.

D:/elasticsearch/localhost-keystore.jks
Key Store Type Key Store Type (JKS or PKCS12) JKS
Key Store Password Password of the Key Store file.  
Trust Store

Location of the Trust Store file.

The Runtime must be able to access it.

D:/elasticsearch/truststore.jks
Trust Store Type Trust Store Type (JKS or PKCS12) JKS
Trust Store Password: Password of the Trust Store file.  

 

That's it, Stambia DI is now ready to work with SearchGuard secured Elasticsearch cluster.

You can develop your Mappings and Processes as usual.

The security will be handled by the Metadata and the Runtime.

 

You have no rights to post comments

Articles

Suggest a new Article!