ElasticSearch Security and Ports

0
votes

I have setup an elastic-search cluster with two data nodes , one master node and one client node with KIBANA.

I was running it with iptables disabled on each node (CC 6). Now i need to enable iptables and i want to know which of the ports (9200 , 9300) , i need to open on each node and in which direction (incoming or outgoing). The discovery is using uni-cast.

I would also like to know on which node i should place authentication , i.e just the client node ?

 Cluster: mycluster
 data-node1
 data-node2
 master-node1
 client-node1

Thanks.

1
elasticsearchkibana-4

1 Answers

1
votes

9200 is used for the HTTP API, 9300 is used for communication between nodes and cluster.

For the above configuration I would:

  1. Bind port 9200 on all hosts to 127.0.0.1

  2. Bind port 9300 on all hosts to the local lan, i.e. 192.168.x.x

  3. Run nginx and apply basic authentication (htpasswd for example), reverse proxy to 127.0.0.1:5601 (kibana), assuming you're running your client node on the same machine as you are running Kibana on.

  4. In your Kibana configuration, have it connect to localhost:9200 and bind the interface to 127.0.0.1