Play with Secured Elastic Search With Python Django on Ubuntu— Part 1
By definition from Wikipedia “ Elasticsearch is a search engine based on the Lucene library. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents”
If I try to simplify this, if you want to implement a full text search feature in your application, then probably basic search queries of SQL (like etc) won’t work perfectly if a user writes a long sentence or the spellings of it are incorrect!
In PostgreSQL there is a feature call TriGram search where too some extent this can be done but it is slow.
In most eCommerce applications you can see search mechanisms are very good to return relevant results as well as suggestions while typing into the search bar. See the video to get better understanding of it.
Ok, long story short, let us install and configure Elasticsearch in Ubuntu.
You Need to install java (better to install LTS version ≥8 )! [Login as superuser]
sudo apt update
sudo apt install apt-transport-https
sudo apt install openjdk-8-jdk
Now run this command to copy GPG
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
Now run this command to issue repository of ElasticSearch
sudo sh -c 'echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
Now run these commands to install ElasticSearch
sudo apt update
sudo apt install elasticsearchsudo systemctl enable elasticsearch.service
sudo systemctl start elasticsearch.service
In terminal, if you try to run a curl command like this, you can see elastic search output
curl -X GET "localhost:9200/"
To access it from remote connect you need to configure the configuration file of elasticsearch located at /etc/elasticsearch/elasticsearch.yml
Edit the file and Uncomment(remove # from the beginning of each line) and change values like this and save
nano /etc/elasticsearch/elasticsearch.yml
Now edit the following lines
cluster.name: my-application
network.host: 0.0.0.0
cluster.initial_master_nodes: ["127.0.0.1"]
Now hit ctrl +x and press y to save.
Now allow firewall ports to run [betting to bind ip for more security]
sudo ufw allow 22
sudo ufw allow 9200
sudo ufw enable
sudo ufw status
Now restart elasticsearch and type the url of the server-ip:9200 on your browser
sudo systemctl restart elasticsearch
Now in your browser if you hit http://ipaddress:9200 you can see
This is a great extention to test elasticsearch https://chrome.google.com/webstore/detail/elasticvue/hkedbapjpblbodpgbajblpnlpenaebaa?hl=en
Now to secure more you need to do the following steps
Stop Elasticsearch
sudo service elasticsearch stop
cd /usr/share/elasticsearch
bin/elasticsearch-certutil cert
Now you will be prompt to generate certificate, now set set filename to config/elastic-certificates.p12 and hit enter.
Now you can see a certificate file of that name has been generated in /usr/share/elasticsearch/config/elastic-certificates.p12
You need to move that file to /etc/elasticsearch directory
After moving the file, now run this
cd /etc/elasticsearch
sudo chown root:elasticsearch elastic-c*sudo chown root:elasticsearch elasticsearch.keystore
chmod 750 elastic-certificates.p12
chmod 750 elasticsearch.keystore
Now edit the elasticsearch configuration file to enable Xpack Security.
nano /etc/elasticsearch/elasticsearch.yml
Add following lines at the bottom
xpack.security.enabled:true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
Now start elastic search
sudo systemctl start elasticsearch
Open another terminal tab to set password [in that case you can use interactive to set manual passwords]
cd /usr/share/elasticsearch
bin/elasticsearch-setup-passwords auto
Now restart
sudo systemctl restart elasticsearch
Now if you try to hit the elastictic search url, you will need to enter username and password which will be for user elastic (output of the previous command will give you that)
Now you have to do the most important thing “Follow me on medium”
Next Part 2 we will see how we can connect elastic search with Python
Next Part 3 we will see how we can integrate with Django and Rest API