As part of my self-training with Elasticsearch, I would like to install Elasticsearch on Azure VM und publish it over the Internet so that I can access my server anywhere. It is not recommended to publish Elasticsearch server on the internet because of security. So don’t do this to your production one, but you can use the concept for publishing server on your LAN. The installation and configuration are pretty easy. It does matter where to find and how you should configure Azure and Elasticsearch.
1. Azure virtual machine
Create a new Ubuntu VM on Azure and use Putty to login to server
2. Install Java
Elasticsearch is developed in Java so you need to install Java JRE or Java JDK on our server. You can use OpenJDK or Oracle JDK. I prefer using Oracle JDK for better performance and compatibility.
Add the Oracle Java PPP to apt repository:
sudo add-apt-repository -y ppa:webupd8team/java
Update your apt package database:
sudo apt-get update
Install the latest version of Oracle JDK 8
sudo apt-get -y install oracle-java8-installer
Note: You have to accept the license agreement coming with the pop-up window, use Tab key to switch to Yes/No answer.
Verify if Oracle JDK is successfully installed
3. Download and install Elasticsearch
Go to homepage of Elasticsearch and copy the download link of DEB installation package. The current version of Elasticsearch at the time of this post is 2.3.5 so I download the installation file with following command.
Then install it with the dpkg command
sudo dpkg -i elasticsearch-2.3.5.deb
After the command is executed, Elasticsearch is installed in /usr/share/elasticsearch/ with it configuration file in /etc/elasticsearch/ and its init script in /etc/init.d/elasticsearch
To configure Elasticsearch starting and stopping automatically with the virtual machine, you can add its init script to the default with the following command
sudo update-rc.d elasticsearch defaults
4. Publish Elasticsearch on internet
4.1 Configure Elasticsearch
Configure Elasticsearch to host his server over public IP address by editing the configuration file of Elasticsearch with this command
sudo update-rc.d elasticsearch defaults
Uncomment network.host setting and set it value to 0.0.0.0
Lastly remember to restart your Elasticsearch server so that he applies your changes.
sudo service elasticsearch restart
sudo service elasticsearch stop sudo service elasticsearch start
4.2 Open port 9200
The default working port of Elasticsearch is 9200. If you don’t change its port (by changing value of http.port), you have to open the port 9200 for inbound connection by executing this command
sudo iptables -A INPUT -m tcp -p tcp --dport 9200 -j ACCEPT
Verify if changes are applied
sudo iptables -L
4.3 Configure Azure network security
If you have your VM not installed on the cloud, you can skip this step because your Elasticsearch is ready now. If you have your VM on the cloud like mine (in Azure), you have to do one more step to open your port through the network.
In Azure portal, open the network security applied for your VM, select Inbound security rules
Add new inbound rule for port 9200
Now your Elasticsearch is ready and accessible on the internet by accessing over public IP of your virtual machine. Typing your public IP plus public port of Elasticsearch in browser
If you see above message, the installation and configuration are successful.
5. Secure Elasticsearch with Authentication
Now the server has been installed but it gives access to anyone. Who has the public IP address of the server, can send a query to it. We can secure the server by enabling basic authentication with plugin Shield. Execute following command to install Shield
sudo su cd /usr/share/elasticsearch bin/plugin install license bin/plugin install shield sudo service elasticsearch restart
Now the Elasticsearch is now password-protected. Username and password are required to communicate with the cluster. If a request is submitted without a username and password, the request is rejected
To use basic authentication, users should be set up and assigned to one of the basic predefined roles
– admin : Can perform any cluster or index action.
– power_user : Can monitor the cluster and perform any index action.
– user : Can perform read actions on any index.
For example, create a user with the admin role. Use the esusers tool to create an admin user
sudo su cd /usr/share/elasticsearch bin/shield/esusers useradd es_admin -r admin
When prompted, enter a password for the new user. Passwords must be at least 6 characters long.
Now you can submit requests as admin user
Now the server is secured with basic authentication.