How to connect Django Backend and Elastic Search under ver 8.8.1? #456
Comments
|
I'm using the following settings in my production: ELASTIC_USERNAME = os.getenv('ELASTIC_USERNAME')
ELASTIC_PASSWORD = os.getenv('ELASTIC_PASSWORD')
ELASTICSEARCH_DSL = {
'default': {
'hosts': 'https://elasticsearch:9200',
'http_auth': (ELASTIC_USERNAME, ELASTIC_PASSWORD),
'verify_certs': True,
'ca_certs': '/app/certs/ca/ca.crt',
},
}
note the hostname elasticsearch_setup:
container_name: es_setup
image: docker.elastic.co/elasticsearch/elasticsearch:8.10.4
volumes:
- certs:/usr/share/elasticsearch/config/certs
user: "0"
env_file:
- .env
command: >
bash -c '
if [ x${ELASTIC_PASSWORD} == x ]; then
echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
exit 1;
elif [ x${KIBANA_PASSWORD} == x ]; then
echo "Set the KIBANA_PASSWORD environment variable in the .env file";
exit 1;
fi;
if [ ! -f config/certs/ca.zip ]; then
echo "Creating CA";
bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
unzip config/certs/ca.zip -d config/certs;
fi;
if [ ! -f config/certs/certs.zip ]; then
echo "Creating certs";
echo -ne \
"instances:\n"\
" - name: elasticsearch\n"\
" dns:\n"\
" - elasticsearch\n"\
" - localhost\n"\
" ip:\n"\
" - 127.0.0.1\n"\
> config/certs/instances.yml;
bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
unzip config/certs/certs.zip -d config/certs;
fi;
echo "Setting file permissions"
chown -R root:root config/certs;
find . -type d -exec chmod 750 \{\} \;;
find . -type f -exec chmod 640 \{\} \;;
echo "Waiting for Elasticsearch availability";
until curl -s --cacert config/certs/ca/ca.crt https://elasticsearch:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
echo "Setting ${KIBANA_USERNAME} password";
until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://elasticsearch:9200/_security/user/${KIBANA_USERNAME}/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
echo "All done!";
'
networks:
- django
healthcheck:
test: ["CMD-SHELL", "[ -f config/certs/elasticsearch/elasticsearch.crt ]"]
interval: 1s
timeout: 5s
retries: 120
elasticsearch:
container_name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:8.10.4
env_file:
- .env
environment:
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
- xpack.security.enabled=true
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=certs/elasticsearch/elasticsearch.key
- xpack.security.http.ssl.certificate=certs/elasticsearch/elasticsearch.crt
- xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.key=certs/elasticsearch/elasticsearch.key
- xpack.security.transport.ssl.certificate=certs/elasticsearch/elasticsearch.crt
- xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.license.self_generated.type=${LICENSE}
mem_limit: 1073741824
ulimits:
memlock:
soft: -1
hard: -1
expose:
- 9200
volumes:
- certs:/usr/share/elasticsearch/config/certs
- esdata:/usr/share/elasticsearch/data
networks:
- django
healthcheck:
test:
[
"CMD-SHELL",
"curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
]
interval: 10s
timeout: 10s
retries: 120
kibana:
container_name: kibana
image: docker.elastic.co/kibana/kibana:8.10.4
env_file:
- .env
labels:
- "traefik.enable=true"
- "traefik.docker.network=web"
- "traefik.http.routers.kibana.rule=Host(`kibana.${DOMAIN_NAME}`)"
- "traefik.http.routers.kibana.entrypoints=web-secure"
- "traefik.http.routers.kibana.tls.certresolver=letsEncrypt"
- "traefik.http.services.kibana.loadbalancer.server.port=5601"
volumes:
- certs:/usr/share/kibana/config/certs
- kibanadata:/usr/share/kibana/data
environment:
- SERVERNAME=kibana
- ELASTICSEARCH_HOSTS=https://elasticsearch:9200
- ELASTICSEARCH_USERNAME=${KIBANA_USERNAME}
- ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
- ELASTICSEARCH_URL=https://elasticsearch:9200
- ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
- SERVER_PUBLICBASEURL=https://kibana.${DOMAIN_NAME}
mem_limit: 1073741824
expose:
- 5601
depends_on:
elasticsearch:
condition: service_healthy
networks:
- web
- django
healthcheck:
test:
[
"CMD-SHELL",
"curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
]
interval: 10s
timeout: 10s
retries: 120 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue
I'm using Django 4.2 and Elastic Search 8.8.1, I don't know how to make ES 8.8.1 available in my django project.
It seems that strict security system is implied in ES 8.8.1, sad for beginner :(
ScreenShot
This screenshot above is the issue I met... at least for now
above is settings.py
pip3 list
The text was updated successfully, but these errors were encountered: