TransWikia.com

Magento 2.4 dev.docs: about recommended Elasticsearch configurations

Magento Asked by Andrej Bukin on November 8, 2021

There are two different recommendations/examples:

  1. "The Magento application and Elasticsearch are installed on different hosts (Running on separate hosts is secure, enables Elasticsearch to be scaled, and is necessary for proxying to work)": https://devdocs.magento.com/guides/v2.4/install-gde/prereq/elasticsearch.html
  2. "Elasticsearch runs on the same host as a web server (The advantage of putting Elasticsearch and the web server on the same host is that it makes intercepting encrypted communication impossible): https://devdocs.magento.com/guides/v2.4/install-gde/prereq/es-config-nginx.html (also analogical topic with last one: https://devdocs.magento.com/guides/v2.4/install-gde/prereq/es-config-apache.html)
    So, what it mean – here no direct recommendations about same or different hosts or machines? Or what, when and how to choose?
    I’m now on my own machine (PC) with one OS, Apache+Nginx (or may be only Apache).
    And what should be correct configuration or most effective way for production mode in future? Or it is can stay same rules for both stages (and for developer mode)?
configurationdocumentationelasticsearchmagento2.4server setup

One Answer

Magento docs about ELK setup and connections are wrong. a bit out of context.

ELK has its own security plugin to protect connections.

on the same server you can run ELK with 127.0.0.1:9200 , best option is to enable xpack.security plugun, https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html

echo "discovery.type: single-node" >> /etc/elasticsearch/elasticsearch.yml
echo "xpack.security.enabled: true" >> /etc/elasticsearch/elasticsearch.yml

then generate passwords:

/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto

then in case you have remote connection on another server you can aslo use http auth built in.

then in magento admin ELK module settings add HTTP Auth name and password.

in some more complex setups https needs to be enabled, with domain and ssl cert avalable for ELK to connect between nodes.

about workload - you need to know that ELK stack takes too much memory and disk space, so its up to you - using the same server or separate.

Answered by MagenX on November 8, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

Recent Answers

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP