Connecting to an OCI OpenSearch Cluster Dashboard

farisdurrani

Faris Durrani

Posted on June 6, 2023

Connecting to an OCI OpenSearch Cluster Dashboard

From setting up the cluster to loading up the dashboard

Introduction

Oracle Cloud provides the OCI Search Service with OpenSearch, an insight engine they manage. By utilizing the capabilities of OpenSearch and OpenSearch Dashboards within the Oracle Cloud Infrastructure (OCI), you can swiftly store, search, and analyze massive amounts of data and obtain results that are almost instantaneous. Oracle automates crucial tasks such as patching, updating, upgrading, backing up, and resizing the service, all without causing any disruptions.

Prerequisites

1. Working policies:

Allow group <your_group> to manage opensearch-family in compartment opensearch
Allow service opensearch to manage vcns in compartment opensearch
Allow service opensearch to manage vnics in compartment opensearch
Allow service opensearch to use subnets in compartment opensearch
Allow service opensearch to use network-security-groups in compartment opensearch
Enter fullscreen mode Exit fullscreen mode

2. Create a VCN with a public subnet and a private subnet.

3. Create a VM Instance in the public subnet of the VCN.

Task 1: Create an OCI Search Service cluster

1. In the Oracle Cloud console, go to Menu > Databases > OpenSearch

Screenshot - OCI OpenSearch Clusters

2. Create a cluster by clicking on Create cluster

Screenshot - OCI Create cluster process

3. After finishing, you’ll arrive at the cluster details page:

Screenshot - OCI Cluster Details

Task 2: Create security rules in the VCN Security List

1. In the same VCN, add to the VCN Default Security List the following security rules:

Add an ingress rule for port 9200 (OpenSearch), and an ingress rule for 5601 (OpenSearch Dashboards).

Screenshot - security rules in VCN security list

Task 3: Test the connection to OCI Search Service — OpenSearch endpoint

This task has been updated to include the username and password entered during cluster creation. All new clusters must require a username and password. Read more here.

From inside the created VM instance

1. Connect to the instance via SSH:

ssh -i ~/.ssh/id_rsa_opensearch.key opc@<your_VM_instance_public_IP>
Enter fullscreen mode Exit fullscreen mode

2. Run one of the following commands:

# OpenSearch API endpoint example
curl -u myUsername:myPassword https://mycluster.opensearch.us.example.com:9200
Enter fullscreen mode Exit fullscreen mode
# OpenSearch private IP example
curl -u myUsername:myPassword https://<your_opensearch_private_IP>:9200 --insecure
Enter fullscreen mode Exit fullscreen mode

Be sure to change myUsername and myPassword with your own and the OpenSearch addresses.

If the steps are performed correctly you should see a response as follows:

{
"name" : "opensearch-master-0",
"cluster_name" : "opensearch",
"cluster_uuid" : "M6gclrE3QLGEBlkdme8JkQ",
"version" : {
   "distribution" : "opensearch",
   "number" : "1.2.4-SNAPSHOT",
   "build_type" : "tar",
   "build_hash" : "e505b10357c03ae8d26d675172402f2f2144ef0f",
   "build_date" : "2022-02-08T16:44:39.596468Z",
   "build_snapshot" : true,
   "lucene_version" : "8.10.1",
   "minimum_wire_compatibility_version" : "6.8.0",
   "minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
Enter fullscreen mode Exit fullscreen mode

Task 3: Connect to OpenSearch Dashboards

1. From your local machine, through port forwarding.

ssh -C -v -t -L 127.0.0.1:5601:<your_opensearch_dashboards_private_IP>:5601 -L 127.0.0.1:9200:<your_opensearch_private_IP>:9200 opc@<your_instance_public_ip> -i <path_to_your_private_key>
Enter fullscreen mode Exit fullscreen mode

2. Access https://myUsername:myPassword@localhost:5601 in your browser.

Be sure to change myUsername and myPassword with your own.

The following screen, the OpenSearch dashboard, should be displayed:

Screenshot - OpenSearch dashboard

Bonus: Make accessing the dashboard easier

To avoid typing the very long commands above to access the dashboard, simply put this line in your ~/.ssh/config file (in Mac/Linux):

Host faris-opensearch 
    Hostname 150.136.22.122
    User opc
    IdentityFile ~/.ssh/id_rsa
    LocalForward 5601 10.1.0.226:5601 
    LocalForward 9200 10.1.0.28:9200
Enter fullscreen mode Exit fullscreen mode

Where:

  • 150.136.22.122 is the public IP of your OCI compute instance
  • opc is your default OCI instance username
  • ~/.ssh/id_rsa is the location of your private SSH key
  • 10.1.0.226 is your OpenSearch Dashboard private IP
  • 10.1.0.28 is your OpenSearch Private IP

Now, to access your cluster, just run ssh faris-opensearch in your Terminal and go to localhost.


This article has been adapted from https://docs.oracle.com/en/learn/oci-opensearch/index.html#task-7-search-and-visualize-data-in-opensearch-dashboards to include the now-enforced security mode requiring a username and password. My Mythics colleague, Swapnil Kumbhar, contributed to this article.

References

  1. Search and visualize data using OCI Search Service with OpenSearch
  2. Connecting to a cluster
  3. Upgrading an Existing Cluster for Role-Based Access Control

Safe harbor statement
The information provided on this channel/article/story is solely intended for informational purposes and cannot be used as a part of any contractual agreement. The content does not guarantee the delivery of any material, code, or functionality, and should not be the sole basis for making purchasing decisions. The postings on this site are my own and do not necessarily reflect the views or work of Oracle or Mythics, LLC.

This work is licensed under a Creative Commons Attribution 4.0 International License.

💖 💪 🙅 🚩
farisdurrani
Faris Durrani

Posted on June 6, 2023

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related