Connecting to an OCI OpenSearch Cluster Dashboard
Faris Durrani
Posted on June 6, 2023
From setting up the cluster to loading up the dashboard
Introduction
Oracle Cloud provides the OCI Search Service with OpenSearch, an insight engine they manage. By utilizing the capabilities of OpenSearch and OpenSearch Dashboards within the Oracle Cloud Infrastructure (OCI), you can swiftly store, search, and analyze massive amounts of data and obtain results that are almost instantaneous. Oracle automates crucial tasks such as patching, updating, upgrading, backing up, and resizing the service, all without causing any disruptions.
Prerequisites
1. Working policies:
Allow group <your_group> to manage opensearch-family in compartment opensearch
Allow service opensearch to manage vcns in compartment opensearch
Allow service opensearch to manage vnics in compartment opensearch
Allow service opensearch to use subnets in compartment opensearch
Allow service opensearch to use network-security-groups in compartment opensearch
2. Create a VCN with a public subnet and a private subnet.
3. Create a VM Instance in the public subnet of the VCN.
Task 1: Create an OCI Search Service cluster
1. In the Oracle Cloud console, go to Menu > Databases > OpenSearch
2. Create a cluster by clicking on Create cluster
3. After finishing, you’ll arrive at the cluster details page:
Task 2: Create security rules in the VCN Security List
1. In the same VCN, add to the VCN Default Security List the following security rules:
Add an ingress rule for port 9200 (OpenSearch), and an ingress rule for 5601 (OpenSearch Dashboards).
Task 3: Test the connection to OCI Search Service — OpenSearch endpoint
This task has been updated to include the username and password entered during cluster creation. All new clusters must require a username and password. Read more here.
From inside the created VM instance
1. Connect to the instance via SSH:
ssh -i ~/.ssh/id_rsa_opensearch.key opc@<your_VM_instance_public_IP>
2. Run one of the following commands:
# OpenSearch API endpoint example
curl -u myUsername:myPassword https://mycluster.opensearch.us.example.com:9200
# OpenSearch private IP example
curl -u myUsername:myPassword https://<your_opensearch_private_IP>:9200 --insecure
Be sure to change myUsername
and myPassword
with your own and the OpenSearch addresses.
If the steps are performed correctly you should see a response as follows:
{
"name" : "opensearch-master-0",
"cluster_name" : "opensearch",
"cluster_uuid" : "M6gclrE3QLGEBlkdme8JkQ",
"version" : {
"distribution" : "opensearch",
"number" : "1.2.4-SNAPSHOT",
"build_type" : "tar",
"build_hash" : "e505b10357c03ae8d26d675172402f2f2144ef0f",
"build_date" : "2022-02-08T16:44:39.596468Z",
"build_snapshot" : true,
"lucene_version" : "8.10.1",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
Task 3: Connect to OpenSearch Dashboards
1. From your local machine, through port forwarding.
ssh -C -v -t -L 127.0.0.1:5601:<your_opensearch_dashboards_private_IP>:5601 -L 127.0.0.1:9200:<your_opensearch_private_IP>:9200 opc@<your_instance_public_ip> -i <path_to_your_private_key>
2. Access https://myUsername:myPassword@localhost:5601 in your browser.
Be sure to change myUsername and myPassword with your own.
The following screen, the OpenSearch dashboard, should be displayed:
Bonus: Make accessing the dashboard easier
To avoid typing the very long commands above to access the dashboard, simply put this line in your ~/.ssh/config
file (in Mac/Linux):
Host faris-opensearch
Hostname 150.136.22.122
User opc
IdentityFile ~/.ssh/id_rsa
LocalForward 5601 10.1.0.226:5601
LocalForward 9200 10.1.0.28:9200
Where:
-
150.136.22.122
is the public IP of your OCI compute instance -
opc
is your default OCI instance username -
~/.ssh/id_rsa
is the location of your private SSH key -
10.1.0.226
is your OpenSearch Dashboard private IP -
10.1.0.28
is your OpenSearch Private IP
Now, to access your cluster, just run ssh faris-opensearch
in your Terminal and go to localhost.
This article has been adapted from https://docs.oracle.com/en/learn/oci-opensearch/index.html#task-7-search-and-visualize-data-in-opensearch-dashboards to include the now-enforced security mode requiring a username and password. My Mythics colleague, Swapnil Kumbhar, contributed to this article.
References
- Search and visualize data using OCI Search Service with OpenSearch
- Connecting to a cluster
- Upgrading an Existing Cluster for Role-Based Access Control
Safe harbor statement
The information provided on this channel/article/story is solely intended for informational purposes and cannot be used as a part of any contractual agreement. The content does not guarantee the delivery of any material, code, or functionality, and should not be the sole basis for making purchasing decisions. The postings on this site are my own and do not necessarily reflect the views or work of Oracle or Mythics, LLC.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Posted on June 6, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.