@@ -11,99 +11,72 @@ include::install_remove.asciidoc[]
11
11
[[discovery-ec2-usage]]
12
12
==== Getting started with AWS
13
13
14
- The plugin will default to using
14
+ The plugin provides a hosts provider for zen discovery named `ec2`. This hosts provider
15
+ finds other Elasticsearch instances in EC2 through AWS metadata. Authentication is done using
15
16
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html[IAM Role]
16
- credentials for authentication. These can be overridden by, in increasing
17
- order of precedence, system properties `aws.accessKeyId` and `aws.secretKey`,
18
- environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_KEY`, or the
19
- elasticsearch config using `cloud.aws.access_key` and `cloud.aws.secret_key`:
17
+ credentials by default. The only necessary configuration change to enable the plugin
18
+ is setting the unicast host provider for zen discovery:
20
19
21
20
[source,yaml]
22
21
----
23
- cloud:
24
- aws:
25
- access_key: AKVAIQBF2RECL7FJWGJQ
26
- secret_key: vExyMThREXeRMm/b/LRzEB8jWwvzQeXgjqMX+6br
22
+ discovery.zen.hosts_provider: ec2
27
23
----
28
24
29
- [[discovery-ec2-usage-security]]
30
- ===== Transport security
25
+ ==== Settings
31
26
32
- By default this plugin uses HTTPS for all API calls to AWS endpoints. If you wish to configure HTTP you can set
33
- `cloud.aws.protocol` in the elasticsearch config. You can optionally override this setting per individual service
34
- via: `cloud.aws.ec2.protocol` or `cloud.aws.s3.protocol`.
27
+ EC2 host discovery supports a number of settings.
28
+ Some settings are sensitive and must be stored in the {ref}/secure-settings.html[elasticsearch keystore].
29
+ For example, to use explicit AWS access keys:
35
30
36
- [source,yaml ]
31
+ [source,sh ]
37
32
----
38
- cloud:
39
- aws:
40
- protocol: https
41
- ec2:
42
- protocol: https
33
+ bin/elasticsearch-keystore add discovery.ec2.access_key
34
+ bin/elasticsearch-keystore add discovery.ec2.secret_key
43
35
----
44
36
45
- In addition, a proxy can be configured with the `proxy.host`, `proxy.port`, `proxy.username` and `proxy.password` settings
46
- (note that protocol can be `http` or `https`):
37
+ The following are the available discovery settings. All should be prefixed with `discovery.ec2.`.
38
+ Those that must be stored in the keystore are marked as `Secure`.
47
39
48
- [source,yaml]
49
- ----
50
- cloud:
51
- aws:
52
- protocol: https
53
- proxy:
54
- host: proxy1.company.com
55
- port: 8083
56
- username: myself
57
- password: theBestPasswordEver!
58
- ----
59
40
60
- You can also set different proxies for `ec2` and `s3` :
41
+ `access_key`: :
61
42
62
- [source,yaml]
63
- ----
64
- cloud:
65
- aws:
66
- s3:
67
- proxy:
68
- host: proxy1.company.com
69
- port: 8083
70
- username: myself1
71
- password: theBestPasswordEver1!
72
- ec2:
73
- proxy:
74
- host: proxy2.company.com
75
- port: 8083
76
- username: myself2
77
- password: theBestPasswordEver2!
78
- ----
43
+ An s3 access key. The `secret_key` setting must also be specified. (Secure)
79
44
80
- ===== Read timeout
45
+ `secret_key`::
81
46
82
- Read timeout determines the amount of time to wait for data to be transferred over an established,
83
- open connection before the connection is timed out. Defaults to AWS SDK default value (`50 s`).
84
- It can be configured with `cloud.aws.read_timeout` (or `cloud.aws.ec2.read_timeout`) setting:
47
+ An s3 secret key. The `access_key` setting must also be specified. (Secure)
85
48
86
- [source, yaml]
87
- ----
88
- cloud.aws.read_timeout: 30s
89
- ----
49
+ `endpoint`::
90
50
91
- [[discovery-ec2-discovery]]
92
- ==== EC2 Discovery
51
+ The ec2 service endpoint to connect to. This will be automatically
52
+ figured out by the ec2 client based on the instance location, but
53
+ can be specified explicitly. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region.
93
54
94
- ec2 discovery allows to use the ec2 APIs to perform automatic discovery (similar to multicast in non hostile multicast
95
- environments). Here is a simple sample configuration:
55
+ `protocol`::
96
56
97
- [source,yaml]
98
- ----
99
- discovery:
100
- zen.hosts_provider: ec2
101
- ----
57
+ The protocol to use to connect to ec2. Valid values are either `http`
58
+ or `https`. Defaults to `https`.
59
+
60
+ `proxy.host`::
61
+
62
+ The host name of a proxy to connect to ec2 through.
63
+
64
+ `proxy.port`::
65
+
66
+ The port of a proxy to connect to ec2 through.
67
+
68
+ `proxy.username`::
102
69
103
- The ec2 discovery is using the same credentials as the rest of the AWS services provided by this plugin (`repositories`).
104
- See <<discovery-ec2-usage>> for details.
70
+ The username to connect to the `proxy.host` with. (Secure)
105
71
106
- The following are a list of settings (prefixed with `discovery.ec2`) that can further control the discovery:
72
+ `proxy.password`::
73
+
74
+ The password to connect to the `proxy.host` with. (Secure)
75
+
76
+ `read_timeout`::
77
+
78
+ The socket timeout for connecting to ec2. The value should specify the unit. For example,
79
+ a value of `5s` specifies a 5 second timeout. The default value is 50 seconds.
107
80
108
81
`groups`::
109
82
@@ -231,12 +204,6 @@ cloud.node.auto_attributes: true
231
204
cluster.routing.allocation.awareness.attributes: aws_availability_zone
232
205
----
233
206
234
- [[discovery-ec2-endpoint]]
235
- ===== Using other EC2 endpoint
236
-
237
- If you are using any EC2 api compatible service, you can set the endpoint you want to use by setting
238
- `cloud.aws.ec2.endpoint` to your URL provider.
239
-
240
207
[[cloud-aws-best-practices]]
241
208
==== Best Practices in AWS
242
209
0 commit comments