Opensearch without SSL

Facebook
X (Twitter)
LinkedIn
LinkedIn
Share
WhatsApp
Copy link

This blog describes how to create an open search environment without SSL in local dev. This example using open search dockers from AWS.

Create a docker-compose.yml file on root folder and paste the below codes.

version: '3'
services:
  opensearch-node1: # This is also the hostname of the container within the Docker network (i.e. https://opensearch-node1/)
    image: public.ecr.aws/opensearchproject/opensearch:latest
    container_name: opensearch-node1
    environment:
      - cluster.name=opensearch-cluster # Name the cluster
      - node.name=opensearch-node1 # Name the node that will run in this container
      - discovery.seed_hosts=opensearch-node1,opensearch-node2 # Nodes to look for when discovering the cluster
      - cluster.initial_cluster_manager_nodes=opensearch-node1,opensearch-node2 # Nodes eligibile to serve as cluster manager
      - bootstrap.memory_lock=true # Disable JVM heap memory swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # Set min and max JVM heap sizes to at least 50% of system RAM
      - "DISABLE_INSTALL_DEMO_CONFIG=true" # Prevents execution of bundled demo script which installs demo certificates and security configurations to OpenSearch
      - "DISABLE_SECURITY_PLUGIN=true" # Disables Security plugin
    ulimits:
      memlock:
        soft: -1 # Set memlock to unlimited (no soft or hard limit)
        hard: -1
      nofile:
        soft: 65536 # Maximum number of open files for the opensearch user - set to at least 65536
        hard: 65536
    volumes:
      - opensearch-data1:/usr/share/opensearch/data # Creates volume called opensearch-data1 and mounts it to the container
      - ../opensearch.yml:/usr/share/opensearch/config/opensearch.yml
    ports:
      - 9200:9200 # REST API
      - 9600:9600 # Performance Analyzer
    networks:
      local:
        aliases:
          - site1.staging
          
  opensearch-node2:
    image: public.ecr.aws/opensearchproject/opensearch:latest
    container_name: opensearch-node2
    environment:
      - cluster.name=opensearch-cluster # Name the cluster
      - node.name=opensearch-node2 # Name the node that will run in this container
      - discovery.seed_hosts=opensearch-node1,opensearch-node2 # Nodes to look for when discovering the cluster
      - cluster.initial_cluster_manager_nodes=opensearch-node1,opensearch-node2 # Nodes eligibile to serve as cluster manager
      - bootstrap.memory_lock=true # Disable JVM heap memory swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # Set min and max JVM heap sizes to at least 50% of system RAM
      - "DISABLE_INSTALL_DEMO_CONFIG=true" # Prevents execution of bundled demo script which installs demo certificates and security configurations to OpenSearch
      - "DISABLE_SECURITY_PLUGIN=true" # Disables Security plugin
    ulimits:
      memlock:
        soft: -1 # Set memlock to unlimited (no soft or hard limit)
        hard: -1
      nofile:
        soft: 65536 # Maximum number of open files for the opensearch user - set to at least 65536
        hard: 65536
    volumes:
      - opensearch-data2:/usr/share/opensearch/data # Creates volume called opensearch-data1 and mounts it to the container
      - ../opensearch.yml:/usr/share/opensearch/config/opensearch.yml
    networks:
      local:
        aliases:
          - site1.staging

  opensearch-dashboards:
   image: public.ecr.aws/opensearchproject/opensearch-dashboards:latest
   container_name: opensearch-dashboards
   ports:
     - 5601:5601 # Map host port 5601 to container port 5601
   expose:
     - "5601"
   environment:
     - 'OPENSEARCH_HOSTS=["http://opensearch-node1:9200","http://opensearch-node2:9200"]'
     - "DISABLE_SECURITY_DASHBOARDS_PLUGIN=true"
   networks:
     local:
       aliases:
         - site1.staging

volumes:
  opensearch-data1:
  opensearch-data2:

networks:
  local:

Create an opensearch.yml file in the root folder and paste the below codes

---
cluster.name: opensearch-cluster
#plugins.security.disabled: true
#discovery.type: single-node

# Bind to all interfaces because we don't know what IP address Docker will assign to us.
network.host: 0.0.0.0

# # minimum_master_nodes need to be explicitly set when bound on a public IP
# # set to 1 to allow single node clusters
#discovery.zen.minimum_master_nodes: 1

# Setting network.host to a non-loopback address enables the annoying bootstrap checks. "Single-node" mode disables them again.
#discovery.type: single-node

Then run docker-compose up –build -d

Add domain site1.staging on your host file

Got to your browser and type http://site1.staging:5601/

Your opensearch is ready !!