yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
26dfc1fff2dd6735fb9ace16a3a59edecfd9873c
doc-exports/docs/css/umn/css_01_0380.html
zhengxiu 2125539080 css umn 25.1.0 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: zhengxiu <zhengxiu@huawei.com>
Co-committed-by: zhengxiu <zhengxiu@huawei.com>
2025-07-04 09:10:17 +00:00

363 lines
50 KiB
HTML
Raw Blame History

<a name="css_01_0380"></a><a name="css_01_0380"></a>
<h1 class="topictitle1">Creating an Elasticsearch Cluster</h1>
<div id="body1578398631878"><p id="css_01_0380__en-us_topic_0000001268594549_p1650716241016">This topic describes how to create an Elasticsearch cluster.</p>
<div class="section" id="css_01_0380__en-us_topic_0000001268594549_section32701230131812"><h4 class="sectiontitle">Scenarios</h4><p id="css_01_0380__p1853617149422"><a href="#css_01_0380__table143555312413">Table 1</a> lists key parameters that differentiate between different types of clusters.</p>
<div class="tablenoborder"><a name="css_01_0380__table143555312413"></a><a name="table143555312413"></a><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__table143555312413" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameters that differentiate between different types of clusters</caption><thead align="left"><tr id="css_01_0380__row7355113184119"><th align="left" class="cellrowborder" valign="top" width="28.000000000000004%" id="mcps1.3.2.3.2.6.1.1"><p id="css_01_0380__p1792319196412">Cluster Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.3.2.6.1.2"><p id="css_01_0380__p193558384119">Security Mode</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.3.2.6.1.3"><p id="css_01_0380__p056813711442">HTTPS Access</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.3.2.6.1.4"><p id="css_01_0380__p735518364113">Internet Access</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.3.2.6.1.5"><p id="css_01_0380__p635510354117">Kibana Public Access</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__row135583124118"><td class="cellrowborder" valign="top" width="28.000000000000004%" headers="mcps1.3.2.3.2.6.1.1 "><p id="css_01_0380__p13923219164113">Cluster in non-security mode</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.2 "><p id="css_01_0380__p9355103154113">Disabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.3 "><p id="css_01_0380__p9956053204316">N/A</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.4 "><p id="css_01_0380__p53553318419">Cannot be enabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.5 "><p id="css_01_0380__p6621334219">Cannot be enabled</p>
</td>
</tr>
<tr id="css_01_0380__row113561639418"><td class="cellrowborder" valign="top" width="28.000000000000004%" headers="mcps1.3.2.3.2.6.1.1 "><p id="css_01_0380__p492341917410">Cluster in security mode + HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.2 "><p id="css_01_0380__p23561230414">Enabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.3 "><p id="css_01_0380__p8956553134317">Disabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.4 "><p id="css_01_0380__p42802594219">Cannot be enabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.5 "><p id="css_01_0380__p1826017817427">Can be enabled</p>
</td>
</tr>
<tr id="css_01_0380__row7356631418"><td class="cellrowborder" valign="top" width="28.000000000000004%" headers="mcps1.3.2.3.2.6.1.1 "><p id="css_01_0380__p192318199415">Cluster in security mode + HTTPS</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.2 "><p id="css_01_0380__p235615354117">Enabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.3 "><p id="css_01_0380__p9956953104318">Enabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.4 "><p id="css_01_0380__p19121171424216">Can be enabled</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.2.6.1.5 "><p id="css_01_0380__p14175201584217">Can be enabled</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="css_01_0380__section15121454102317"><h4 class="sectiontitle">Prerequisites</h4><p id="css_01_0380__p1069335618238">You have planned the Elasticsearch clusters that need to be created by following the instructions in <a href="css_01_0379.html">Elasticsearch Cluster Planning Suggestions</a>.</p>
</div>
<div class="section" id="css_01_0380__en-us_topic_0000001268594549_section781857123412"><h4 class="sectiontitle">Creating a Cluster</h4><ol id="css_01_0380__en-us_topic_0000001268594549_ol175241191249"><li id="css_01_0380__en-us_topic_0000001268594549_li5509181942419">Log in to the <span id="css_01_0380__text1698851499111553">CSS</span> management console.</li><li id="css_01_0380__en-us_topic_0000001268154521_li6012554340">On the <span class="uicontrol" id="css_01_0380__en-us_topic_0000001268154521_uicontrol711552341"><b>Dashboard</b></span> page, click <span class="uicontrol" id="css_01_0380__en-us_topic_0000001268594549_uicontrol12509019152417"><b><span id="css_01_0380__en-us_topic_0000001268594549_text1350917190242">Create Cluster</span></b></span> in the upper right corner. The <strong id="css_01_0380__b18662172316212">Create Cluster</strong> page is displayed.<p id="css_01_0380__p753285116318">Alternatively, choose <strong id="css_01_0380__b155731748546">Clusters</strong> &gt; <strong id="css_01_0380__b526617571418">Elasticsearch</strong> in the navigation tree on the left. Click <span class="uicontrol" id="css_01_0380__uicontrol888816656"><b><span id="css_01_0380__text1088826356">Create Cluster</span></b></span> in the upper right corner. The <strong id="css_01_0380__b3821213156">Create Cluster</strong> page is displayed.</p>
</li><li id="css_01_0380__li10210151122814">On the <strong id="css_01_0380__b185682394113">Basic Configuration</strong> page, configure basic information and resources for the Elasticsearch cluster.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__table12937717172919" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Basic configuration of the Elasticsearch cluster</caption><thead align="left"><tr id="css_01_0380__row6938191792916"><th align="left" class="cellrowborder" valign="top" width="30%" id="mcps1.3.4.2.3.2.2.3.1.1"><p id="css_01_0380__p893871752911">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70%" id="mcps1.3.4.2.3.2.2.3.1.2"><p id="css_01_0380__p49381517172913">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__row1893891719292"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p96193415305">Region</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p14453728143913">Select the region where the cluster is located.</p>
<p id="css_01_0380__p174542028183916">ECSs in different regions cannot communicate with each other over an intranet. For lower network latency and quicker resource access, select the nearest region.</p>
<p id="css_01_0380__p361974173012">Currently, only <strong id="css_01_0380__en-us_topic_0000001268594549_b1568815101902">eu-de</strong> and <strong id="css_01_0380__b95591451453">eu-nl</strong> are supported.</p>
</td>
</tr>
<tr id="css_01_0380__row10938617192914"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p26192416302">AZ</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p1619134116304">Select AZs associated with the cluster region.</p>
<p id="css_01_0380__p106198413301">A maximum of three AZs can be configured. For details about the use of multiple AZs, see <a href="css_01_0379.html#css_01_0379__section1074611275359">Planning Cluster AZs</a>.</p>
</td>
</tr>
<tr id="css_01_0380__row09387179293"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p1193881720299">Type</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p8938517172912">Select <strong id="css_01_0380__b196896666225619">Elasticsearch</strong>.</p>
</td>
</tr>
<tr id="css_01_0380__row393811718293"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p1931734104212">Version</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p1193193464212">Select a cluster version from the drop-down list box.</p>
</td>
</tr>
<tr id="css_01_0380__row193851722916"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p1993103494216">Name</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p209311534154215">Cluster name, which contains 4 to 32 characters. Only letters, numbers, hyphens (-), and underscores (_) are allowed and the value must start with a letter.</p>
</td>
</tr>
<tr id="css_01_0380__row169728477423"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p1900108448">Nodes</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p1090016074417">Number of nodes in the cluster. Select a number from 1 to 32. You are advised to configure three or more nodes to ensure high availability of the cluster.</p>
<ul id="css_01_0380__ul4900180174419"><li id="css_01_0380__css_01_0379_li1890040184413">If <strong id="css_01_0380__css_01_0379_b3718193374312">Master node</strong> and <strong id="css_01_0380__css_01_0379_b57181033134310">Client node</strong> are both unselected, data nodes will be used for all of the following purposes: cluster management, data storage, cluster access, and data analysis. To ensure reliability, a cluster should have a least three nodes.</li><li id="css_01_0380__css_01_0379_li190013024413">If <strong id="css_01_0380__css_01_0379_b1936864134517">Master node</strong> is selected but <strong id="css_01_0380__css_01_0379_b14368194104515">Client node</strong> is not, data nodes will be used for data storage, cluster access, and data analysis.</li><li id="css_01_0380__css_01_0379_li1649103015152">If <strong id="css_01_0380__css_01_0379_b1033785503104625">Master node</strong> is unselected but <strong id="css_01_0380__css_01_0379_b793985729104625">Client node</strong> is selected, data nodes will be used for data storage and cluster management.</li><li id="css_01_0380__css_01_0379_li119008004413">If <strong id="css_01_0380__css_01_0379_b1255825836104625">Master node</strong> and <strong id="css_01_0380__css_01_0379_b1138258908104625">Client node</strong> are both selected, data nodes will be used for data storage only.</li></ul>
<div class="note" id="css_01_0380__note2362165010164"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p2870105418167">If the number of data nodes in a cluster is not an integer multiple of that of AZs, data in the cluster may be unevenly distributed, affecting data query or write performance.</p>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row1217020502430"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p590013004419">CPU Architecture</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p1590016044420"><span class="parmvalue" id="css_01_0380__parmvalue190014084419"><b>x86</b></span>. The supported types depend on the actual regional environment.</p>
</td>
</tr>
<tr id="css_01_0380__row9440165074315"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p14901160144415">Node Specifications</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p29010018444">Data node flavor. You can select a node flavor based on your needs. Each cluster supports only one node flavor.</p>
<p id="css_01_0380__p199010074413">After you select a flavor, the CPU and memory corresponding to the current flavor are displayed below. For example, if you select <strong id="css_01_0380__en-us_topic_0000001268594549_b6155343251948">css.medium.8</strong>, then <strong id="css_01_0380__en-us_topic_0000001268594549_b67868396151948">1 vCPUs | 8 GB</strong> will be displayed, indicating that the node flavor you select contains one vCPU and 8 GB memory.</p>
</td>
</tr>
<tr id="css_01_0380__row4637195017436"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p3901506447">Node Storage Type</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p129011600445">If you select EVS for node storage, you need to further select the EVS disk type for data nodes of the cluster. Options include Common I/O, High I/O, Ultra-high I/O.</p>
</td>
</tr>
<tr id="css_01_0380__row19804105064311"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p179017064416">Node Storage<span id="css_01_0380__text1990117018441"> Capacity</span></p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p390100154410">Data node storage capacity. Its value range varies with node specifications.</p>
<p id="css_01_0380__p1190110034417">The node storage capacity must be a multiple of 20.</p>
</td>
</tr>
<tr id="css_01_0380__row1611335118439"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p17903100445">Master node</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p209031013444">The master node is responsible for cluster management, such as metadata management, index creation and deletion, and shard allocation. It plays a critical role in metadata management, node management, stability guarantee, and cluster operation control for large-scale clusters.</p>
<p id="css_01_0380__p2090316010445">After enabling the master node, specify <span class="parmname" id="css_01_0380__parmname27041115172713"><b>Node Specifications</b></span>, <strong id="css_01_0380__b170512152274">Nodes</strong>, and <span class="parmname" id="css_01_0380__parmname370511542711"><b>Node Storage Type</b></span>. The value of <span class="parmname" id="css_01_0380__parmname311610361954"><b>Nodes</b></span> must be an odd number greater than or equal to 3. Up to nine nodes are supported. The value of <strong id="css_01_0380__en-us_topic_0000001268594549_b2041159122417">Node Storage Capacity</strong> is fixed. You can select a storage type based on your needs.</p>
</td>
</tr>
<tr id="css_01_0380__row5270551134312"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p1903407449">Client node</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p159038011446">Client nodes receive and coordinate external requests, such as search and write requests. They play an important role in handling high-load queries, complex aggregations, managing a large number of shards, and improving cluster scalability.</p>
<p id="css_01_0380__p189049016442">After enabling the client node, specify <span class="parmname" id="css_01_0380__parmname73756953625619"><b>Node Specifications</b></span>, <strong id="css_01_0380__b208477332525619">Nodes</strong> and <span class="parmname" id="css_01_0380__parmname138900380825619"><b>Node Storage Type</b></span>. The value of <strong id="css_01_0380__en-us_topic_0000001268594549_b10704315156">Nodes</strong> ranges from 1 to 32. The value of <strong id="css_01_0380__en-us_topic_0000001268594549_b206915162511">Node Storage Capacity</strong> is fixed. You can select a storage type based on your needs.</p>
</td>
</tr>
<tr id="css_01_0380__row1342275114431"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p4904601440">Cold data node</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p29046074414">Cold data nodes are used to store query latency-insensitive data in large quantities. They offer an effective way to manage large datasets and cut storage costs.</p>
<p id="css_01_0380__p1890410074418">After enabling cold data node, configure <strong id="css_01_0380__b54424944025619">Node Specifications</strong>, <strong id="css_01_0380__b4940979425619">Nodes</strong>, <strong id="css_01_0380__b112495325125619">Node Storage Type</strong>, and <strong id="css_01_0380__b78047504825619">Node Storage Capacity</strong>. The value of <strong id="css_01_0380__en-us_topic_0000001268594549_b142835162917">Nodes</strong> ranges from 1 to 32. Select <strong id="css_01_0380__b45394533025619">Node Storage Type</strong> and <strong id="css_01_0380__b25179654225619">Node Storage Capacity</strong> as required.</p>
<p id="css_01_0380__p1290430134414">When cold data nodes are enabled, users can switch between cold and hot data nodes. For details, see <a href="css_01_0079.html">Switching Between Hot and Cold Storage for an Elasticsearch Cluster</a>.</p>
<div class="note" id="css_01_0380__note735683852515"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p23561538162520">If the number of cold data nodes in a cluster is not an integer multiple of that of AZs, data in the cluster may be unevenly distributed, affecting data query or write performance.</p>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row20133346495"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p161393415490">Disk Encryption</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p875114244539">Whether to encrypt the data disks of cluster nodes using Key Management Service (KMS).</p>
<p id="css_01_0380__p1498214419569">Enabling disk encryption enhances the security of the data stored on cluster nodes. By default, disk encryption is disabled.</p>
<p id="css_01_0380__p59010261562">After disk encryption is enabled, you need to configure <span class="parmname" id="css_01_0380__parmname11107722155817"><b>Key Name</b></span> by selecting an enabled KMS key from the drop-down list. If no key is available, click <strong id="css_01_0380__b2072613241120">Create key</strong> to go to the Data Encryption Workshop (DEW) console and create a new key or modify an existing key. For details, see <a href="https://docs.otc.t-systems.com/key-management-service/umn/user_guide/key_management/creating_a_key.html" target="_blank" rel="noopener noreferrer">Creating a Key</a>.</p>
<div class="note" id="css_01_0380__note113699101665"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="css_01_0380__ul916612312617"><li id="css_01_0380__li716617232065">Only cloud disks support disk encryption. Local disks do not support disk encryption.</li><li id="css_01_0380__li1843112613810">Only custom keys whose <span class="parmname" id="css_01_0380__parmname1672181424015"><b>Key Algorithm</b></span> is AES or SM4 and <span class="parmname" id="css_01_0380__parmname14763153011016"><b>Usage</b></span> is <span class="parmvalue" id="css_01_0380__parmvalue13130434181013"><b>ENCRYPT_DECRYPT</b></span> are supported. KMS keys that are unavailable in the <span class="parmname" id="css_01_0380__parmname5260133814212"><b>Key Name</b></span> drop-down list are not supported by the cluster.</li><li id="css_01_0380__li32921632164018">Disk encryption and decryption do not alter cluster management or O&amp;M processes. However, they do increase the system's processing load, potentially affecting the system's operational performance.</li><li id="css_01_0380__li134657275372">Once a cluster is already created, disk encryption cannot be enabled or disabled.</li><li id="css_01_0380__li17446153173216">After cluster creation, the KMS key cannot be changed.</li><li id="css_01_0380__li151833319315">If the KMS key used by the cluster is disabled, the cluster cannot be scaled or upgraded, its node specifications or AZs cannot be changed, and its nodes cannot be replaced (by specifying the nodes that need replacement). To solve this problem, you will have to create a new cluster and migrate your data to that new cluster.</li></ul>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row55896517433"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.3.2.2.3.1.1 "><p id="css_01_0380__p1858915512430">Enterprise Project</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.3.2.2.3.1.2 "><p id="css_01_0380__p1688445534516">When creating a CSS cluster, you can bind an enterprise project to the cluster if you have enabled the enterprise project function.</p>
<p id="css_01_0380__p7911161074511">Select an enterprise project from the <strong id="css_01_0380__b448913673112">Enterprise Project</strong> drop-down list, or click <strong id="css_01_0380__b4239141103110">View Enterprise Project</strong> to go to the <strong id="css_01_0380__b14318184533117">Enterprise Project Management Service</strong> page and check existing enterprise projects.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="fignone" id="css_01_0380__fig1994143124416"><span class="figcap"><b>Figure 1 </b>Setting cluster node specifications</span><br><span><img id="css_01_0380__image149941443124411" src="en-us_image_0000001946083800.png"></span></div>
</li><li id="css_01_0380__li4906101825320">Click <strong id="css_01_0380__b29883978525619">Next: Network</strong>.</li><li id="css_01_0380__li099417175414">On the <strong id="css_01_0380__b122944168336">Network</strong> page, configure the network settings and security mode for the Elasticsearch cluster.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__table189220313541" frame="border" border="1" rules="all"><caption><b>Table 3 </b>Network settings for the Elasticsearch cluster</caption><thead align="left"><tr id="css_01_0380__row17893193112548"><th align="left" class="cellrowborder" valign="top" width="30%" id="mcps1.3.4.2.5.2.2.3.1.1"><p id="css_01_0380__p11893113112546">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70%" id="mcps1.3.4.2.5.2.2.3.1.2"><p id="css_01_0380__p1789312315547">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__row389373116546"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.5.2.2.3.1.1 "><p id="css_01_0380__p9913181435518">VPC</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.5.2.2.3.1.2 "><p id="css_01_0380__p139131614135515">Specify a VPC to isolate the cluster's network.</p>
<p id="css_01_0380__p5756051124">Click <strong id="css_01_0380__b563514384358">View VPC</strong> to go to the VPC management console and check the created VPCs.</p>
<p id="css_01_0380__p78553541524">If no VPC is available, contact the CSS administrator to create a new VPC. For details, see section "Creating a VPC and Subnet" in <em id="css_01_0380__i45911511124017">VPC User Guide</em>.</p>
<div class="note" id="css_01_0380__note1691310148559"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p191316148559">The VPC must contain CIDRs. Otherwise, cluster creation will fail. By default, a created VPC contains CIDRs.</p>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row168934317541"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.5.2.2.3.1.1 "><p id="css_01_0380__p5913151410551">Subnet</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.5.2.2.3.1.2 "><p id="css_01_0380__p691311148557">A subnet provides dedicated network resources that are isolated from other networks, improving network security.</p>
<p id="css_01_0380__p17913131435520">Select a subnet needed by the cluster in the current VPC. </p>
</td>
</tr>
<tr id="css_01_0380__row158938310548"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.5.2.2.3.1.1 "><p id="css_01_0380__p79131014135511">Security Group</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.5.2.2.3.1.2 "><p id="css_01_0380__p1401010894">A security group serves as a virtual firewall that provides access control policies for clusters.</p>
<p id="css_01_0380__p10913101455520">Select a security group for the cluster. Click <strong id="css_01_0380__b7183425154112">View Security Group</strong> to go to the security group list, where you can view details about security groups.</p>
<div class="note" id="css_01_0380__note1914181419555"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="css_01_0380__ul791491415553"><li id="css_01_0380__li334042710121">Ensure that <span class="parmname" id="css_01_0380__parmname9447161611218"><b>Port/Range</b></span> is set to <span class="parmvalue" id="css_01_0380__parmvalue1447131613123"><b>All</b></span> or a port range that includes port <strong id="css_01_0380__b94476163127">9200</strong> for the selected security group.</li><li id="css_01_0380__li791419144553">If your cluster version is 7.6.2 or later, ensure that all the ports used for communication between nodes in the same security group are allowed. If such settings cannot be configured, ensure at least the access to port 9300 is allowed.</li><li id="css_01_0380__li8914214105513">After the port 9300 is enabled, if the cluster disk usage is high, delete expired data to release the disk storage space.</li></ul>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row1389363145410"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.5.2.2.3.1.1 "><p id="css_01_0380__p09147141552">Security Mode</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.5.2.2.3.1.2 "><p id="css_01_0380__p1669112541219">Whether to enable the security mode for the cluster.</p>
<ul id="css_01_0380__ul4914201415558"><li id="css_01_0380__li57101355151314">The security mode is enabled by default. In security mode, a cluster's communication is encrypted and access to the cluster requires user authentication. This is why the <strong id="css_01_0380__b167243763533058">Administrator Username</strong> and <strong id="css_01_0380__b38799172033058">Administrator Password</strong> of the cluster are needed.<ul id="css_01_0380__ul192565111162"><li id="css_01_0380__li139140147553">The default administrator username is <strong id="css_01_0380__b2914151475511">admin</strong>.</li><li id="css_01_0380__li1091411495519">Set and confirm the <strong id="css_01_0380__en-us_topic_0000001268594549_b16466182192215">Administrator Password</strong>. This password will be required when you access this cluster.</li></ul>
</li><li id="css_01_0380__li12710165591311">If <strong id="css_01_0380__b09327351481">Security Mode</strong> is disabled, a cluster in non-security mode will be created. With such a cluster, access to the cluster will not require user authentication, and data will be transmitted in plaintext using HTTP. Make sure the customer is in a secure environment, and do not expose the cluster access interface to the public network.</li></ul>
</td>
</tr>
<tr id="css_01_0380__row289333115542"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.5.2.2.3.1.1 "><p id="css_01_0380__p69141314195510">HTTPS Access</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.5.2.2.3.1.2 "><p id="css_01_0380__p119154142558">HTTPS access can be enabled only when security mode is enabled for the cluster. With HTTPS access enabled, communication will be encrypted when you access the cluster.</p>
<div class="note" id="css_01_0380__note16915181418559"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p3915111405514">A cluster in security mode uses HTTPS for communication, but its read performance will not be as good as a non-security mode cluster that uses HTTP. The performance loss is estimated at around 20% under high concurrency. If you want fast read performance as well as the isolation and permission control (such as indexes, documents, and fields) enabled by the security mode, you can disable <strong id="css_01_0380__en-us_topic_0000001268594549_b139764433813">HTTPS Access</strong>. After <strong id="css_01_0380__en-us_topic_0000001268594549_b153417197533">HTTPS Access</strong> is disabled, HTTP protocol is used for cluster communication. In this case, data security cannot be ensured and public IP address cannot be used.</p>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row58938312546"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.5.2.2.3.1.1 "><p id="css_01_0380__p691511420555">Public IP Address</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.5.2.2.3.1.2 "><p id="css_01_0380__p12915914145514">This parameter is available only when <strong id="css_01_0380__b214111212585">Security Mode</strong> and <strong id="css_01_0380__b86074812585">HTTPS Access</strong> are enabled. When <strong id="css_01_0380__b8856174845913">Public IP Address</strong> is enabled, a public IP address is automatically assigned, which will enable access to the security cluster from the Internet. For details, see <a href="css_01_0076.html">Configuring Public Network Access for an Elasticsearch Cluster</a>.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="fignone" id="css_01_0380__fig15306034172215"><span class="figcap"><b>Figure 2 </b>Configuring the cluster network</span><br><span><img id="css_01_0380__image1306183415223" src="en-us_image_0000001973202625.png"></span></div>
</li><li id="css_01_0380__li537144665017">Click <strong id="css_01_0380__b1386127121219">Next: Advanced Settings</strong>.</li><li id="css_01_0380__en-us_topic_0000001268594549_li692975642819"><a name="css_01_0380__en-us_topic_0000001268594549_li692975642819"></a><a name="en-us_topic_0000001268594549_li692975642819"></a>On the <strong id="css_01_0380__b5127225161211">Advanced Settings</strong> page, configure a snapshot policy and other advanced settings for the Elasticsearch cluster.<ol type="a" id="css_01_0380__en-us_topic_0000001268594549_ol119772762919"><li id="css_01_0380__en-us_topic_0000001268594549_li2976141415217">Set a cluster snapshot policy.<p id="css_01_0380__en-us_topic_0000001268594549_p7466151817232"><a name="css_01_0380__en-us_topic_0000001268594549_li2976141415217"></a><a name="en-us_topic_0000001268594549_li2976141415217"></a>Cluster snapshots are enabled by default. You can disable them by toggling off <span class="parmname" id="css_01_0380__parmname42741840963"><b>Cluster Snapshot</b></span>. To store snapshots automatically created in OBS, an agency will need to be created in order to access OBS. Fees will be incurred for using standard OBS storage.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__en-us_topic_0000001268594549_table114660304344" frame="border" border="1" rules="all"><caption><b>Table 4 </b>Basic configuration for a cluster snapshot policy</caption><thead align="left"><tr id="css_01_0380__en-us_topic_0000001268594549_row74671830133417"><th align="left" class="cellrowborder" valign="top" width="16.900000000000002%" id="mcps1.3.4.2.7.2.1.2.2.3.1.1"><p id="css_01_0380__en-us_topic_0000001268594549_p2467330133420">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="83.1%" id="mcps1.3.4.2.7.2.1.2.2.3.1.2"><p id="css_01_0380__en-us_topic_0000001268594549_p5467103013416">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__en-us_topic_0000001268594549_row1646743016348"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.2.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p5467163016341">OBS Bucket</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.2.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p2046713013344">Select an OBS bucket for storing snapshots from the drop-down list box. You can also click <strong id="css_01_0380__en-us_topic_0000001268594549_b4554717182318">Create Bucket</strong> on the right to create an OBS bucket. For details, see <a href="https://docs.otc.t-systems.com/en-us/usermanual/obs/en-us_topic_0045853662.html" target="_blank" rel="noopener noreferrer">Creating a Bucket</a>.</p>
<p id="css_01_0380__en-us_topic_0000001268594549_p169581927104917">The created or existing OBS bucket must meet the following requirements:</p>
<ul id="css_01_0380__en-us_topic_0000001268594549_ul196015276499"><li id="css_01_0380__en-us_topic_0000001268594549_li1496042724916"><span class="parmname" id="css_01_0380__en-us_topic_0000001268594549_parmname1464213248233"><b>Storage Class</b></span> is <span class="parmvalue" id="css_01_0380__en-us_topic_0000001268594549_parmvalue66483241235"><b>Standard</b></span> or <strong id="css_01_0380__en-us_topic_0000001268594549_b8649182411237">Warm</strong>.</li><li id="css_01_0380__en-us_topic_0000001268594549_li8114122084513"><strong id="css_01_0380__en-us_topic_0000001268594549_b239136162310">Region</strong> must be the same as that of the created cluster.</li></ul>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268594549_row10467830183414"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.2.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p146718309347">Backup Path</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.2.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p7467143053411">Storage path of the snapshot in the OBS bucket.</p>
<div class="p" id="css_01_0380__en-us_topic_0000001268594549_p19607361515">The backup path cannot:<ul id="css_01_0380__ul18697192214414"><li id="css_01_0380__li66971222446">Contain the following characters: \:*?"&lt;&gt;|'{}</li><li id="css_01_0380__li1069717227415">Start with a slash (/).</li><li id="css_01_0380__li669720221447">Start or end with a period (.).</li><li id="css_01_0380__li12697132218418">Contain more than two consecutive slashes (/) or periods (.).</li><li id="css_01_0380__li469713227410">Exceed 512 characters.</li></ul>
</div>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268594549_row94671530153410"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.2.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p13467330103415">IAM Agency</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.2.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p194671630143411">IAM agency authorized by the current account for <span id="css_01_0380__en-us_topic_0000001268594549_text18259161053619">CSS</span> to access or maintain data stored in OBS. If no agency is available, contact the CSS administrator to create one. For details, see <a href="https://docs.otc.t-systems.com/en-us/usermanual/iam/en-us_topic_0046613147.html" target="_blank" rel="noopener noreferrer">Creating an Agency</a>.</p>
<div class="p" id="css_01_0380__en-us_topic_0000001268594549_p15960122764916">The selected IAM agency must meet the following requirements:<ul id="css_01_0380__en-us_topic_0000001268594549_ul29611827194917"><li id="css_01_0380__en-us_topic_0000001268594549_li1896011275492"><span class="parmname" id="css_01_0380__en-us_topic_0000001268594549_parmname13212154312618"><b>Agency Type</b></span> must be <span class="parmvalue" id="css_01_0380__en-us_topic_0000001268594549_parmvalue3221143132610"><b>Cloud service</b></span>.</li><li id="css_01_0380__en-us_topic_0000001268594549_li696032784920">Set <strong id="css_01_0380__b467734417316">Cloud Service</strong> to <strong id="css_01_0380__b183171941151817">CSS</strong>.</li><li id="css_01_0380__li8420124922810">Mandatory policies: <span class="parmname" id="css_01_0380__parmname174206491288"><b>Tenant Administrator</b></span> or <span class="parmname" id="css_01_0380__parmname5420124942817"><b>OBS Administrator</b></span>.</li></ul>
</div>
<div class="note" id="css_01_0380__note471411126378"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p671411121377">The agency name can contain only letters (case-sensitive), digits, underscores (_), and hyphens (-). Otherwise, the backup will fail.</p>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__en-us_topic_0000001268594549_table179407117910" frame="border" border="1" rules="all"><caption><b>Table 5 </b>Setting Automatic Snapshot Creation</caption><thead align="left"><tr id="css_01_0380__en-us_topic_0000001268594549_row1694013111396"><th align="left" class="cellrowborder" valign="top" width="16.900000000000002%" id="mcps1.3.4.2.7.2.1.3.2.3.1.1"><p id="css_01_0380__en-us_topic_0000001268594549_p994001118917">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="83.1%" id="mcps1.3.4.2.7.2.1.3.2.3.1.2"><p id="css_01_0380__en-us_topic_0000001268594549_p159404111593">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__en-us_topic_0000001268594549_row494351116910"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p189432011894">Snapshot Name Prefix</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p1194311117917">The snapshot name prefix contains 1 to 32 characters and must start with a lowercase letter. Only lowercase letters, digits, hyphens (-), and underscores (_) are allowed. A snapshot name consists of a snapshot name prefix and a timestamp, for example, <strong id="css_01_0380__en-us_topic_0000001268594549_b1883574815334">snapshot-1566921603720</strong>.</p>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268594549_row69433112092"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p6943181111912">Time Zone</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p129431110916">Time zone for the backup time. Specify <span class="parmname" id="css_01_0380__en-us_topic_0000001268594549_parmname4742174315329"><b>Backup Started Time</b></span> based on the time zone.</p>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268594549_row79432111592"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p9943141118920">Backup Start Time</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p18943151116919">The time when the backup starts automatically every day. You can specify this parameter only in full hours, for example, 00:00 or 01:00. The value ranges from 00:00 to 23:00. Select a time from the drop-down list.</p>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268594549_row1594310119917"><td class="cellrowborder" valign="top" width="16.900000000000002%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268594549_p20943161110914">Retention Period (days)</p>
</td>
<td class="cellrowborder" valign="top" width="83.1%" headers="mcps1.3.4.2.7.2.1.3.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268594549_p1094317111692">The number of days that snapshots are retained in the OBS bucket. The value ranges from 1 to 90, and the default value is 7. You can specify this parameter as required. The system automatically deletes expired snapshots every half hour.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="css_01_0380__en-us_topic_0000001268594549_li43860154919">Configure advanced settings for the cluster. Select <strong id="css_01_0380__b104735451019">Default</strong> or <strong id="css_01_0380__b1030674216012">Custom</strong>.<ul id="css_01_0380__en-us_topic_0000001268594549_ul48111546185419"><li id="css_01_0380__li1628520435265"><span class="parmname" id="css_01_0380__parmname1117275812356"><b>Default</b></span>: <span class="parmname" id="css_01_0380__parmname81720583357"><b>VPC Endpoint Service</b></span>, <span class="parmname" id="css_01_0380__parmname14172125833517"><b>Kibana Public Access</b></span> are disabled by default. You can manually enable these settings after the cluster is created.</li><li id="css_01_0380__li102851843162618"><span class="parmname" id="css_01_0380__parmname1797913293364"><b>Custom</b></span>: You can enable <span class="parmname" id="css_01_0380__parmname1097912918360"><b>VPC Endpoint Service</b></span>, <span class="parmname" id="css_01_0380__parmname997913298362"><b>Kibana Public Access</b></span> as required.</li></ul>
<p id="css_01_0380__p7991357162619"><strong id="css_01_0380__b9692163919412">VPC Endpoint Service</strong></p>
<div class="p" id="css_01_0380__p139005515277"><span id="css_01_0380__ph2011311448442">VPC Endpoint Service enables you to access resources across Virtual Private Clouds (VPCs) using a dedicated gateway, without exposing the network information of servers. When VPC Endpoint Service is enabled, a VPC endpoint will be created by default. You can select Private Domain Name Creation if necessary. Users will be able to access this cluster across VPCs through node IP addresses or a private domain name.</span>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__table1942185513339" frame="border" border="1" rules="all"><caption><b>Table 6 </b>Configuring VPC Endpoint Service</caption><thead align="left"><tr id="css_01_0380__row1342116555339"><th align="left" class="cellrowborder" valign="top" width="30%" id="mcps1.3.4.2.7.2.2.5.2.2.3.1.1"><p id="css_01_0380__p12421145523314">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70%" id="mcps1.3.4.2.7.2.2.5.2.2.3.1.2"><p id="css_01_0380__p842145513334">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__row24211655193318"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.1 "><p id="css_01_0380__p184211955173314">Private Domain Name Creation</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.2 "><p id="css_01_0380__p1642215515336">If <strong id="css_01_0380__b1823101617213">Private Domain Name Creation</strong> is selected, the system generates a node IP address and also automatically creates a private domain name, which enables users to access this cluster from within the same VPC. If it is not selected, only a node IP address is generated.</p>
</td>
</tr>
<tr id="css_01_0380__row16574110365"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.1 "><p id="css_01_0380__p1651741183614">Create professional endpoints</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.2 "><p id="css_01_0380__p116554118362">Choose whether to create professional endpoints.</p>
<ul id="css_01_0380__ul315093515496"><li id="css_01_0380__li41502351498">If unselected, a basic endpoint will be created.</li><li id="css_01_0380__li1215023574918">If selected, a professional endpoint will be created.</li></ul>
<div class="note" id="css_01_0380__note10384204094913"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p038474013498">If the region where the cluster is located does not support professional endpoints, this option is unavailable. By default, a basic endpoint is created.</p>
</div></div>
</td>
</tr>
<tr id="css_01_0380__row103921643103616"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.1 "><p id="css_01_0380__p0392114373614">IPv4/IPv6 dual stack network</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.2 "><p id="css_01_0380__p108251221135211">Whether to enable IPv4/IPv6 dual-stack networking. This option is available only when IPv6 is enabled for the VPC subnet of the cluster and you have selected <strong id="css_01_0380__b133291529371">Create professional endpoints</strong> earlier.</p>
</td>
</tr>
<tr id="css_01_0380__row1642214556331"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.1 "><p id="css_01_0380__p2422105523317">VPC Endpoint Service Whitelist</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.5.2.2.3.1.2 "><p id="css_01_0380__p207751233114313">In <strong id="css_01_0380__b27711119142518">VPC Endpoint Service Whitelist</strong>, you can add accounts that are allowed to access the cluster using a node IP address or private domain name.</p>
<ul id="css_01_0380__ul197511323113916"><li id="css_01_0380__en-us_topic_0000001223434404_li3393155917228">Click <strong id="css_01_0380__b137807426267">Add</strong> to add accounts in <strong id="css_01_0380__b2911711192713">Authorized Account ID</strong>. If the authorized account ID is set to <strong id="css_01_0380__b100741489125619">*</strong>, all users are allowed to access the cluster.</li><li id="css_01_0380__en-us_topic_0000001223434404_li640115594223">Click <strong id="css_01_0380__b199507410274">Delete</strong> in the <strong id="css_01_0380__b795134112720">Operation</strong> column to delete accounts.</li></ul>
<div class="note" id="css_01_0380__en-us_topic_0000001223434404_note47795914269"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p951214911592">To obtain your authorized account ID, point to your username in the upper right corner, and choose <strong id="css_01_0380__b181415485296">My Credentials</strong>. Copy the value of <strong id="css_01_0380__b1731082963010">Account ID</strong>.</p>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<p id="css_01_0380__p1960114592719"><strong id="css_01_0380__b171175619307">Kibana Public Access</strong></p>
<div class="p" id="css_01_0380__p19429810192819">This parameter is available only when security mode is enabled for the cluster. By enabling this option, you can obtain a public IP address for accessing Kibana.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0380__en-us_topic_0000001268394285_table17115184318116" frame="border" border="1" rules="all"><caption><b>Table 7 </b>Configuring public network access for Kibana</caption><thead align="left"><tr id="css_01_0380__en-us_topic_0000001268394285_row13115543918"><th align="left" class="cellrowborder" valign="top" width="30%" id="mcps1.3.4.2.7.2.2.7.1.2.3.1.1"><p id="css_01_0380__en-us_topic_0000001268394285_p6115643517">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70%" id="mcps1.3.4.2.7.2.2.7.1.2.3.1.2"><p id="css_01_0380__en-us_topic_0000001268394285_p1611564318117">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0380__en-us_topic_0000001268394285_row15116743917"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.7.1.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268394285_p10116443611">Bandwidth</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.7.1.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268394285_p1911615431411">Bandwidth for accessing Kibana through a public IP address</p>
<p id="css_01_0380__en-us_topic_0000001268394285_p458617258523">Value range: 1 to 100.</p>
<p id="css_01_0380__en-us_topic_0000001268394285_p209154432526">Unit: Mbit/s</p>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268394285_row1811610437113"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.7.1.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268394285_p911634315111">Access Control</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.7.1.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268394285_p4116114313112">If you disable this function, all IP addresses can access Kibana through the public IP address. If you enable this function, only IP addresses or IP address ranges in the whitelist can access Kibana through the public IP address.</p>
</td>
</tr>
<tr id="css_01_0380__en-us_topic_0000001268394285_row191163438120"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.4.2.7.2.2.7.1.2.3.1.1 "><p id="css_01_0380__en-us_topic_0000001268394285_p911694312110">Whitelist</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.4.2.7.2.2.7.1.2.3.1.2 "><p id="css_01_0380__en-us_topic_0000001268394285_p4116164313119">IP addresses or IP address ranges allowed to access the cluster. Use commas (,) to separate multiple IP addresses or ranges. This parameter can be configured only when <strong id="css_01_0380__b200581461025619">Access Control</strong> is enabled.</p>
<p id="css_01_0380__en-us_topic_0000001268394285_p4726101014818">You are advised to enable the whitelist.</p>
<div class="note" id="css_01_0380__note367029122416"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0380__p171085328241">The whitelist that controls Kibana public network access depends on whitelist support by the ELB service. After you update the whitelist, the new settings take effect immediately for new connections. For existing persistent connections using the IP addresses that have been removed from the whitelist, the new settings take effect in approximately 1 minute after these connections are disconnected.</p>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</li></ol>
</li><li id="css_01_0380__en-us_topic_0000001268594549_li95131110131015">Click <strong id="css_01_0380__en-us_topic_0000001268594549_b1658143723016">Next: Confirm Configuration</strong>. Check the configuration and click <strong id="css_01_0380__en-us_topic_0000001268594549_b825916162407">Next</strong> to create a cluster.</li><li id="css_01_0380__en-us_topic_0000001268594549_li85241119112419">Click <span class="uicontrol" id="css_01_0380__en-us_topic_0000001268594549_uicontrol28721886851948"><b>Back to Cluster List</b></span> to switch to the <strong id="css_01_0380__en-us_topic_0000001268594549_b80377998351948">Clusters</strong> page. The cluster you created is now in the cluster list and its status is <strong id="css_01_0380__b11261418165717">Creating</strong>. If the cluster is successfully created, its status changes to <strong id="css_01_0380__b1426115184576">Available</strong>.<p id="css_01_0380__en-us_topic_0000001268594549_p6524519192411">If cluster creation fails, try creating the cluster again by rectifying the errors returned.</p>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_01_0207.html">Using Elasticsearch for Data Search</a></div>
</div>
</div>
View Git Blame Copy Permalink