yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
de9f8a7cc5b4e61816cbd4e52cc108c5f9fc3b4c
doc-exports/docs/css/umn/css_01_0478.html
zhengxiu 2125539080 css umn 25.1.0 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: zhengxiu <zhengxiu@huawei.com>
Co-committed-by: zhengxiu <zhengxiu@huawei.com>
2025-07-04 09:10:17 +00:00

1055 lines
120 KiB
HTML
Raw Blame History

<a name="css_01_0478"></a><a name="css_01_0478"></a>
<h1 class="topictitle1">Configuring a Dedicated Load Balancer for an OpenSearch Cluster</h1>
<div id="body0000001955726518"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p16921115418492">CSS integrates shared load balancers, through which you can enable access to a cluster from the public network as well as through the VPC Endpoint service. Dedicated load balancers provide higher performance and more diverse features than shared load balancers. This topic describes how to configure a dedicated load balancer for a cluster.</p>
<div class="section" id="css_01_0478__css_01_0413_section536538175612"><h4 class="sectiontitle">Scenarios</h4><div class="p" id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p156616495323">Advantages of connecting to a cluster through a dedicated load balancer:<ul id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_ul4633558183713"><li id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_li5633135813710">A non-security cluster can also use the capabilities of the Elastic Load Balance (ELB) service.</li><li id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_li17634145883713">You can use custom certificates for HTTPS two-way authentication.</li><li id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_li063495816379">Seven-layer traffic monitoring and alarm configuration are supported, allowing you to keep close track of the cluster status.</li></ul>
</div>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p10265850101218">There are eight different ELB service forms for clusters in different security modes to connect to a dedicated load balancer. <a href="#css_01_0478__css_01_0413_en-us_topic_0000001463358273_table4446327845">Table 1</a> describes the ELB capabilities for different cluster configurations. <a href="#css_01_0478__css_01_0413_en-us_topic_0000001463358273_table1537163912019">Table 2</a> describes the configurations for different ELB service forms.</p>
<div class="tablenoborder"><a name="css_01_0478__css_01_0413_en-us_topic_0000001463358273_table4446327845"></a><a name="css_01_0413_en-us_topic_0000001463358273_table4446327845"></a><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_table4446327845" frame="border" border="1" rules="all"><caption><b>Table 1 </b>ELB capabilities for different clusters</caption><thead align="left"><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row4446127145"><th align="left" class="cellrowborder" valign="top" width="18.94%" id="mcps1.3.2.4.2.6.1.1"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p54462271544">Security Mode</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="27.060000000000002%" id="mcps1.3.2.4.2.6.1.2"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p114467271947">Service Form Provided by ELB for External Systems</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.4.2.6.1.3"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p3582618154718">ELB Load Balancing</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.4.2.6.1.4"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1582618134712">ELB Traffic Monitoring</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.4.2.6.1.5"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p11582218134710">ELB Two-way Authentication</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row2447527049"><td class="cellrowborder" rowspan="2" valign="top" width="18.94%" headers="mcps1.3.2.4.2.6.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1044715275413">Non-security</p>
</td>
<td class="cellrowborder" valign="top" width="27.060000000000002%" headers="mcps1.3.2.4.2.6.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1544712276420">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p5447162710417">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1044719276412">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p2044717271411">No</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row9447132710410"><td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p544711271341">One-way authentication</p>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1230643764014">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p20447327145">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p94474272045">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p124471227649">Yes</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row11447172714420"><td class="cellrowborder" rowspan="2" valign="top" width="18.94%" headers="mcps1.3.2.4.2.6.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1044712271441">Security mode + HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="27.060000000000002%" headers="mcps1.3.2.4.2.6.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p17447727547">Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p64471927643">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p44474277417">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p17448827543">No</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row1944819273415"><td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p9448142715417">One-way authentication + Password authentication</p>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p194314694019">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p14481627746">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p204481827847">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.4.2.6.1.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p164481127447">Yes</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row24487273416"><td class="cellrowborder" valign="top" width="18.94%" headers="mcps1.3.2.4.2.6.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p166041448144519">Security mode + HTTPS</p>
</td>
<td class="cellrowborder" valign="top" width="27.060000000000002%" headers="mcps1.3.2.4.2.6.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1144818274413">One-way authentication + Password authentication</p>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p7932175719401">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p144812279410">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p13448192715420">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.4.2.6.1.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p84481327041">Yes</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="css_01_0478__css_01_0413_en-us_topic_0000001463358273_table1537163912019"></a><a name="css_01_0413_en-us_topic_0000001463358273_table1537163912019"></a><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_table1537163912019" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Configurations for different ELB service forms depending on the cluster</caption><thead align="left"><tr id="css_01_0478__css_01_0413_row0890131614414"><th align="left" class="cellrowborder" rowspan="2" valign="top" width="8.719128087191281%" id="mcps1.3.2.5.2.9.1.1"><p id="css_01_0478__css_01_0413_p207431936124110"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b1092541572918">Security Mode</strong></p>
</th>
<th align="left" class="cellrowborder" rowspan="2" valign="top" width="19.22807719228077%" id="mcps1.3.2.5.2.9.1.2"><p id="css_01_0478__css_01_0413_p474373616417"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b135842197484">Service Form Provided by ELB for External Systems</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.028897110288971%" id="mcps1.3.2.5.2.9.1.3"><p id="css_01_0478__css_01_0413_p574323674115"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b693411512291">ELB Listener</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.028897110288971%" id="mcps1.3.2.5.2.9.1.4"><p id="css_01_0478__css_01_0413_p5301143041115"><strong id="css_01_0478__css_01_0413_b433591190">ELB Listener</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.998800119988001%" id="mcps1.3.2.5.2.9.1.5"><p id="css_01_0478__css_01_0413_p153011130161110"><strong id="css_01_0478__css_01_0413_b873939018">ELB Listener</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.998800119988001%" id="mcps1.3.2.5.2.9.1.6"><p id="css_01_0478__css_01_0413_p157443364411"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b893501562911">Backend Server Group</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.998800119988001%" id="mcps1.3.2.5.2.9.1.7"><p id="css_01_0478__css_01_0413_p1676633371120"><strong id="css_01_0478__css_01_0413_b370641033">Backend Server Group</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="13.998600139986003%" id="mcps1.3.2.5.2.9.1.8"><p id="css_01_0478__css_01_0413_p157664336117"><strong id="css_01_0478__css_01_0413_b1109850007">Backend Server Group</strong></p>
</th>
</tr>
<tr id="css_01_0478__css_01_0413_row3923202118418"><th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.5.2.9.2.1"><p id="css_01_0478__css_01_0413_p1344134016418"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b13935131517299">Frontend Protocol</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.5.2.9.2.2"><p id="css_01_0478__css_01_0413_p934494014119"><strong id="css_01_0478__css_01_0413_b7652736172917">Frontend Port</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.5.2.9.2.3"><p id="css_01_0478__css_01_0413_p7344104014115"><strong id="css_01_0478__css_01_0413_b645134752817">SSL Authentication</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.5.2.9.2.4"><p id="css_01_0478__css_01_0413_p1558574312414"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b20937115112917">Backend Protocol</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.5.2.9.2.5"><p id="css_01_0478__css_01_0413_p15861343114113"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b993881572917">Health Check Port</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.5.2.9.2.6"><p id="css_01_0478__css_01_0413_p135867436417"><strong id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_b793819151290">Health Check Path</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row598183911015"><td class="cellrowborder" rowspan="3" valign="top" width="8.719128087191281%" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p99803912018">Non-security</p>
</td>
<td class="cellrowborder" valign="top" width="19.22807719228077%" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p11985396010">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p898839007">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p49813391206">9200</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p99813391800">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p4981339104">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%" headers="mcps1.3.2.5.2.9.1.7 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p10981139206">9200</p>
</td>
<td class="cellrowborder" rowspan="3" valign="top" width="13.998600139986003%" headers="mcps1.3.2.5.2.9.1.8 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p10981397015">/</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row18350141410368"><td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p5239619173617">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1423951923613">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p323913196364">9200</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p17239161973619">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1239191923614">HTTP</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p172391919143613">9200</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row0981739509"><td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p13983397012">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p109812391505">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p10988392017">9200</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p13988391301">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p17984391502">HTTP</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p9981239300">9200</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row209818396010"><td class="cellrowborder" rowspan="3" valign="top" width="8.719128087191281%" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p698193919017">Security mode + HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="19.22807719228077%" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1798163912012">Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p59813391003">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p7981139706">9200</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1399439404">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p189963915011">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%" headers="mcps1.3.2.5.2.9.1.7 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p3991639302">9200</p>
</td>
<td class="cellrowborder" rowspan="5" valign="top" width="13.998600139986003%" headers="mcps1.3.2.5.2.9.1.8 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p11991339305">/_opendistro/_security/health</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row20476103783617"><td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p742154233610">One-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p6421542143614">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p24211542133615">9200</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p342114263613">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p8421184263616">HTTP</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p184221742153617">9200</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row69910397017"><td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p69917391408">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p139917390018">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p189913393018">9200</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p199912391900">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p18991539306">HTTP</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p7991039505">9200</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row2099203914015"><td class="cellrowborder" rowspan="2" valign="top" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p699639209">Security mode + HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p79916391501">One-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p49916392009">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p7991139501">9200</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p159912391107">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p69923912010">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.7 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p19919391908">9200</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_row1639069153714"><td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.1 mcps1.3.2.5.2.9.2.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p72910157371">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.2 mcps1.3.2.5.2.9.2.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p16291915153720">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.3 mcps1.3.2.5.2.9.2.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p2029121518379">9200</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.4 mcps1.3.2.5.2.9.2.4 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p42921563718">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.5 mcps1.3.2.5.2.9.2.5 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p1529101519373">HTTPS</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.5.2.9.1.6 mcps1.3.2.5.2.9.2.6 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463358273_p12918156373">9200</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="css_01_0478__css_01_0413_p2045511119567">To connect a CSS cluster to a dedicated load balancer, perform the following steps:</p>
<ol id="css_01_0478__css_01_0413_ol544515481567"><li id="css_01_0478__css_01_0413_li20445124817564">If the ELB listener uses HTTPS, prepare a signature certificate and upload it to the ELB console: <a href="#css_01_0478__css_01_0413_section7363183565716">Preparing and Uploading a Self-Signed Certificate</a></li><li id="css_01_0478__css_01_0413_li1812135719561">Create a dedicated load balancer on the ELB console: <a href="#css_01_0478__css_01_0413_en-us_topic_0000001463438465_section7323118163219">Creating a Dedicated Load Balancer</a></li><li id="css_01_0478__css_01_0413_li157805045718">Enable load balancing for the cluster: <a href="#css_01_0478__css_01_0413_section1566363619613">Connecting a Cluster to a Load Balancer</a></li><li id="css_01_0478__css_01_0413_li16704420579">Connect to the cluster through an instance of a dedicated load balancer: <a href="#css_01_0478__css_01_0413_en-us_topic_0000001463438465_section6525113933311">Accessing a Cluster Using cURL Commands</a></li></ol>
<p id="css_01_0478__css_01_0413_p9710821141519">See also: <a href="#css_01_0478__css_01_0413_en-us_topic_0000001412998750_section1146765293619">Sample Code for ESSecuredClientWithCerDemo</a>, <a href="#css_01_0478__css_01_0413_en-us_topic_0000001412998750_section177951919193614">Sample Code for SecuredHttpClientConfigCallback</a>, and <a href="#css_01_0478__css_01_0413_en-us_topic_0000001412998750_section5394175153518">pom.xml Sample Code</a>.</p>
</div>
<div class="section" id="css_01_0478__css_01_0413_section22231398610"><h4 class="sectiontitle">Constraints</h4><ul id="css_01_0478__css_01_0413_ul9214174014916"><li id="css_01_0478__css_01_0413_li152142401996">You are not advised to connect a load balancer that has been associated with a public IP address to a non-security mode cluster. Access from the public network using such a load balancer may cause security risks because a non-security mode cluster can be accessed using HTTP without security authentication.</li><li id="css_01_0478__css_01_0413_li1821418408915">HTTPS-enabled security-mode clusters do not support HTTP-based frontend authentication. If the frontend uses HTTP, disable security mode for the clusters first. For details, see <a href="css_01_0158.html">Changing the Security Mode of an Elasticsearch Cluster</a>. Before changing the security mode, disable load balancing first. After the security mode is changed, enable load balancing again.</li></ul>
</div>
<div class="section" id="css_01_0478__css_01_0413_section7363183565716"><a name="css_01_0478__css_01_0413_section7363183565716"></a><a name="css_01_0413_section7363183565716"></a><h4 class="sectiontitle">Preparing and Uploading a Self-Signed Certificate</h4><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p157451236141219">If the ELB listener uses HTTPS, prepare a self-signed certificate by referring to the steps in this section and upload it to the ELB console as a server certificate or CA certificate.</p>
<div class="note" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_note053135603617"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p195321456203615">You are advised to use a certificate purchased in Cloud Certificate Manager (CCM) or issued by a trusted authority.</p>
</div></div>
<ol id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_ol1862432210578"><li id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_li116241622155719">Log in to a Linux client where the OpenSSL tool and JDK are installed.</li><li id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_li178371116195818">Run the following commands to create a self-signed certificate:<div class="codecoloring" codetype="Bash" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen7701624391"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span>
<span class="normal">34</span>
<span class="normal">35</span>
<span class="normal">36</span>
<span class="normal">37</span>
<span class="normal">38</span>
<span class="normal">39</span>
<span class="normal">40</span>
<span class="normal">41</span>
<span class="normal">42</span>
<span class="normal">43</span>
<span class="normal">44</span>
<span class="normal">45</span>
<span class="normal">46</span>
<span class="normal">47</span>
<span class="normal">48</span>
<span class="normal">49</span>
<span class="normal">50</span>
<span class="normal">51</span>
<span class="normal">52</span>
<span class="normal">53</span>
<span class="normal">54</span>
<span class="normal">55</span>
<span class="normal">56</span>
<span class="normal">57</span>
<span class="normal">58</span>
<span class="normal">59</span>
<span class="normal">60</span>
<span class="normal">61</span>
<span class="normal">62</span>
<span class="normal">63</span>
<span class="normal">64</span>
<span class="normal">65</span>
<span class="normal">66</span>
<span class="normal">67</span>
<span class="normal">68</span>
<span class="normal">69</span>
<span class="normal">70</span>
<span class="normal">71</span>
<span class="normal">72</span>
<span class="normal">73</span></pre></div></td><td class="code"><div><pre><span></span>mkdir<span class="w"> </span>ca
mkdir<span class="w"> </span>server
mkdir<span class="w"> </span>client
<span class="c1">#Use OpenSSL to create a CA certificate.</span>
<span class="nb">cd</span><span class="w"> </span>ca
<span class="c1">#Create the OpenSSL configuration file ca_cert.conf for the CA certificate.</span>
cat<span class="w"> </span>&gt;ca_cert.conf<span class="w"> </span><span class="s">&lt;&lt;EOF</span>
<span class="s">[ req ]</span>
<span class="s">distinguished_name = req_distinguished_name</span>
<span class="s">prompt = no</span>
<span class="s">[ req_distinguished_name ]</span>
<span class="s"> O = ELB</span>
<span class="s">EOF</span>
<span class="c1">#Create private key file ca.key for the CA certificate.</span>
openssl<span class="w"> </span>genrsa<span class="w"> </span>-out<span class="w"> </span>ca.key<span class="w"> </span><span class="m">2048</span>
<span class="c1">#Create the CSR file ca.csr for the CA certificate.</span>
openssl<span class="w"> </span>req<span class="w"> </span>-out<span class="w"> </span>ca.csr<span class="w"> </span>-key<span class="w"> </span>ca.key<span class="w"> </span>-new<span class="w"> </span>-config<span class="w"> </span>./ca_cert.conf
<span class="c1">#Create a self-signed CA certificate ca.crt.</span>
openssl<span class="w"> </span>x509<span class="w"> </span>-req<span class="w"> </span>-in<span class="w"> </span>ca.csr<span class="w"> </span>-out<span class="w"> </span>ca.crt<span class="w"> </span>-sha1<span class="w"> </span>-days<span class="w"> </span><span class="m">5000</span><span class="w"> </span>-signkey<span class="w"> </span>ca.key
<span class="c1">#Convert the CA certificate format to p12.</span>
openssl<span class="w"> </span>pkcs12<span class="w"> </span>-export<span class="w"> </span>-clcerts<span class="w"> </span>-in<span class="w"> </span>ca.crt<span class="w"> </span>-inkey<span class="w"> </span>ca.key<span class="w"> </span>-out<span class="w"> </span>ca.p12
<span class="c1">#Convert the CA certificate format to JKS.</span>
keytool<span class="w"> </span>-importkeystore<span class="w"> </span>-srckeystore<span class="w"> </span>ca.p12<span class="w"> </span>-srcstoretype<span class="w"> </span>PKCS12<span class="w"> </span>-deststoretype<span class="w"> </span>JKS<span class="w"> </span>-destkeystore<span class="w"> </span>ca.jks
<span class="c1">#Use the CA certificate to issue a server certificate.</span>
<span class="nb">cd</span><span class="w"> </span>../server
<span class="c1">#Create the OpenSSL configuration file server_cert.conf for the server certificate. Change the CN field to the domain name or IP address of the server as required.</span>
cat<span class="w"> </span>&gt;server_cert.conf<span class="w"> </span><span class="s">&lt;&lt;EOF</span>
<span class="s">[ req ]</span>
<span class="s">distinguished_name = req_distinguished_name</span>
<span class="s">prompt = no</span>
<span class="s">[ req_distinguished_name ]</span>
<span class="s"> O = ELB</span>
<span class="s"> CN = 127.0.0.1</span>
<span class="s">EOF</span>
<span class="c1">#Create the private key file server.key for the server certificate.</span>
openssl<span class="w"> </span>genrsa<span class="w"> </span>-out<span class="w"> </span>server.key<span class="w"> </span><span class="m">2048</span>
<span class="c1">#Create the CSR request file server.csr for the server certificate.</span>
openssl<span class="w"> </span>req<span class="w"> </span>-out<span class="w"> </span>server.csr<span class="w"> </span>-key<span class="w"> </span>server.key<span class="w"> </span>-new<span class="w"> </span>-config<span class="w"> </span>./server_cert.conf
<span class="c1">#Use the CA certificate to issue the server certificate server.crt.</span>
openssl<span class="w"> </span>x509<span class="w"> </span>-req<span class="w"> </span>-in<span class="w"> </span>server.csr<span class="w"> </span>-out<span class="w"> </span>server.crt<span class="w"> </span>-sha1<span class="w"> </span>-CAcreateserial<span class="w"> </span>-days<span class="w"> </span><span class="m">5000</span><span class="w"> </span>-CA<span class="w"> </span>../ca/ca.crt<span class="w"> </span>-CAkey<span class="w"> </span>../ca/ca.key
<span class="c1">#Convert the server certificate format to p12.</span>
openssl<span class="w"> </span>pkcs12<span class="w"> </span>-export<span class="w"> </span>-clcerts<span class="w"> </span>-in<span class="w"> </span>server.crt<span class="w"> </span>-inkey<span class="w"> </span>server.key<span class="w"> </span>-out<span class="w"> </span>server.p12
<span class="c1">#Convert the service certificate format to JKS.</span>
keytool<span class="w"> </span>-importkeystore<span class="w"> </span>-srckeystore<span class="w"> </span>server.p12<span class="w"> </span>-srcstoretype<span class="w"> </span>PKCS12<span class="w"> </span>-deststoretype<span class="w"> </span>JKS<span class="w"> </span>-destkeystore<span class="w"> </span>server.jks
<span class="c1">#Use the CA certificate to issue a client certificate.</span>
<span class="nb">cd</span><span class="w"> </span>../client
<span class="c1">#Create the OpenSSL configuration file client_cert.conf for the client certificate. Change the CN field to the domain name or IP address of the server as required.</span>
cat<span class="w"> </span>&gt;client_cert.conf<span class="w"> </span><span class="s">&lt;&lt;EOF</span>
<span class="s">[ req ]</span>
<span class="s">distinguished_name = req_distinguished_name</span>
<span class="s">prompt = no</span>
<span class="s">[ req_distinguished_name ]</span>
<span class="s">O = ELB</span>
<span class="s">CN = 127.0.0.1</span>
<span class="s">EOF</span>
<span class="c1">#Create private key client.key for the client certificate.</span>
openssl<span class="w"> </span>genrsa<span class="w"> </span>-out<span class="w"> </span>client.key<span class="w"> </span><span class="m">2048</span>
<span class="c1">#Create the CSR file client.csr for the client certificate.</span>
openssl<span class="w"> </span>req<span class="w"> </span>-out<span class="w"> </span>client.csr<span class="w"> </span>-key<span class="w"> </span>client.key<span class="w"> </span>-new<span class="w"> </span>-config<span class="w"> </span>./client_cert.conf
<span class="c1">#Use the CA certificate to issue the client certificate client.crt.</span>
openssl<span class="w"> </span>x509<span class="w"> </span>-req<span class="w"> </span>-in<span class="w"> </span>client.csr<span class="w"> </span>-out<span class="w"> </span>client.crt<span class="w"> </span>-sha1<span class="w"> </span>-CAcreateserial<span class="w"> </span>-days<span class="w"> </span><span class="m">5000</span><span class="w"> </span>-CA<span class="w"> </span>../ca/ca.crt<span class="w"> </span>-CAkey<span class="w"> </span>../ca/ca.key
<span class="c1">#Convert the client certificate to a p12 file that can be identified by the browser.</span>
openssl<span class="w"> </span>pkcs12<span class="w"> </span>-export<span class="w"> </span>-clcerts<span class="w"> </span>-in<span class="w"> </span>client.crt<span class="w"> </span>-inkey<span class="w"> </span>client.key<span class="w"> </span>-out<span class="w"> </span>client.p12
<span class="c1">#Convert the client certificate format to JKS.</span>
keytool<span class="w"> </span>-importkeystore<span class="w"> </span>-srckeystore<span class="w"> </span>client.p12<span class="w"> </span>-srcstoretype<span class="w"> </span>PKCS12<span class="w"> </span>-deststoretype<span class="w"> </span>JKS<span class="w"> </span>-destkeystore<span class="w"> </span>client.jks
</pre></div></td></tr></table></div>
</div>
</li><li id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_li1350483916585">Upload the self-signed certificate. For details, see <a href="https://docs.otc.t-systems.com/elastic-load-balancing/umn/advanced_features_of_http_https_listeners/mutual_authentication.html#configuring-the-server-certificate-and-private-key" target="_blank" rel="noopener noreferrer">Configuring the Server Certificate and Private Key</a>.</li></ol>
</div>
<div class="section" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_section7323118163219"><a name="css_01_0478__css_01_0413_en-us_topic_0000001463438465_section7323118163219"></a><a name="css_01_0413_en-us_topic_0000001463438465_section7323118163219"></a><h4 class="sectiontitle">Creating a Dedicated Load Balancer</h4><ol id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_ol103047454109"><li id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_li33041445101014">Log in to the ELB management console.</li><li id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_li121361146181017">Create a dedicated load balancer. For details, see <a href="https://docs.otc.t-systems.com/elastic-load-balancing/umn/load_balancer/creating_a_dedicated_load_balancer.html" target="_blank" rel="noopener noreferrer">Creating a Dedicated Load Balancer</a>. <a href="#css_01_0478__css_01_0413_en-us_topic_0000001463438465_table937081413137">Table 3</a> describes the parameters required for connecting a CSS cluster with a dedicated load balancer.
<div class="tablenoborder"><a name="css_01_0478__css_01_0413_en-us_topic_0000001463438465_table937081413137"></a><a name="css_01_0413_en-us_topic_0000001463438465_table937081413137"></a><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_table937081413137" frame="border" border="1" rules="all"><caption><b>Table 3 </b>Parameters for connecting a CSS cluster with a dedicated load balancer</caption><thead align="left"><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row73711814201312"><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.5.2.2.3.2.4.1.1"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p637112149139">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.5.2.2.3.2.4.1.2"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p5371161431311">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.5.2.2.3.2.4.1.3"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p0371114121318">Example</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row637191431312"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p63719141134">Type</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p18257539145">Load balancer type. Select <strong id="css_01_0478__css_01_0413_b170274170884428">Dedicated</strong>.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p18256534146">Dedicated</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row4371131411316"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1535014931516">Billing Mode</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p163501496156">Billing mode of the dedicated load balancer.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p335012911159">Pay-per-use</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row1837111441320"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p95351639101512">Region</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p7535133921519">Region where the CSS cluster is located.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p5371121481311">-</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row14371181411315"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p12504560158">IP as Backend Servers</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1350105651510">A CSS cluster can be connected only after the cross-VPC backend is enabled.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p55045615159">Enabled</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row1337110143138"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p43718146133">Network Type</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1971182516196">Type of the network used by the load balancer to provide services to external systems.</p>
<p id="css_01_0478__css_01_0413_p1220133714163">CSS supports <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue15439509100"><b>Private IPv4 network</b></span> and <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue10913132161016"><b>IPv6 network</b></span>.</p>
<ul id="css_01_0478__css_01_0413_ul33371239111617"><li id="css_01_0478__css_01_0413_li1018844918168">When <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue384615307270"><b>IPv6 network</b></span> is selected, <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue156081473176"><b>Private IP Address</b></span> and <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue1860815714179"><b>IPv6 address</b></span> are displayed under <strong id="css_01_0478__css_01_0413_b897919112315">Load balancing instance</strong> after CSS is connected to the load balancer. <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue14411115118174"><b>EIP</b></span> is displayed only when the dedicated load balancer is associated with a shared bandwidth.</li><li id="css_01_0478__css_01_0413_li1333793917160">When <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue181296592121"><b>Private IPv4 network</b></span> is selected, <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue151298596123"><b>Private IP Address</b></span> and <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue6129459151211"><b>EIP</b></span> are displayed under <strong id="css_01_0478__css_01_0413_b612912595125">Load balancing instance</strong> after CSS is connected to the load balancer.</li></ul>
<div class="note" id="css_01_0478__css_01_0413_note25611662518"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="css_01_0478__css_01_0413_p6561136182511">CSS supports IPv6 networks only in the CN East 2 region. In other regions, only private IPv4 networks are supported.</p>
</div></div>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1223575501619">Private IPv4 network</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row1437121419133"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p2089963362015">VPC</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p684815252017">VPC where the load balancer works. This parameter is mandatory no matter which network type is selected.</p>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p12899133362014">Select the VPC of the CSS cluster.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p14899173322014">-</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row337181431316"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1262014288218">Subnet</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p283710412210">Subnet where the load balancer is to be created. This parameter is mandatory no matter which network type is selected.</p>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p2620172810217">Select the subnet of the CSS cluster.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1162113282213">-</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row18576310218"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1758231192117">Specifications</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.2.3.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p682012565229">You are advised to select <strong id="css_01_0478__css_01_0413_b89650499584428">Application load balancing (HTTP/HTTPS)</strong>, which provides better functionality and performance.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.5.2.2.3.2.4.1.3 "><p id="css_01_0478__css_01_0413_p260011248348">Application load balancing (HTTP/HTTPS)</p>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p12820145672211"><span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue16308459117"><b>Small I</b></span></p>
</td>
</tr>
</tbody>
</table>
</div>
</li></ol>
</div>
<div class="section" id="css_01_0478__css_01_0413_section1566363619613"><a name="css_01_0478__css_01_0413_section1566363619613"></a><a name="css_01_0413_section1566363619613"></a><h4 class="sectiontitle">Connecting a Cluster to a Load Balancer</h4><ol id="css_01_0478__css_01_0413_ol1470215481661"><li id="css_01_0478__css_01_0413_li1670216481163">Log in to the CSS management console.</li><li id="css_01_0478__css_01_0413_li139707915916">On the <span class="uicontrol" id="css_01_0478__css_01_0413_uicontrol533215584428"><b>Clusters</b></span> page, select the cluster you want to connect to the load balancer and click the cluster name. The cluster information page is displayed.</li><li id="css_01_0478__css_01_0413_li1121323131018">In the navigation pane, choose <span class="uicontrol" id="css_01_0478__css_01_0413_uicontrol21741415424"><b>Load Balancing</b></span>. Toggle on <strong id="css_01_0478__css_01_0413_b85719554423">Load Balancing</strong> and configure basic load balancing information.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_table592216423112" frame="border" border="1" rules="all"><caption><b>Table 4 </b>Configuring load balancing</caption><thead align="left"><tr id="css_01_0478__css_01_0413_row139224424119"><th align="left" class="cellrowborder" valign="top" width="30%" id="mcps1.3.6.2.3.3.2.3.1.1"><p id="css_01_0478__css_01_0413_p8922124251116">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="70%" id="mcps1.3.6.2.3.3.2.3.1.2"><p id="css_01_0478__css_01_0413_p29221442131113">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_row89231542201112"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.6.2.3.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p892313426118">Load Balancer</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.6.2.3.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p692304212117">Select a dedicated load balancer created earlier. A CSS cluster is a managed resource. The selected load balancer becomes available only after <strong id="css_01_0478__css_01_0413_b8977185119497">IP as Backend Servers</strong> is enabled.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row18923174211113"><td class="cellrowborder" valign="top" width="30%" headers="mcps1.3.6.2.3.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p1792384201113">Agency</p>
</td>
<td class="cellrowborder" valign="top" width="70%" headers="mcps1.3.6.2.3.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p27461811101819">Select an IAM agency to authorize CSS to access and use ELB resources using the current account. The selected agency must include the <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue15564153091720"><b>ELB Administrator</b></span> or <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue246413421718"><b>ELB FullAccess</b></span> policy.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="fignone" id="css_01_0478__css_01_0413_fig25293718154"><span class="figcap"><b>Figure 1 </b>Enabling load balancing</span><br><span><img id="css_01_0478__css_01_0413_image1987105113518" src="en-us_image_0000001951397478.png"></span></div>
</li><li id="css_01_0478__css_01_0413_li13232203721215">Click <strong id="css_01_0478__css_01_0413_b10151155719110">OK</strong> to enable load balancing.</li><li id="css_01_0478__css_01_0413_li1672965911411">In the <strong id="css_01_0478__css_01_0413_b522316439419">Listener Configuration</strong> area, click <span><img id="css_01_0478__css_01_0413_image622374319414" src="en-us_image_0000001983636885.png"></span> to configure listener information.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_table145381018102516" frame="border" border="1" rules="all"><caption><b>Table 5 </b>Listener configuration</caption><thead align="left"><tr id="css_01_0478__css_01_0413_row1453731811254"><th align="left" class="cellrowborder" valign="top" width="23.49%" id="mcps1.3.6.2.5.3.2.3.1.1"><p id="css_01_0478__css_01_0413_p10537418182518">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="76.51%" id="mcps1.3.6.2.5.3.2.3.1.2"><p id="css_01_0478__css_01_0413_p2537418172512">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_row953741820251"><td class="cellrowborder" valign="top" width="23.49%" headers="mcps1.3.6.2.5.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p65370181250">Frontend Protocol</p>
</td>
<td class="cellrowborder" valign="top" width="76.51%" headers="mcps1.3.6.2.5.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p12537181872516">Protocol used by the client and listener to distribute traffic. Select <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue976612218215"><b>HTTP</b></span> or <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue121371624102113"><b>HTTPS</b></span>.</p>
<p id="css_01_0478__css_01_0413_p1253741817253">Select a protocol as required.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row1853721842519"><td class="cellrowborder" valign="top" width="23.49%" headers="mcps1.3.6.2.5.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p1537141819253">Frontend Port</p>
</td>
<td class="cellrowborder" valign="top" width="76.51%" headers="mcps1.3.6.2.5.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p165372186250">Port used by the client and listener to distribute traffic.</p>
<p id="css_01_0478__css_01_0413_p453711872520">Set this parameter based on site requirements.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row3538161814252"><td class="cellrowborder" valign="top" width="23.49%" headers="mcps1.3.6.2.5.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p8537201872513">SSL Authentication</p>
</td>
<td class="cellrowborder" valign="top" width="76.51%" headers="mcps1.3.6.2.5.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p16537118182519">Authentication mode for the client to access the server. Set this parameter only when <strong id="css_01_0478__css_01_0413_b68812591167">Frontend Protocol</strong> is set to <strong id="css_01_0478__css_01_0413_b1226282572">HTTPS</strong>.</p>
<p id="css_01_0478__css_01_0413_p1353811812514">Select an authentication mode that suits your needs.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row1653811186253"><td class="cellrowborder" valign="top" width="23.49%" headers="mcps1.3.6.2.5.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p1553814189257">Server Certificate</p>
</td>
<td class="cellrowborder" valign="top" width="76.51%" headers="mcps1.3.6.2.5.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p19538818112514">The server certificate is used for SSL handshake. The certificate content and private key must be provided. It is required only when <strong id="css_01_0478__css_01_0413_b74584561398">Frontend Protocol</strong> is set to <strong id="css_01_0478__css_01_0413_b164587561696">HTTPS</strong>.</p>
<p id="css_01_0478__css_01_0413_p0394112723816">Select the server certificate created in <a href="#css_01_0478__css_01_0413_section7363183565716">Preparing and Uploading a Self-Signed Certificate</a>.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row16538151818253"><td class="cellrowborder" valign="top" width="23.49%" headers="mcps1.3.6.2.5.3.2.3.1.1 "><p id="css_01_0478__css_01_0413_p155381518152515">CA Certificate</p>
</td>
<td class="cellrowborder" valign="top" width="76.51%" headers="mcps1.3.6.2.5.3.2.3.1.2 "><p id="css_01_0478__css_01_0413_p135381518112513">Also called client CA public key certificate. It is used to verify the issuer of a client certificate. It is required only when <span class="parmname" id="css_01_0478__css_01_0413_parmname2025614019249"><b>SSL Authentication</b></span> is set to <span class="parmvalue" id="css_01_0478__css_01_0413_parmvalue6256184020248"><b>Two-way authentication</b></span>.</p>
<p id="css_01_0478__css_01_0413_p177301428203913">Select the CA certificate created in <a href="#css_01_0478__css_01_0413_section7363183565716">Preparing and Uploading a Self-Signed Certificate</a>.</p>
<p id="css_01_0478__css_01_0413_p95381818182517">When HTTPS two-way authentication is enabled, an HTTPS connection can be established only when the client can provide the certificate issued by a trusted CA.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="fignone" id="css_01_0478__css_01_0413_fig9367028279"><span class="figcap"><b>Figure 2 </b>Listener configuration</span><br><span><img id="css_01_0478__css_01_0413_image62663725414" src="en-us_image_0000001951401518.png"></span></div>
</li><li id="css_01_0478__css_01_0413_li899511109616">(Optional) In the Listener Configuration area, click <strong id="css_01_0478__css_01_0413_b64491861315">Settings</strong> next to <strong id="css_01_0478__css_01_0413_b9990191421311">Access Control</strong> to go to the <strong id="css_01_0478__css_01_0413_b201499410145">Listeners</strong> page of the load balancer. Click <strong id="css_01_0478__css_01_0413_b19890131853710">Configure</strong> in the <strong id="css_01_0478__css_01_0413_b1880811381518">Access Control</strong> column to configure the list of IP addresses that are allowed to access the cluster through the load balancer. If this parameter is not set, all IP addresses will be allowed to access the cluster.</li><li id="css_01_0478__css_01_0413_li854013920293">In the <strong id="css_01_0478__css_01_0413_b1832819145168">Health Check</strong> area, you can view the health check result for each node IP address.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_table498210896" frame="border" border="1" rules="all"><caption><b>Table 6 </b>Health check result description</caption><thead align="left"><tr id="css_01_0478__css_01_0413_row109822018917"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.6.2.7.2.2.3.1.1"><p id="css_01_0478__css_01_0413_p8982801591">Health Check Result</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.6.2.7.2.2.3.1.2"><p id="css_01_0478__css_01_0413_p17982601697">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_row8982110799"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.6.2.7.2.2.3.1.1 "><p id="css_01_0478__css_01_0413_p1198250192">Normal</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.6.2.7.2.2.3.1.2 "><p id="css_01_0478__css_01_0413_p18983403917">The node IP address is connected.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row189830016919"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.6.2.7.2.2.3.1.1 "><p id="css_01_0478__css_01_0413_p49831701891">Abnormal</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.6.2.7.2.2.3.1.2 "><p id="css_01_0478__css_01_0413_p89831302910">The node IP address is disconnected.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li></ol>
</div>
<div class="section" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_section6525113933311"><a name="css_01_0478__css_01_0413_en-us_topic_0000001463438465_section6525113933311"></a><a name="css_01_0413_en-us_topic_0000001463438465_section6525113933311"></a><h4 class="sectiontitle">Accessing a Cluster Using cURL Commands</h4><ol id="css_01_0478__css_01_0413_ol1974042011111"><li id="css_01_0478__css_01_0413_css_01_0386_li131841021174410">In the navigation pane on the left, choose <span class="wintitle" id="css_01_0478__css_01_0413_css_01_0386_wintitle121841621164416"><b>Clusters</b></span>.</li><li id="css_01_0478__css_01_0413_css_01_0386_li3184142119448">On the <span class="wintitle" id="css_01_0478__css_01_0413_wintitle1662086141813"><b>Clusters</b></span> page, click the name of the cluster you want to access. The <strong id="css_01_0478__css_01_0413_b17621862187">Cluster Information</strong> page is displayed.</li><li id="css_01_0478__css_01_0413_css_01_0386_li518410215446">In the navigation pane, choose <strong id="css_01_0478__css_01_0413_b924364645714">Load Balancing</strong>. Record the private or public IP address or IPv6 address of the load balancer, as well as the frontend protocol/port of the listener.<div class="note" id="css_01_0478__css_01_0413_note96958718228"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="css_01_0478__css_01_0413_p069516712225">You are not advised to connect a load balancer that has been associated with a public IP address to a non-security mode cluster. Access from the public network using such a load balancer may cause security risks because a non-security mode cluster can be accessed using HTTP without security authentication.</p>
</div></div>
</li><li id="css_01_0478__css_01_0413_li18962173014128">Run the following cURL commands on an ECS to check whether the dedicated load balancer can connect to the cluster.
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_table4446327845" frame="border" border="1" rules="all"><caption><b>Table 7 </b>Commands for accessing different types of clusters</caption><thead align="left"><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row4446127145"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.7.2.4.1.2.4.1.1"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p54462271544">Security Mode</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.7.2.4.1.2.4.1.2"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p114467271947">Service Form Provided by ELB for External Systems</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.7.2.4.1.2.4.1.3"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p3582618154718">cURL Command for Accessing a Cluster</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row2447527049"><td class="cellrowborder" rowspan="3" valign="top" width="20%" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1044715275413">Non-security</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.7.2.4.1.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1544712276420">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.7.2.4.1.2.4.1.3 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen1747520910129">curl http://IP:port</pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row889765821011"><td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p78978581104">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.2 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen12237201218113">curl --cacert ./ca.crt https://IP:port</pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row9447132710410"><td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p544711271341">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.2 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen149821446191116">curl --cacert ./ca.crt --cert ./client.crt --key ./client.key https://IP:port</pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row11447172714420"><td class="cellrowborder" rowspan="3" valign="top" width="20%" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1044712271441">Security mode + HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.7.2.4.1.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p17447727547">Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.7.2.4.1.2.4.1.3 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen0777171751218">curl http://IP:port -u <i><span class="varname" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_varname115297311313">user</span></i>:<i><span class="varname" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_varname5529437139">pwd</span></i></pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row129161432141217"><td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p4916332141216">One-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.2 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen10521175018129">curl --cacert ./ca.crt https://IP:port -u <i><span class="varname" id="css_01_0478__css_01_0413_varname7134164620155">user</span></i>:<i><span class="varname" id="css_01_0478__css_01_0413_varname733095112150">pwd</span></i></pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row1944819273415"><td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p194314694019">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.2 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen12973123219133">curl --cacert ./ca.crt --cert ./client.crt --key ./client.key https://IP:port -u <i><span class="varname" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_varname181422402133">user</span></i>:<i><span class="varname" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_varname22483439131">pwd</span></i></pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row24487273416"><td class="cellrowborder" rowspan="2" valign="top" width="20%" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p166041448144519">Security mode + HTTPS</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.7.2.4.1.2.4.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p1144818274413">One-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.7.2.4.1.2.4.1.3 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen724944101418">curl --cacert ./ca.crt https://IP:port -u <i><span class="varname" id="css_01_0478__css_01_0413_varname19101125914160">user</span></i>:<i><span class="varname" id="css_01_0478__css_01_0413_varname202012181712">pwd</span></i></pre>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row60175261311"><td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p7932175719401">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.7.2.4.1.2.4.1.2 "><pre class="screen" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_screen72497412141">curl --cacert ./ca.crt --cert ./client.crt --key ./client.key https://IP:port -u <i><span class="varname" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_varname324924161417">user</span></i>:<i><span class="varname" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_varname424974171411">pwd</span></i></pre>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_table111741414338" frame="border" border="1" rules="all"><caption><b>Table 8 </b>Variables</caption><thead align="left"><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row91731411337"><th align="left" class="cellrowborder" valign="top" width="23.7%" id="mcps1.3.7.2.4.2.2.3.1.1"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p14171714153311">Variable</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="76.3%" id="mcps1.3.7.2.4.2.2.3.1.2"><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p417131412333">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row192601805113"><td class="cellrowborder" valign="top" width="23.7%" headers="mcps1.3.7.2.4.2.2.3.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p19261218155110">IP</p>
</td>
<td class="cellrowborder" valign="top" width="76.3%" headers="mcps1.3.7.2.4.2.2.3.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p42611819514">IP address of a load balancer instance.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_row17404172471520"><td class="cellrowborder" valign="top" width="23.7%" headers="mcps1.3.7.2.4.2.2.3.1.1 "><p id="css_01_0478__css_01_0413_p1940418244158">port</p>
</td>
<td class="cellrowborder" valign="top" width="76.3%" headers="mcps1.3.7.2.4.2.2.3.1.2 "><p id="css_01_0478__css_01_0413_p24041624191514">Frontend protocol and port configured for the listener.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row131711473319"><td class="cellrowborder" valign="top" width="23.7%" headers="mcps1.3.7.2.4.2.2.3.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p4171147336">user</p>
</td>
<td class="cellrowborder" valign="top" width="76.3%" headers="mcps1.3.7.2.4.2.2.3.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p111791417336">Username of the cluster. This parameter is required only for a security-mode cluster.</p>
</td>
</tr>
<tr id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_row161711420338"><td class="cellrowborder" valign="top" width="23.7%" headers="mcps1.3.7.2.4.2.2.3.1.1 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p17171149336">pwd</p>
</td>
<td class="cellrowborder" valign="top" width="76.3%" headers="mcps1.3.7.2.4.2.2.3.1.2 "><p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p11713147339">Password of the username above. This parameter is required only for a security-mode cluster.</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="css_01_0478__css_01_0413_en-us_topic_0000001463438465_p55581652155510">If cluster information is returned, the connection is successful.</p>
</li></ol>
</div>
<div class="section" id="css_01_0478__css_01_0413_en-us_topic_0000001412998750_section1146765293619"><a name="css_01_0478__css_01_0413_en-us_topic_0000001412998750_section1146765293619"></a><a name="css_01_0413_en-us_topic_0000001412998750_section1146765293619"></a><div class="dropdownexpand"><div class="dropdowntitle" onclick="ExpandorCollapseNode(this)"><h4 class="sectiontitle">Sample Code for ESSecuredClientWithCerDemo</h4></div><div class="dropdowncontext"></div><div class="dropdowncontext"><div class="codecoloring" codetype="Java" id="css_01_0478__css_01_0413_en-us_topic_0000001412998750_screen21051518342"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal"> 10</span>
<span class="normal"> 11</span>
<span class="normal"> 12</span>
<span class="normal"> 13</span>
<span class="normal"> 14</span>
<span class="normal"> 15</span>
<span class="normal"> 16</span>
<span class="normal"> 17</span>
<span class="normal"> 18</span>
<span class="normal"> 19</span>
<span class="normal"> 20</span>
<span class="normal"> 21</span>
<span class="normal"> 22</span>
<span class="normal"> 23</span>
<span class="normal"> 24</span>
<span class="normal"> 25</span>
<span class="normal"> 26</span>
<span class="normal"> 27</span>
<span class="normal"> 28</span>
<span class="normal"> 29</span>
<span class="normal"> 30</span>
<span class="normal"> 31</span>
<span class="normal"> 32</span>
<span class="normal"> 33</span>
<span class="normal"> 34</span>
<span class="normal"> 35</span>
<span class="normal"> 36</span>
<span class="normal"> 37</span>
<span class="normal"> 38</span>
<span class="normal"> 39</span>
<span class="normal"> 40</span>
<span class="normal"> 41</span>
<span class="normal"> 42</span>
<span class="normal"> 43</span>
<span class="normal"> 44</span>
<span class="normal"> 45</span>
<span class="normal"> 46</span>
<span class="normal"> 47</span>
<span class="normal"> 48</span>
<span class="normal"> 49</span>
<span class="normal"> 50</span>
<span class="normal"> 51</span>
<span class="normal"> 52</span>
<span class="normal"> 53</span>
<span class="normal"> 54</span>
<span class="normal"> 55</span>
<span class="normal"> 56</span>
<span class="normal"> 57</span>
<span class="normal"> 58</span>
<span class="normal"> 59</span>
<span class="normal"> 60</span>
<span class="normal"> 61</span>
<span class="normal"> 62</span>
<span class="normal"> 63</span>
<span class="normal"> 64</span>
<span class="normal"> 65</span>
<span class="normal"> 66</span>
<span class="normal"> 67</span>
<span class="normal"> 68</span>
<span class="normal"> 69</span>
<span class="normal"> 70</span>
<span class="normal"> 71</span>
<span class="normal"> 72</span>
<span class="normal"> 73</span>
<span class="normal"> 74</span>
<span class="normal"> 75</span>
<span class="normal"> 76</span>
<span class="normal"> 77</span>
<span class="normal"> 78</span>
<span class="normal"> 79</span>
<span class="normal"> 80</span>
<span class="normal"> 81</span>
<span class="normal"> 82</span>
<span class="normal"> 83</span>
<span class="normal"> 84</span>
<span class="normal"> 85</span>
<span class="normal"> 86</span>
<span class="normal"> 87</span>
<span class="normal"> 88</span>
<span class="normal"> 89</span>
<span class="normal"> 90</span>
<span class="normal"> 91</span>
<span class="normal"> 92</span>
<span class="normal"> 93</span>
<span class="normal"> 94</span>
<span class="normal"> 95</span>
<span class="normal"> 96</span>
<span class="normal"> 97</span>
<span class="normal"> 98</span>
<span class="normal"> 99</span>
<span class="normal">100</span>
<span class="normal">101</span>
<span class="normal">102</span>
<span class="normal">103</span></pre></div></td><td class="code"><div><pre><span></span><span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.commons.io.IOUtils</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.auth.AuthScope</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.auth.UsernamePasswordCredentials</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.client.CredentialsProvider</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.impl.client.BasicCredentialsProvider</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.HttpHost</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.nio.conn.ssl.SSLIOSessionStrategy</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.action.search.SearchRequest</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.action.search.SearchResponse</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.client.RequestOptions</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.client.RestClient</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.client.RestClientBuilder</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.client.RestHighLevelClient</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.index.query.QueryBuilders</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.search.SearchHit</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.search.SearchHits</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.search.builder.SearchSourceBuilder</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">java.io.FileInputStream</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">java.io.IOException</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">java.security.KeyStore</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">java.security.SecureRandom</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">javax.net.ssl.HostnameVerifier</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">javax.net.ssl.KeyManagerFactory</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">javax.net.ssl.SSLContext</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">javax.net.ssl.SSLSession</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">javax.net.ssl.TrustManagerFactory</span><span class="p">;</span>
<span class="kd">public</span><span class="w"> </span><span class="kd">class</span> <span class="nc">ESSecuredClientWithCerDemo</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">KEY_STORE_PWD</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">TRUST_KEY_STORE_PWD</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">CA_JKS_PATH</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;ca.jks&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">CLIENT_JKS_PATH</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;client.jks&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">ELB_ADDRESS</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;127.0.0.1&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">ELB_PORT</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">9200</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">CSS_USERNAME</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;user&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">CSS_PWD</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="kd">public</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">main</span><span class="p">(</span><span class="n">String</span><span class="o">[]</span><span class="w"> </span><span class="n">args</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="c1">// Create a client.</span>
<span class="w"> </span><span class="n">RestHighLevelClient</span><span class="w"> </span><span class="n">client</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">initESClient</span><span class="p">(</span><span class="n">ELB_ADDRESS</span><span class="p">,</span><span class="w"> </span><span class="n">CSS_USERNAME</span><span class="p">,</span><span class="w"> </span><span class="n">CSS_PWD</span><span class="p">);</span>
<span class="w"> </span><span class="k">try</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="c1">// Search by using match_all, which is equivalent to {\&quot;query\&quot;: {\&quot;match_all\&quot;: {}}}.</span>
<span class="w"> </span><span class="n">SearchRequest</span><span class="w"> </span><span class="n">searchRequest</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">SearchRequest</span><span class="p">();</span>
<span class="w"> </span><span class="n">SearchSourceBuilder</span><span class="w"> </span><span class="n">searchSourceBuilder</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">SearchSourceBuilder</span><span class="p">();</span>
<span class="w"> </span><span class="n">searchSourceBuilder</span><span class="p">.</span><span class="na">query</span><span class="p">(</span><span class="n">QueryBuilders</span><span class="p">.</span><span class="na">matchAllQuery</span><span class="p">());</span>
<span class="w"> </span><span class="n">searchRequest</span><span class="p">.</span><span class="na">source</span><span class="p">(</span><span class="n">searchSourceBuilder</span><span class="p">);</span>
<span class="w"> </span><span class="c1">// query</span>
<span class="w"> </span><span class="n">SearchResponse</span><span class="w"> </span><span class="n">searchResponse</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">client</span><span class="p">.</span><span class="na">search</span><span class="p">(</span><span class="n">searchRequest</span><span class="p">,</span><span class="w"> </span><span class="n">RequestOptions</span><span class="p">.</span><span class="na">DEFAULT</span><span class="p">);</span>
<span class="w"> </span><span class="n">System</span><span class="p">.</span><span class="na">out</span><span class="p">.</span><span class="na">println</span><span class="p">(</span><span class="s">&quot;query result: &quot;</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">searchResponse</span><span class="p">.</span><span class="na">toString</span><span class="p">());</span>
<span class="w"> </span><span class="n">SearchHits</span><span class="w"> </span><span class="n">hits</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">searchResponse</span><span class="p">.</span><span class="na">getHits</span><span class="p">();</span>
<span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="n">SearchHit</span><span class="w"> </span><span class="n">hit</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">hits</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">System</span><span class="p">.</span><span class="na">out</span><span class="p">.</span><span class="na">println</span><span class="p">(</span><span class="n">hit</span><span class="p">.</span><span class="na">getSourceAsString</span><span class="p">());</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="n">System</span><span class="p">.</span><span class="na">out</span><span class="p">.</span><span class="na">println</span><span class="p">(</span><span class="s">&quot;query success&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="n">Thread</span><span class="p">.</span><span class="na">sleep</span><span class="p">(</span><span class="mi">2000L</span><span class="p">);</span>
<span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">catch</span><span class="w"> </span><span class="p">(</span><span class="n">InterruptedException</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">IOException</span><span class="w"> </span><span class="n">e</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">e</span><span class="p">.</span><span class="na">printStackTrace</span><span class="p">();</span>
<span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">finally</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">IOUtils</span><span class="p">.</span><span class="na">closeQuietly</span><span class="p">(</span><span class="n">client</span><span class="p">);</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="n">RestHighLevelClient</span><span class="w"> </span><span class="nf">initESClient</span><span class="p">(</span><span class="n">String</span><span class="w"> </span><span class="n">clusterAddress</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">userName</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">password</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">CredentialsProvider</span><span class="w"> </span><span class="n">credentialsProvider</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">BasicCredentialsProvider</span><span class="p">();</span>
<span class="w"> </span><span class="n">credentialsProvider</span><span class="p">.</span><span class="na">setCredentials</span><span class="p">(</span><span class="n">AuthScope</span><span class="p">.</span><span class="na">ANY</span><span class="p">,</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">UsernamePasswordCredentials</span><span class="p">(</span><span class="n">userName</span><span class="p">,</span><span class="w"> </span><span class="n">password</span><span class="p">));</span>
<span class="w"> </span><span class="n">SSLContext</span><span class="w"> </span><span class="n">ctx</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">null</span><span class="p">;</span>
<span class="w"> </span><span class="k">try</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">KeyStore</span><span class="w"> </span><span class="n">ks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">getKeyStore</span><span class="p">(</span><span class="n">CLIENT_JKS_PATH</span><span class="p">,</span><span class="w"> </span><span class="n">KEY_STORE_PWD</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;JKS&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="n">KeyManagerFactory</span><span class="w"> </span><span class="n">kmf</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">KeyManagerFactory</span><span class="p">.</span><span class="na">getInstance</span><span class="p">(</span><span class="s">&quot;SunX509&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="n">kmf</span><span class="p">.</span><span class="na">init</span><span class="p">(</span><span class="n">ks</span><span class="p">,</span><span class="w"> </span><span class="n">KEY_STORE_PWD</span><span class="p">.</span><span class="na">toCharArray</span><span class="p">());</span>
<span class="w"> </span><span class="n">KeyStore</span><span class="w"> </span><span class="n">tks</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">getKeyStore</span><span class="p">(</span><span class="n">CA_JKS_PATH</span><span class="p">,</span><span class="w"> </span><span class="n">TRUST_KEY_STORE_PWD</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;JKS&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="n">TrustManagerFactory</span><span class="w"> </span><span class="n">tmf</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">TrustManagerFactory</span><span class="p">.</span><span class="na">getInstance</span><span class="p">(</span><span class="s">&quot;SunX509&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="n">tmf</span><span class="p">.</span><span class="na">init</span><span class="p">(</span><span class="n">tks</span><span class="p">);</span>
<span class="w"> </span><span class="n">ctx</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">SSLContext</span><span class="p">.</span><span class="na">getInstance</span><span class="p">(</span><span class="s">&quot;SSL&quot;</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;SunJSSE&quot;</span><span class="p">);</span>
<span class="w"> </span><span class="n">ctx</span><span class="p">.</span><span class="na">init</span><span class="p">(</span><span class="n">kmf</span><span class="p">.</span><span class="na">getKeyManagers</span><span class="p">(),</span><span class="w"> </span><span class="n">tmf</span><span class="p">.</span><span class="na">getTrustManagers</span><span class="p">(),</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">SecureRandom</span><span class="p">());</span>
<span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">catch</span><span class="w"> </span><span class="p">(</span><span class="n">Exception</span><span class="w"> </span><span class="n">e</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">e</span><span class="p">.</span><span class="na">printStackTrace</span><span class="p">();</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="n">SSLIOSessionStrategy</span><span class="w"> </span><span class="n">sessionStrategy</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">SSLIOSessionStrategy</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">HostnameVerifier</span><span class="p">()</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nd">@Override</span>
<span class="w"> </span><span class="kd">public</span><span class="w"> </span><span class="kt">boolean</span><span class="w"> </span><span class="nf">verify</span><span class="p">(</span><span class="n">String</span><span class="w"> </span><span class="n">arg0</span><span class="p">,</span><span class="w"> </span><span class="n">SSLSession</span><span class="w"> </span><span class="n">arg1</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="kc">true</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">});</span>
<span class="w"> </span><span class="n">SecuredHttpClientConfigCallback</span><span class="w"> </span><span class="n">httpClientConfigCallback</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">SecuredHttpClientConfigCallback</span><span class="p">(</span><span class="n">sessionStrategy</span><span class="p">,</span>
<span class="w"> </span><span class="n">credentialsProvider</span><span class="p">);</span>
<span class="w"> </span><span class="n">RestClientBuilder</span><span class="w"> </span><span class="n">builder</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">RestClient</span><span class="p">.</span><span class="na">builder</span><span class="p">(</span><span class="k">new</span><span class="w"> </span><span class="n">HttpHost</span><span class="p">(</span><span class="n">clusterAddress</span><span class="p">,</span><span class="w"> </span><span class="n">ELB_PORT</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;https&quot;</span><span class="p">))</span>
<span class="w"> </span><span class="p">.</span><span class="na">setHttpClientConfigCallback</span><span class="p">(</span><span class="n">httpClientConfigCallback</span><span class="p">);</span>
<span class="w"> </span><span class="n">RestHighLevelClient</span><span class="w"> </span><span class="n">client</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">RestHighLevelClient</span><span class="p">(</span><span class="n">builder</span><span class="p">);</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">client</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">static</span><span class="w"> </span><span class="n">KeyStore</span><span class="w"> </span><span class="nf">getKeyStore</span><span class="p">(</span><span class="n">String</span><span class="w"> </span><span class="n">path</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">pwd</span><span class="p">,</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="n">type</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">KeyStore</span><span class="w"> </span><span class="n">keyStore</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">null</span><span class="p">;</span>
<span class="w"> </span><span class="n">FileInputStream</span><span class="w"> </span><span class="n">is</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="kc">null</span><span class="p">;</span>
<span class="w"> </span><span class="k">try</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">is</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="k">new</span><span class="w"> </span><span class="n">FileInputStream</span><span class="p">(</span><span class="n">path</span><span class="p">);</span>
<span class="w"> </span><span class="n">keyStore</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">KeyStore</span><span class="p">.</span><span class="na">getInstance</span><span class="p">(</span><span class="n">type</span><span class="p">);</span>
<span class="w"> </span><span class="n">keyStore</span><span class="p">.</span><span class="na">load</span><span class="p">(</span><span class="n">is</span><span class="p">,</span><span class="w"> </span><span class="n">pwd</span><span class="p">.</span><span class="na">toCharArray</span><span class="p">());</span>
<span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">catch</span><span class="w"> </span><span class="p">(</span><span class="n">Exception</span><span class="w"> </span><span class="n">e</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">e</span><span class="p">.</span><span class="na">printStackTrace</span><span class="p">();</span>
<span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="k">finally</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">IOUtils</span><span class="p">.</span><span class="na">closeQuietly</span><span class="p">(</span><span class="n">is</span><span class="p">);</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">keyStore</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
</div>
</div></div></div>
<div class="section" id="css_01_0478__css_01_0413_en-us_topic_0000001412998750_section177951919193614"><a name="css_01_0478__css_01_0413_en-us_topic_0000001412998750_section177951919193614"></a><a name="css_01_0413_en-us_topic_0000001412998750_section177951919193614"></a><div class="dropdownexpand"><div class="dropdowntitle" onclick="ExpandorCollapseNode(this)"><h4 class="sectiontitle">Sample Code for SecuredHttpClientConfigCallback</h4></div><div class="dropdowncontext"></div><div class="dropdowncontext"><div class="codecoloring" codetype="Java" id="css_01_0478__css_01_0413_en-us_topic_0000001412998750_screen6102416173614"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span>
<span class="normal">34</span>
<span class="normal">35</span>
<span class="normal">36</span>
<span class="normal">37</span>
<span class="normal">38</span>
<span class="normal">39</span>
<span class="normal">40</span>
<span class="normal">41</span>
<span class="normal">42</span>
<span class="normal">43</span>
<span class="normal">44</span>
<span class="normal">45</span>
<span class="normal">46</span>
<span class="normal">47</span>
<span class="normal">48</span>
<span class="normal">49</span>
<span class="normal">50</span>
<span class="normal">51</span>
<span class="normal">52</span>
<span class="normal">53</span>
<span class="normal">54</span>
<span class="normal">55</span>
<span class="normal">56</span>
<span class="normal">57</span>
<span class="normal">58</span>
<span class="normal">59</span></pre></div></td><td class="code"><div><pre><span></span><span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.client.CredentialsProvider</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.impl.nio.client.HttpAsyncClientBuilder</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.apache.http.nio.conn.ssl.SSLIOSessionStrategy</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.client.RestClientBuilder</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">org.elasticsearch.common.Nullable</span><span class="p">;</span>
<span class="kn">import</span><span class="w"> </span><span class="nn">java.util.Objects</span><span class="p">;</span>
<span class="kd">class</span> <span class="nc">SecuredHttpClientConfigCallback</span><span class="w"> </span><span class="kd">implements</span><span class="w"> </span><span class="n">RestClientBuilder</span><span class="p">.</span><span class="na">HttpClientConfigCallback</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="nd">@Nullable</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">CredentialsProvider</span><span class="w"> </span><span class="n">credentialsProvider</span><span class="p">;</span>
<span class="w"> </span><span class="cm">/**</span>
<span class="cm"> * The {@link SSLIOSessionStrategy} for all requests to enable SSL / TLS encryption.</span>
<span class="cm"> */</span>
<span class="w"> </span><span class="kd">private</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">SSLIOSessionStrategy</span><span class="w"> </span><span class="n">sslStrategy</span><span class="p">;</span>
<span class="w"> </span><span class="cm">/**</span>
<span class="cm"> * Create a new {@link SecuredHttpClientConfigCallback}.</span>
<span class="cm"> *</span>
<span class="cm"> * @param credentialsProvider The credential provider, if a username/password have been supplied</span>
<span class="cm"> * @param sslStrategy The SSL strategy, if SSL / TLS have been supplied</span>
<span class="cm"> * @throws NullPointerException if {@code sslStrategy} is {@code null}</span>
<span class="cm"> */</span>
<span class="w"> </span><span class="n">SecuredHttpClientConfigCallback</span><span class="p">(</span><span class="kd">final</span><span class="w"> </span><span class="n">SSLIOSessionStrategy</span><span class="w"> </span><span class="n">sslStrategy</span><span class="p">,</span>
<span class="w"> </span><span class="nd">@Nullable</span><span class="w"> </span><span class="kd">final</span><span class="w"> </span><span class="n">CredentialsProvider</span><span class="w"> </span><span class="n">credentialsProvider</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="k">this</span><span class="p">.</span><span class="na">sslStrategy</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">Objects</span><span class="p">.</span><span class="na">requireNonNull</span><span class="p">(</span><span class="n">sslStrategy</span><span class="p">);</span>
<span class="w"> </span><span class="k">this</span><span class="p">.</span><span class="na">credentialsProvider</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">credentialsProvider</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="cm">/**</span>
<span class="cm"> * Get the {@link CredentialsProvider} that will be added to the HTTP client.</span>
<span class="cm"> *</span>
<span class="cm"> * @return Can be {@code null}.</span>
<span class="cm"> */</span>
<span class="w"> </span><span class="nd">@Nullable</span>
<span class="w"> </span><span class="n">CredentialsProvider</span><span class="w"> </span><span class="nf">getCredentialsProvider</span><span class="p">()</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">credentialsProvider</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="cm">/**</span>
<span class="cm"> * Get the {@link SSLIOSessionStrategy} that will be added to the HTTP client.</span>
<span class="cm"> *</span>
<span class="cm"> * @return Never {@code null}.</span>
<span class="cm"> */</span>
<span class="w"> </span><span class="n">SSLIOSessionStrategy</span><span class="w"> </span><span class="nf">getSSLStrategy</span><span class="p">()</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">sslStrategy</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="cm">/**</span>
<span class="cm"> * Sets the {@linkplain HttpAsyncClientBuilder#setDefaultCredentialsProvider(CredentialsProvider) credential provider},</span>
<span class="cm"> *</span>
<span class="cm"> * @param httpClientBuilder The client to configure.</span>
<span class="cm"> * @return Always {@code httpClientBuilder}.</span>
<span class="cm"> */</span>
<span class="w"> </span><span class="nd">@Override</span>
<span class="w"> </span><span class="kd">public</span><span class="w"> </span><span class="n">HttpAsyncClientBuilder</span><span class="w"> </span><span class="nf">customizeHttpClient</span><span class="p">(</span><span class="kd">final</span><span class="w"> </span><span class="n">HttpAsyncClientBuilder</span><span class="w"> </span><span class="n">httpClientBuilder</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="c1">// enable SSL / TLS</span>
<span class="w"> </span><span class="n">httpClientBuilder</span><span class="p">.</span><span class="na">setSSLStrategy</span><span class="p">(</span><span class="n">sslStrategy</span><span class="p">);</span>
<span class="w"> </span><span class="c1">// enable user authentication</span>
<span class="w"> </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">credentialsProvider</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="kc">null</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">httpClientBuilder</span><span class="p">.</span><span class="na">setDefaultCredentialsProvider</span><span class="p">(</span><span class="n">credentialsProvider</span><span class="p">);</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="k">return</span><span class="w"> </span><span class="n">httpClientBuilder</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
</pre></div></td></tr></table></div>
</div>
</div></div></div>
<div class="section" id="css_01_0478__css_01_0413_en-us_topic_0000001412998750_section5394175153518"><a name="css_01_0478__css_01_0413_en-us_topic_0000001412998750_section5394175153518"></a><a name="css_01_0413_en-us_topic_0000001412998750_section5394175153518"></a><div class="dropdownexpand"><div class="dropdowntitle" onclick="ExpandorCollapseNode(this)"><h4 class="sectiontitle">pom.xml Sample Code</h4></div><div class="dropdowncontext"></div><div class="dropdowncontext"><div class="codecoloring" codetype="Java" id="css_01_0478__css_01_0413_en-us_topic_0000001412998750_screen16223287351"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
<span class="normal"> 2</span>
<span class="normal"> 3</span>
<span class="normal"> 4</span>
<span class="normal"> 5</span>
<span class="normal"> 6</span>
<span class="normal"> 7</span>
<span class="normal"> 8</span>
<span class="normal"> 9</span>
<span class="normal">10</span>
<span class="normal">11</span>
<span class="normal">12</span>
<span class="normal">13</span>
<span class="normal">14</span>
<span class="normal">15</span>
<span class="normal">16</span>
<span class="normal">17</span>
<span class="normal">18</span>
<span class="normal">19</span>
<span class="normal">20</span>
<span class="normal">21</span>
<span class="normal">22</span>
<span class="normal">23</span>
<span class="normal">24</span>
<span class="normal">25</span>
<span class="normal">26</span>
<span class="normal">27</span>
<span class="normal">28</span>
<span class="normal">29</span>
<span class="normal">30</span>
<span class="normal">31</span>
<span class="normal">32</span>
<span class="normal">33</span>
<span class="normal">34</span>
<span class="normal">35</span>
<span class="normal">36</span>
<span class="normal">37</span>
<span class="normal">38</span>
<span class="normal">39</span></pre></div></td><td class="code"><div><pre><span></span><span class="o">&lt;?</span><span class="n">xml</span><span class="w"> </span><span class="n">version</span><span class="o">=</span><span class="s">&quot;1.0&quot;</span><span class="w"> </span><span class="n">encoding</span><span class="o">=</span><span class="s">&quot;UTF-8&quot;</span><span class="o">?&gt;</span>
<span class="o">&lt;</span><span class="n">project</span><span class="w"> </span><span class="n">xmlns</span><span class="o">=</span><span class="s">&quot;http://maven.apache.org/POM/4.0.0&quot;</span>
<span class="w"> </span><span class="n">xmlns</span><span class="p">:</span><span class="n">xsi</span><span class="o">=</span><span class="s">&quot;http://www.w3.org/2001/XMLSchema-instance&quot;</span>
<span class="w"> </span><span class="n">xsi</span><span class="p">:</span><span class="n">schemaLocation</span><span class="o">=</span><span class="s">&quot;http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd&quot;</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">modelVersion</span><span class="o">&gt;</span><span class="mf">4.0.0</span><span class="o">&lt;/</span><span class="n">modelVersion</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">groupId</span><span class="o">&gt;</span><span class="mi">1</span><span class="o">&lt;/</span><span class="n">groupId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">artifactId</span><span class="o">&gt;</span><span class="n">ESClient</span><span class="o">&lt;/</span><span class="n">artifactId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">version</span><span class="o">&gt;</span><span class="mf">1.0</span><span class="o">-</span><span class="n">SNAPSHOT</span><span class="o">&lt;/</span><span class="n">version</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">name</span><span class="o">&gt;</span><span class="n">ESClient</span><span class="o">&lt;/</span><span class="n">name</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">properties</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">maven</span><span class="p">.</span><span class="na">compiler</span><span class="p">.</span><span class="na">source</span><span class="o">&gt;</span><span class="mi">8</span><span class="o">&lt;/</span><span class="n">maven</span><span class="p">.</span><span class="na">compiler</span><span class="p">.</span><span class="na">source</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">maven</span><span class="p">.</span><span class="na">compiler</span><span class="p">.</span><span class="na">target</span><span class="o">&gt;</span><span class="mi">8</span><span class="o">&lt;/</span><span class="n">maven</span><span class="p">.</span><span class="na">compiler</span><span class="p">.</span><span class="na">target</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">project</span><span class="p">.</span><span class="na">build</span><span class="p">.</span><span class="na">sourceEncoding</span><span class="o">&gt;</span><span class="n">UTF</span><span class="o">-</span><span class="mi">8</span><span class="o">&lt;/</span><span class="n">project</span><span class="p">.</span><span class="na">build</span><span class="p">.</span><span class="na">sourceEncoding</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">elasticsearch</span><span class="p">.</span><span class="na">version</span><span class="o">&gt;</span><span class="mf">7.10.2</span><span class="o">&lt;/</span><span class="n">elasticsearch</span><span class="p">.</span><span class="na">version</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;/</span><span class="n">properties</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">dependencies</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">groupId</span><span class="o">&gt;</span><span class="n">org</span><span class="p">.</span><span class="na">elasticsearch</span><span class="p">.</span><span class="na">client</span><span class="o">&lt;/</span><span class="n">groupId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">artifactId</span><span class="o">&gt;</span><span class="n">transport</span><span class="o">&lt;/</span><span class="n">artifactId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">version</span><span class="o">&gt;</span><span class="n">$</span><span class="p">{</span><span class="n">elasticsearch</span><span class="p">.</span><span class="na">version</span><span class="p">}</span><span class="o">&lt;/</span><span class="n">version</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;/</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">groupId</span><span class="o">&gt;</span><span class="n">org</span><span class="p">.</span><span class="na">elasticsearch</span><span class="o">&lt;/</span><span class="n">groupId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">artifactId</span><span class="o">&gt;</span><span class="n">elasticsearch</span><span class="o">&lt;/</span><span class="n">artifactId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">version</span><span class="o">&gt;</span><span class="n">$</span><span class="p">{</span><span class="n">elasticsearch</span><span class="p">.</span><span class="na">version</span><span class="p">}</span><span class="o">&lt;/</span><span class="n">version</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;/</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">groupId</span><span class="o">&gt;</span><span class="n">org</span><span class="p">.</span><span class="na">elasticsearch</span><span class="p">.</span><span class="na">client</span><span class="o">&lt;/</span><span class="n">groupId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">artifactId</span><span class="o">&gt;</span><span class="n">elasticsearch</span><span class="o">-</span><span class="n">rest</span><span class="o">-</span><span class="n">high</span><span class="o">-</span><span class="n">level</span><span class="o">-</span><span class="n">client</span><span class="o">&lt;/</span><span class="n">artifactId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">version</span><span class="o">&gt;</span><span class="n">$</span><span class="p">{</span><span class="n">elasticsearch</span><span class="p">.</span><span class="na">version</span><span class="p">}</span><span class="o">&lt;/</span><span class="n">version</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;/</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">groupId</span><span class="o">&gt;</span><span class="n">commons</span><span class="o">-</span><span class="n">io</span><span class="o">&lt;/</span><span class="n">groupId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">artifactId</span><span class="o">&gt;</span><span class="n">commons</span><span class="o">-</span><span class="n">io</span><span class="o">&lt;/</span><span class="n">artifactId</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;</span><span class="n">version</span><span class="o">&gt;</span><span class="mf">2.11.0</span><span class="o">&lt;/</span><span class="n">version</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;/</span><span class="n">dependency</span><span class="o">&gt;</span>
<span class="w"> </span><span class="o">&lt;/</span><span class="n">dependencies</span><span class="o">&gt;</span>
<span class="o">&lt;/</span><span class="n">project</span><span class="o">&gt;</span>
</pre></div></td></tr></table></div>
</div>
</div></div></div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_01_0475.html">Configuring Networking for an OpenSearch Cluster</a></div>
</div>
</div>
View Git Blame Copy Permalink