2

I am using angular 5 in my project and I have already setup my elasticsearch and kibana in gcp. Everything works fine until I tried to connect it to my project. I know I have to send my credentials, but it did not work and I tried also to add some CORS in the elasticsearch.yml, but no progress at all. For my database is firebase and use it service to create my elastic search instance. I want to connect it to my project can anyone help me with this? thank you

Here's my code :

var client = new elasticsearch.Client({

       host: 'http://user:pass@35.225.247.57//elasticsearch',

      log: 'trace',
     });
     client.ping({
      // ping usually has a 3000ms timeout

    }, function (error) {
      if (error) {
        console.trace(error);
      } else {
        console.log('All is well');
      }
    });

This is the response of the server

Failed to load http://35.225.247.57//elasticsearch/: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 401.

I added some CORS to elasticsearch.yml

http.cors.allow-origin: "*"
http.cors.allow-credentials: true
http.cors.allow-headers: "X-Requested-With, Content-Type, Content-Length, Authorization"
KENdi
  • 7,576
  • 2
  • 16
  • 31
Jon Dennis Ayson
  • 53
  • 1
  • 7
  • As I understand from your question, you have an angular 5 application that you want to connect to a elasticsearch + kibana that you've setup in a GCE (Google Compute Engine) VM instance. You want to connect the application to the instance running elasticsearch+kibana, therefore you need authentication. I don't understand what you mean when you say that you create the elasticseach GCE instance with the firebase database service. Could you explain a little bit more? – Pauloba Mar 06 '18 at 13:02
  • - Is the angular application running inside your GCP (Google Cloud Platform) project? - The firebase database is running jointly with the angular application? - If the firebase database inside the GCP project? – Pauloba Mar 06 '18 at 13:02
  • If all of the resources that you've described are running inside your GCP project then you need to make use of a service account for authentication as decribed here: https://www.elastic.co/guide/en/elasticsearch/plugins/master/repository-gcs-usage.html WARNING: the link above is preliminary documentation for a elastic future release, I linked it because it explains how authentication works on GCP. – Pauloba Mar 06 '18 at 13:02
  • If all of your resources are within a GCP project then there is no need for an external IP address. As you've mentioned you are using CORS, I'm linking here a related StackOVerflow thread with a helpful answer marked as accepted: https://stackoverflow.com/questions/20035101/why-does-my-javascript-get-a-no-access-control-allow-origin-header-is-present The above thread mentions this CORS setup guide that you can check: https://www.html5rocks.com/en/tutorials/cors/ – Pauloba Mar 06 '18 at 13:03

1 Answers1

0

Make sure the http.cors.enabled setting is also set to true

Configure the http.cors.allow-origin with a sensible value (* is ok for testing but you should not go to production with that; limit it to the origin you will be using)

Then, you have to restart the ElasticSearch service after you make changes to the configuration.

sudo systemctl stop elasticsearch.service
sudo systemctl start elasticsearch.service

For what it's worth, you should also disable the plain-text HTTP access and switch over to HTTPS exclusively. Especially since you are passing the credentials in clear text..

Mike Dinescu
  • 54,171
  • 16
  • 118
  • 151
  • thanks for the reply, yes im using just a simple plain text for testing i was trying to secure it but i encountered this problem, i have tried your solution above but it didn't work same issue it seems @Mike Dinescu – Jon Dennis Ayson Feb 27 '18 at 23:39