You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/guide/connecting.asciidoc
+85-38Lines changed: 85 additions & 38 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,9 +7,15 @@ This page contains the information you need to connect the Client with {es}.
7
7
[[connect-ec]]
8
8
=== Connecting to Elastic Cloud
9
9
10
-
https://www.elastic.co/guide/en/cloud/current/ec-getting-started.html[Elastic Cloud] is the easiest way to get started with Elasticsearch. When connecting to Elastic Cloud with the Python Elasticsearch client you should always use the `cloud_id` parameter to connect. You can find this value within the "Manage Deployment" page after you've created a cluster (look in the top-left if you're in Kibana).
is the easiest way to get started with {es}. When connecting to Elastic Cloud
12
+
with the Python {es} client you should always use the `cloud_id`
13
+
parameter to connect. You can find this value within the "Manage Deployment"
14
+
page after you've created a cluster (look in the top-left if you're in Kibana).
11
15
12
-
We recommend using a Cloud ID whenever possible because your client will be automatically configured for optimal use with Elastic Cloud including HTTPS and HTTP compression.
16
+
We recommend using a Cloud ID whenever possible because your client will be
17
+
automatically configured for optimal use with Elastic Cloud including HTTPS and
18
+
HTTP compression.
13
19
14
20
[source,python]
15
21
----
@@ -36,15 +42,22 @@ client.info()
36
42
[[connect-self-managed-new]]
37
43
=== Connecting to a self-managed cluster
38
44
39
-
By default Elasticsearch will start with security features like authentication and TLS enabled. To connect to the Elasticsearch cluster you'll need to configure the Python Elasticsearch client to use HTTPS with the generated CA certificate in order to make requests successfully.
45
+
By default {es} will start with security features like authentication and TLS
46
+
enabled. To connect to the {es} cluster you'll need to configure the Python {es}
47
+
client to use HTTPS with the generated CA certificate in order to make requests
48
+
successfully.
40
49
41
-
If you're just getting started with Elasticsearch we recommend reading the documentation on https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html[configuring] and https://www.elastic.co/guide/en/elasticsearch/reference/current/starting-elasticsearch.html[starting Elasticsearch] to ensure your cluster is running as expected.
50
+
If you're just getting started with {es} we recommend reading the documentation
51
+
on https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html[configuring]
When you start Elasticsearch for the first time you'll see a distinct block like the one below in the output from Elasticsearch (you may have to scroll up if it's been a while):
56
+
When you start {es} for the first time you'll see a distinct block like the one
57
+
below in the output from {es} (you may have to scroll up if it's been a while):
Note down the `elastic` user password and HTTP CA fingerprint for the next sections. In the examples below they will be stored in the variables `ELASTIC_PASSWORD` and `CERT_FINGERPRINT` respectively.
73
+
Note down the `elastic` user password and HTTP CA fingerprint for the next
74
+
sections. In the examples below they will be stored in the variables
75
+
`ELASTIC_PASSWORD` and `CERT_FINGERPRINT` respectively.
61
76
62
-
Depending on the circumstances there are two options for verifying the HTTPS connection, either verifying with the CA certificate itself or via the HTTP CA certificate fingerprint.
77
+
Depending on the circumstances there are two options for verifying the HTTPS
78
+
connection, either verifying with the CA certificate itself or via the HTTP CA
79
+
certificate fingerprint.
63
80
64
81
[discrete]
65
82
==== Verifying HTTPS with CA certificates
66
83
67
-
Using the `ca_certs` option is the default way the Python Elasticsearch client verifies an HTTPS connection.
84
+
Using the `ca_certs` option is the default way the Python {es} client verifies
85
+
an HTTPS connection.
68
86
69
-
The generated root CA certificate can be found in the `certs` directory in your Elasticsearch config location (`$ES_CONF_PATH/certs/http_ca.crt`). If you're running Elasticsearch in Docker there is https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html[additional documentation for retrieving the CA certificate].
87
+
The generated root CA certificate can be found in the `certs` directory in your
88
+
{es} config location (`$ES_CONF_PATH/certs/http_ca.crt`). If you're running {es}
89
+
in Docker there is
90
+
https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html[additional documentation for retrieving the CA certificate].
70
91
71
-
Once you have the `http_ca.crt` file somewhere accessible pass the path to the client via `ca_certs`:
92
+
Once you have the `http_ca.crt` file somewhere accessible pass the path to the
NOTE: If you don't specify `ca_certs` or `ssl_assert_fingerprint` then the https://certifiio.readthedocs.io[certifi package] will be used for `ca_certs` by default if available.
114
+
NOTE: If you don't specify `ca_certs` or `ssl_assert_fingerprint` then the
115
+
https://certifiio.readthedocs.io[certifi package] will be used for `ca_certs` by
116
+
default if available.
93
117
94
118
[discrete]
95
119
==== Verifying HTTPS with certificate fingerprints (Python 3.10 or later)
96
120
97
-
NOTE: Using this method **requires using Python 3.10 or later** and isn't available when using the `aiohttp` HTTP client library so can't be used with `AsyncElasticsearch`.
121
+
NOTE: Using this method **requires using Python 3.10 or later** and isn't
122
+
available when using the `aiohttp` HTTP client library so can't be used with
123
+
`AsyncElasticsearch`.
98
124
99
-
This method of verifying the HTTPS connection takes advantage of the certificate fingerprint value noted down earlier. Take this SHA256 fingerprint value and pass it to the Python Elasticsearch client via `ssl_assert_fingerprint`:
125
+
This method of verifying the HTTPS connection takes advantage of the certificate
126
+
fingerprint value noted down earlier. Take this SHA256 fingerprint value and
127
+
pass it to the Python {es} client via `ssl_assert_fingerprint`:
If you don't have access to the generated CA file from Elasticsearch you can use the following script to output the root CA fingerprint of the Elasticsearch instance with `openssl s_client`:
160
+
If you don't have access to the generated CA file from {es} you can use the
161
+
following script to output the root CA fingerprint of the {es} instance with
WARNING: Running Elasticsearch without security enabled is not recommended.
184
+
WARNING: Running {es} without security enabled is not recommended.
154
185
155
-
If your cluster is configured with https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html[security explicitly disabled] then you can connect via HTTP:
The Python Elasticsearch client supports sending API requests to multiple nodes in the cluster. This means that work will be more evenly spread across the cluster instead of hammering the same node over and over with requests. To configure the client with multiple nodes you can pass a list of URLs, each URL will be used as a separate node in the pool.
206
+
The Python {es} client supports sending API requests to multiple nodes in the
207
+
cluster. This means that work will be more evenly spread across the cluster
208
+
instead of hammering the same node over and over with requests. To configure the
209
+
client with multiple nodes you can pass a list of URLs, each URL will be used as
210
+
a separate node in the pool.
174
211
175
212
[source,python]
176
213
----
@@ -193,9 +230,12 @@ client = Elasticsearch(
193
230
)
194
231
----
195
232
196
-
By default nodes are selected using round-robin, but alternate node selection strategies can be configured with `node_selector_class` parameter.
233
+
By default nodes are selected using round-robin, but alternate node selection
234
+
strategies can be configured with `node_selector_class` parameter.
197
235
198
-
NOTE: If your Elasticsearch cluster is behind a load balancer like when using Elastic Cloud you won't need to configure multiple nodes. Instead use the load balancer host and port.
236
+
NOTE: If your {es} cluster is behind a load balancer like when using Elastic
237
+
Cloud you won't need to configure multiple nodes. Instead use the load balancer
238
+
host and port.
199
239
200
240
201
241
[discrete]
@@ -239,8 +279,8 @@ for i in range(10):
239
279
[[auth-basic]]
240
280
==== HTTP Basic authentication (Username and Password)
241
281
242
-
HTTP Basic authentication uses the `basic_auth` parameter by passing in a username and
243
-
password within a tuple:
282
+
HTTP Basic authentication uses the `basic_auth` parameter by passing in a
283
+
username and password within a tuple:
244
284
245
285
[source,python]
246
286
----
@@ -282,7 +322,7 @@ es = Elasticsearch(
282
322
283
323
You can configure the client to use {es}'s API Key for connecting to your
284
324
cluster. Note that you need the values of `id` and `api_key` to
285
-
[authenticate via an API Key](https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html).
325
+
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html[authenticate via an API Key].
286
326
287
327
[source,python]
288
328
----
@@ -300,22 +340,29 @@ es = Elasticsearch(
300
340
[[compatibility-mode]]
301
341
=== Enabling the Compatibility Mode
302
342
303
-
The Elasticsearch server version 8.0 is introducing a new compatibility mode that allows you a smoother upgrade
304
-
experience from 7 to 8. In a nutshell, you can use the latest 7.x Python Elasticsearch Elasticsearch client with
305
-
an 8.x Elasticsearch server, giving more room to coordinate the upgrade of your codebase to the next major version.
343
+
The {es} server version 8.0 is introducing a new compatibility mode that allows
344
+
you a smoother upgrade experience from 7 to 8. In a nutshell, you can use the
345
+
latest 7.x Python {es} {es} client with an 8.x {es} server, giving more room to
346
+
coordinate the upgrade of your codebase to the next major version.
306
347
307
-
If you want to leverage this functionality, please make sure that you are using the latest 7.x Python Elasticsearch
308
-
client and set the environment variable `ELASTIC_CLIENT_APIVERSIONING` to `true`. The client is handling the rest
309
-
internally. For every 8.0 and beyond Python Elasticsearch client, you're all set! The compatibility mode
310
-
is enabled by default.
348
+
If you want to leverage this functionality, please make sure that you are using
349
+
the latest 7.x Python {es} client and set the environment variable
350
+
`ELASTIC_CLIENT_APIVERSIONING` to `true`. The client is handling the rest
351
+
internally. For every 8.0 and beyond Python {es} client, you're all set! The
352
+
compatibility mode is enabled by default.
311
353
312
354
[discrete]
313
355
[[connecting-faas]]
314
356
=== Using the Client in a Function-as-a-Service Environment
315
357
316
-
This section illustrates the best practices for leveraging the {es} client in a Function-as-a-Service (FaaS) environment.
317
-
The most influential optimization is to initialize the client outside of the function, the global scope.
318
-
This practice does not only improve performance but also enables background functionality as – for example –
358
+
This section illustrates the best practices for leveraging the {es} client in a
359
+
Function-as-a-Service (FaaS) environment.
360
+
361
+
The most influential optimization is to initialize the client outside of the
362
+
function, the global scope.
363
+
364
+
This practice does not only improve performance but also enables background
0 commit comments