Skip to main content

Cloud server with OpenSearch

Last update:

OpenSearch is an open-source search and analytics engine. A cloud server with OpenSearch acts as a log collector and visualizer for the Selectel cloud platform.

You can configure automatic scheduled backups for a cloud server. You can restore a server disk from a backup.

You can create a cloud server with the pre-installed OpenSearch application. The application runs on a cloud server with the Ubuntu 24.04 LTS 64-bit operating system configured.

Before creating a cloud server with an application, review the software license agreements included in the image.

Minimum resource requirements

Number of vCPUs2
RAM2 GB
Boot volume20 GB
GPU availabilityNot required

Create a cloud server with OpenSearch

For OpenSearch to work, the cloud server must be accessible from the internet. To do this, you need to create a private subnet and attach a public IP address when creating the server.

To configure OpenSearch, you must provide user data—custom operating system configuration parameters—when creating the server. You can specify two sets of variables:

  • for accessing OpenSearch Dashboards via a domain;
  • for accessing OpenSearch Dashboards via an IP address.

After the server with OpenSearch is created, a free TLS certificate from Let’s Encrypt® will be automatically issued for the domain you specify. To issue the certificate, you need to add an A record for the domain and specify the server's public IP address as the record value. You can add the domain to Selectel DNS Hosting (actual).

  1. Optional: create a public IP address.

  2. Optional: add an A record for the domain.

  3. Create a service user.

  4. Issue an S3 key to the service user.

  5. Create a cloud server with OpenSearch.

1. Optional: create a public IP address

Create a public IP address if you need access to the OpenSearch Dashboard web interface via a domain. Skip this step if you will access the dashboard via an IP address only.

Use the Create a public IP address section of the Public IP addresses guide.

2. Optional: add an A record for the domain

Add an A record if you need access to the OpenSearch Dashboard web interface via a domain. Skip this step if you will access the dashboard via an IP address only.

Use the instructions on Adding a resource record.

Select the type of resource records in the group — A. In the record value, specify the public IP address that you created earlier.

3. Create a service user

Create a service user, in the permission settings select the role member or reader and the access scope Projects. Users can be created by the Account Owner or users with the iam.admin.

4. Issue an S3 key to the service user

Users with access to the control panel can issue S3 keys for themselves, but we recommend creating service users and issuing S3 keys to them.

Only the Account Owner or a user with the iam.admin role can issue S3 keys to other users. A service user cannot get an S3 key independently because they do not have access to the control panel — the Account Owner or iam.admin.

You must create a separate key for each project. You can issue multiple keys for one project.

  1. In the control panel, click IAM.

  2. Go to the section for the required user type:

    • Users — for users with access to the control panel;
    • Service users — for service users.

  3. Open the user page → in the Access tab.

  4. In the S3 keys block, click Add key.

  5. Enter a key name.

  6. Select a project for which the key will work.

  7. Click Generate. Two values will be generated:

    • Access key — Access Key ID, a key identifier;
    • Secret key — Secret Access Key, a secret key.

  8. Click Copy and save the key — you will not be able to view it after closing the window.

5. Create a cloud server with OpenSearch

  1. In the Control panel, on the top menu, click Products and select Cloud Servers.

  2. Click Create server.

  3. Fill in the blocks:

  4. Check the cloud server price.

  5. Click Create.

Name and placement

  1. Enter the server name. It will be set as the hostname in the operating system.

  2. Select the location where the server will be created. The available list of server configurations and resource costs depend on the location. You cannot change the location after the server is created.

Source

  1. Open the Applications tab.

  2. Select Cloud Opensearch.

  3. Optional: if you need a different current or archived application version, in the Version field, select the required version.

Configuration

Select a configuration from 2 vCPU, RAM starting from 2 GB and a boot disk size starting from 20 GB. For all lines, except Shared and Dedicated, two types of server configurations are available:

  • fixed configurations — ranges with different specifications, in which the resource ratio is fixed;
  • custom configurations — configurations in which any resource ratio can be specified.

Different processors are used in configurations depending on the line and pool segment. You can configure the selected configuration. After the server is created, you can change the configuration.

  1. Open the tab with the range.

  2. Click Fixed.

  3. Optional: you can configure the setting if you are creating a server in a multi-zone pool ru-6 segment, or the ru-3b, ru-7a, and ru-7b pool segments:

    3.1. Expand the block with the configuration settings.

    3.2. Optional: select the processor manufacturer. Choosing a manufacturer is not available in all pools.

    3.3. Optional: if you do not want physical processor cores pinned to the cloud server vCPUs, clear the Dedicated cores checkbox. For more details, see the Dedicated cores tutorial.

    3.4. Optional: if you want to disable Hyper-Threading for a dedicated core server, clear the Hyper-Threading (SMT) checkbox.

    3.5. Optional: if you are creating a cloud server with dedicated cores and want to host a multiprocessor server on a single NUMA node, check the Mandatory Hosting on a single NUMA node checkbox. You can host a server with 4 vCPUs or more on a single NUMA node. If the cloud server resources cannot be placed on one node, it will not be created. For more information, see the Placement on a single NUMA node section of the Dedicated cores tutorial.

  4. Select a configuration.

  5. If both local and network volumes are available in the selected configuration, select the disk to be used as the boot disk:

    • local disk — select the Local SSD NVMe disk checkbox. A server with a local disk can only be created from images and applications;
    • network volume — do not select the Local SSD NVMe disk checkbox.

    The amount of RAM allocated to the server may be less than specified in the configuration — the operating system kernel reserves some RAM depending on the kernel version and distribution. You can check the allocated capacity on the server using the sudo dmesg | grep Memory command.

Volumes

  1. If you did not check the Local SSD NVMe disk checkbox when setting up the configuration, the first specified network volume will be used as the server boot disk. To configure it:

    1.1. Select the network boot disk type.

    1.2. Specify the size of the network boot disk in GB or TB. Observe the network volume limits for the maximum size.

    1.3. If you selected the Universal v2 or Fast SSD v2 disk type, specify the total number of read and write operations in IOPS. After creating the volume, you can change the IOPS value — reduce or increase it. The number of IOPS changes is unlimited.

  2. Optional: add an additional server network volume :

    2.1. Click Add.

    2.2. Select the network volume type.

    2.3. Specify the size of the network disk in GB or TB. Observe the network volume limits for the maximum size.

    2.4. If you selected the Universal v2 or Fast SSD v2 disk type, specify the total number of read and write operations in IOPS. After creating the volume, you can change the IOPS value — reduce or increase it. The number of IOPS changes is unlimited.

    After creating the server, you can attach new additional disks.

Network

The server can be added to a new private subnet or an existing one.

Private — a subnet without internet access or with one static public IP address. The public IP address is connected to the server, which will be accessible from the internet.

  1. Click Private subnet.

  2. In the Public IP address for internet access field, select a public IP address that you created earlier or create a new one.

  3. Expand the block with the private subnet settings.

  4. In the Subnet field, select an existing subnet.

  5. In the Private IP field, specify the private IP address of the server. A public IP address will be automatically connected to the private address.

Security

Select security groups to filter traffic on server ports. Without security groups, traffic will be denied. If the block is missing, traffic filtering (port security) is turned off in the server network. With traffic filtering disabled, all traffic will be allowed.

Access

  1. Place an SSH key for the project on the server for secure connection:

    1.1. If the SSH key for the project has not been added to the cloud platform, click Add SSH key, enter the key name, paste the public key in OpenSSH format, and click Add.

    1.2. If the SSH key for the project has been added to the cloud platform, select an existing key in the SSH key field. The SSH key is only available in the pool where it is located.

  2. Optional: in the Password for 'root' field:

    2.1. Copy the password for the root user — the user with unrestricted privileges for all system actions.

    2.2. Save the password in a secure place and do not share it in plain text.

Additional settings

  1. Optional: if you plan to create multiple servers and want to increase infrastructure fault tolerance, add the server to a placement group:

    1.1. To create a new group, in the Placement group field, click Create.

    1.2. Select New group and enter the group name.

    1.3. Choose a placement policy across different hosts:

    • preferable — soft-anti-affinity. The system will attempt to place servers on different hosts. If there is no suitable host when creating the server, it will be created on the same host;
    • mandatory — anti-affinity. Servers in the group must be located on different hosts. If there is no suitable host when creating the server, the server will not be created.

    1.4. Once the group is created, in the Placement group field, select the placement group.

  2. Optional: to add additional information or filter servers in the list, add server tags. OS and configuration tags are added automatically. To add a new tag, in the Tags field, enter the tag.

  3. To add a script that will be executed using the cloud-init agent at the first operating system startup, in the Automation block in the User data field:

    • open the Text tab and paste the script as text;
    • or open the File tab and upload the file with the script.

The OpenSearch Dashboards web interface will be available via the domain. Ensure you have created a public IP address and added an A record for the domain.

#cloud-config

write_files:
- path: "/opt/gomplate/values/user-values.yml"
  permissions: "0644"
  content: |
    opensearchDomain: '<opensearch_domain>'
    AdminEmail: '<user_email>'
    opensearchAdminUser: '<username>'
    opensearchAdminPassword: '<user_password>'
    AWS_ACCESS_KEY_ID: '<access_key>'
    AWS_SECRET_ACCESS_KEY: '<secret_key>'
    retentionDays: <days_number>

Specify:

  • <opensearch_domain> — the domain for accessing OpenSearch Dashboards that you added earlier;
  • <user_email> — the OpenSearch Dashboards administrator email. This email will be used to issue SSL certificates;
  • optional: <username> — the username for logging in to OpenSearch Dashboards. If not specified, the default value is admin;
  • <user_password> — the user password for logging in to OpenSearch Dashboards;
  • <access_key> — the log access key that you saved earlier;
  • <secret_key> — the key for retrieving logs that you saved earlier;
  • optional: <days_number> — the number of days to store logs. If not specified, the default value is 7.