search

opensearch-project / opensearch-devops

:smile: We welcome all the community members to help develop third party tools/automations/workflows for OpenSearch/OpenSearch-Dashboards.
https://opensearch.org/
Apache License 2.0
45 stars 36 forks source link

[HELP NEEDED] How to access REST API for opensearch nodes setup with Traefik? #190

Open tan-yong-sheng opened 1 month ago

tan-yong-sheng commented 1 month ago

Is your feature request related to a problem? Please describe

I am deploying opensearch and its UI looks fine, but my pain is I don't know how to access the opensearch's REST API url via https://opensearch.${DOMAINNAME}

Hope for help, please.

version: '3.7'
services:
  opensearch-node1: # This is also the hostname of the container within the Docker network (i.e. https://opensearch-node1/)
    image: opensearchproject/opensearch:latest # Specifying the latest available image - modify if you want a specific version
    container_name: opensearch-node1
    environment:
      - cluster.name=opensearch-cluster # Name the cluster
      - node.name=opensearch-node1 # Name the node that will run in this container
      - discovery.seed_hosts=opensearch-node1,opensearch-node2 # Nodes to look for when discovering the cluster
      - cluster.initial_cluster_manager_nodes=opensearch-node1,opensearch-node2 # Nodes eligible to serve as cluster manager
      - bootstrap.memory_lock=true # Disable JVM heap memory swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # Set min and max JVM heap sizes to at least 50% of system RAM
      - OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_INITIAL_ADMIN_PASSWORD}    # Sets the demo admin user password when using demo configuration, required for OpenSearch 2.12 and later
    ulimits:
      memlock:
        soft: -1 # Set memlock to unlimited (no soft or hard limit)
        hard: -1
      nofile:
        soft: 65536 # Maximum number of open files for the opensearch user - set to at least 65536
        hard: 65536
    volumes:
      - opensearch-data1:/usr/share/opensearch/data # Creates volume called opensearch-data1 and mounts it to the container
      #- ./certs/:/usr/share/opensearch/config/certs/
      #- ./opensearch.yml:/usr/share/opensearch/config/opensearch.yml
    ports:
      - 9200:9200 # REST API
      - 9600:9600 # Performance Analyzer
    networks:
      - proxy # All of the containers will join the same Docker bridge network
      - vectordb

  opensearch-node2:
    image: opensearchproject/opensearch:latest # This should be the same image used for opensearch-node1 to avoid issues
    container_name: opensearch-node2
    environment:
      - cluster.name=opensearch-cluster
      - node.name=opensearch-node2
      - discovery.seed_hosts=opensearch-node1,opensearch-node2
      - cluster.initial_cluster_manager_nodes=opensearch-node1,opensearch-node2
      - bootstrap.memory_lock=true
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
      - OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_INITIAL_ADMIN_PASSWORD}
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - opensearch-data2:/usr/share/opensearch/data
      #- ./certs/:/usr/share/opensearch/config/certs/
      #- ./opensearch.yml:/usr/share/opensearch/config/opensearch.yml

    networks:
      - proxy
      - vectordb

  opensearch-dashboards:
    image: opensearchproject/opensearch-dashboards:latest # Make sure the version of opensearch-dashboards matches the version of opensearch installed on other nodes
    container_name: opensearch-dashboards
    ports:
      - 5601:5601 # Map host port 5601 to container port 5601
    expose:
      - "5601" # Expose port 5601 for web access to OpenSearch Dashboards
    environment:
      OPENSEARCH_HOSTS: '["https://opensearch-node1:9200","https://opensearch-node2:9200"]' # Define the OpenSearch nodes that OpenSearch Dashboards will query
    networks:
      - proxy
    labels:
      - traefik.enable=true
      - traefik.http.routers.opensearch-dashboards.rule=Host(`opensearch.${DOMAINNAME}`)
      - traefik.http.routers.opensearch-dashboards.entrypoints=websecure
      - traefik.http.routers.opensearch-dashboards.tls=true
      - traefik.http.routers.opensearch-dashboards.tls.certresolver=letsencrypt
      - traefik.http.services.opensearch-dashboards.loadbalancer.server.port=5601
      - traefik.docker.network=proxy

volumes:
  opensearch-data1:
  opensearch-data2:

networks:
  proxy:
    external: true
  vectordb:
    external: true

Btw, here is my Python code to try to connect to my opensearch instances:

import os
from dotenv import load_dotenv, find_dotenv
from opensearchpy import OpenSearch

_ = load_dotenv(find_dotenv())
OPENSEARCH_USER = os.getenv("OPENSEARCH_USER")
OPENSEARCH_PWD = os.getenv("OPENSEARCH_PWD")

host = [{'host': 'opensearch-node1', 'port': 9200}, 
        {'host': 'opensearch-node2', 'port': 9200}]

auth = (OPENSEARCH_USER, OPENSEARCH_PWD)

aos_client = OpenSearch(
    hosts=host,
    http_compress=True,
    http_auth=auth,
    use_ssl=True,
    verify_certs=False,
    ssl_assert_hostname='https://opensearch.${DOMAINNAME}/',
    ssl_show_warn=False, # don't show warnings about ssl certs verification
)
aos_client.info()

but when it comes to register an openai model to Opensearch, I'm quite confused on how to connect to REST API adly

from opensearch_py_ml.ml_commons import MLCommonClient
ml_client = MLCommonClient(aos_client)

and then I don't know to translate this part into python client code?

# Reference: https://opensearch.org/docs/latest/ml-commons-plugin/remote-models/index/

POST /_plugins/_ml/connectors/_create
{
    "name": "OpenAI Chat Connector",
    "description": "The connector to public OpenAI model service for GPT 3.5",
    "version": 1,
    "protocol": "http",
    "parameters": {
        "endpoint": "api.openai.com",
        "model": "gpt-3.5-turbo"
    },
    "credential": {
        "openAI_key": "..."
    },
    "actions": [
        {
            "action_type": "predict",
            "method": "POST",
            "url": "https://${parameters.endpoint}/v1/chat/completions",
            "headers": {
                "Authorization": "Bearer ${credential.openAI_key}"
            },
            "request_body": "{ \"model\": \"${parameters.model}\", \"messages\": ${parameters.messages} }"
        }
    ]
}

Thanks.

Describe the solution you'd like

Don't know access REST API for opensearch nodes setup with Traefik?

dblock commented 1 month ago

Moving this to the devops repo. I recommend asking on the public slack first.