Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FEATURE] Add support for OpenSearch Serverless #259

Closed
Tracked by #44
dblock opened this issue Jan 3, 2023 · 6 comments · Fixed by #268
Closed
Tracked by #44

[FEATURE] Add support for OpenSearch Serverless #259

dblock opened this issue Jan 3, 2023 · 6 comments · Fixed by #268
Labels
enhancement New feature or request

Comments

@dblock
Copy link
Member

dblock commented Jan 3, 2023

Is your feature request related to a problem?

  • OpenSearch serverless service identifier changes from es to aoss
  • Sigv4 requires a hash

What solution would you like?

Document support for OpenSearch Serverless in the compatibility matrix, add integration tests.

Do you have any additional context?

Coming from opensearch-project/opensearch-clients#44

@wbeckler
Copy link
Contributor

wbeckler commented Jan 6, 2023

I modified the issue to delay addressing the API incompatibilities

@wbeckler
Copy link
Contributor

wbeckler commented Jan 6, 2023

This is doable today with the following invocation style:

from opensearchpy import OpenSearch, RequestsHttpConnection
from requests_aws4auth import AWS4Auth
import boto3

host = '' # The collection endpoint without https://. For example, 07tjusf2h91cunochc.us-east-1.aoss.amazonaws.com
region = '' # e.g. us-east-1

service = 'aoss'
credentials = boto3.Session().get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)

# Build the OpenSearch client
client = OpenSearch(
    hosts = [{'host': host, 'port': 443}],
    http_auth = awsauth,
    use_ssl = True,
    verify_certs = True,
    connection_class = RequestsHttpConnection
)

# Create an index
index_name = 'my-index'
index_body = {
    "mappings": {
        "properties": {
            "title": {"type": "text"},
            "director": {"type": "text"},
            "year": {"type": "integer"}
        }
    }
}
response = client.indices.create(index_name, body=index_body)
print('\nCreating index:')
print(response)

The question is, is it better to incorporate this logic into AWSV4SignerAuth? The downside is that it would make something opaque and magical that is relatively straightforward.

@wbeckler
Copy link
Contributor

wbeckler commented Jan 6, 2023

@dblock thoughts?

@wbeckler wbeckler removed the untriaged Need triage label Jan 6, 2023
@wbeckler
Copy link
Contributor

wbeckler commented Jan 6, 2023

Also, what's a good strategy for doing an integration test for this?

@wbeckler
Copy link
Contributor

wbeckler commented Jan 6, 2023

And, is it possible that someone could make it unnecessary to specify a service name and that the client would try aoss and es and it would find one that works?

@dblock
Copy link
Member Author

dblock commented Jan 8, 2023

I think the code that a developer has to write to talk to Managed OpenSearch should be identical to OpenSearch Serverless minus the service name. This looks like a good current workaround, but I definitely think we want to expose service name in AWSV4SignerAuth. I certainly agree that we don't want anything magical like the client trying aoss vs. es, especially because it would hide failing HTTP requests - let the caller specify.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants