Existing Elasticsearch and transport protocol

(from github.com/hilt86)
Hi @marevol ,

I have hit another roadblock in using an external / existing Elasticsearch cluster and that is the requirement for the FESS app to have access to the elasticsearch transport (typically port 9300).

My Elasticsearch cluster is on another network and as such opening up port 9300 would be undesirable and insecure (as far as I understand it needs x-pack to secure transport protocol).

When researching I also understand that the java transport client will be phased out as per https://www.elastic.co/guide/en/x-pack/current/java-clients.html

In summary is it correct to say that if we need to use an external / existing Elasticsearch cluster that our deployment options are limited to same layer2 network or a site-to-site vpn configuration that would protect the transport protocol?

(from github.com/marevol)
To use a secure protocol, see x-pack and fess-xpack or apply your options.