Elastic Corporate Communications
Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack, announces the release of version 2.2 of Elastic Cloud Enterprise (ECE). This release focuses on bringing many of the recent Elastic Stack features to ECE in a more native way and providing better security and user management capabilities in multitenant environments. Elastic Cloud Enterprise version 2.2 is immediately available for download at elastic.co.
Cross-Cluster Search UI
ECE makes it easy to centrally provision and manage many clusters, which simplifies the best practice of having a cluster per tenant or use case rather than large multitenant clusters. While this multi-cluster approach is clearly better for each user — they have their own environment that can be easily upgraded on their schedule, no noisy neighbor effects, etc. — there are often benefits to being able to look across multiple users and clusters.
To address this need for searching across clusters, ECE has included a dedicated cross-cluster search API since version 2.1. Version 2.2 takes this cross-cluster search (CCS) capability further by providing a slick UI to manage the CCS workflow as a native, first-class deployment template. The CCS UI lets users easily configure a CCS deployment that can search across several or even all of the deployments managed by ECE in a secure and efficient way. Once the CCS deployment is defined, ECE takes care of all the underlying plumbing to make sure your deployments are configured securely and efficiently for CCS.
Role-Based Access Control (Beta)
ECE has always made security a priority, from end-to-end encrypted communications to a wide array of supported authentication types for managed clusters.
ECE 2.2 takes this security-first approach to the next level, providing the ability to create users, audit their interactions with the platform, and assign them with predefined roles for more fine-grained control over access to the ECE environment.
Role-based access control is introduced as a beta feature in ECE 2.2 and supports one or more of the following pre-configured roles:
- Platform admin: the almighty superuser; identical permission to the admin user in previous ECE versions.
- Platform viewer: view-only permissions for the entire platform and hosted deployments; identical permissions to the read-only user in previous ECE versions.
- Deployments manager: allows users to create and manage deployments on the platform, but does not allow them to access any platform level operations and resources such as deployment templates, instance configurations, allocators, etc.
- Deployments viewer: allows users to view only deployments, without the ability to operate on them in any way.
In addition, users are also able to configure ECE to authenticate users against a SAML identity provider or an LDAP server, and map users in these user registries to the above roles.
The addition of role-based access control to ECE is another step in making ECE more secure. Future versions will include support for custom roles and the ability to define teams and segregate resources across these teams.
Integration with Index Lifecycle Management
In Elastic Stack version 6.7, Elastic introduced a much-awaited feature: index lifecycle management (ILM). With ILM, users can automate the management of indices over their lifetime, and automatically apply operations such as index relocation to a different node, force merging and shrinking an index, or deleting it at different phases in its lifecycle.
Previous versions of ECE baked a more rudimentary index curation functionality into the relevant deployment templates such as hot-warm. In version 2.2, new clusters now leverage the more sophisticated and feature-rich index lifecycle management provided by the Elastic Stack, and implement things like index shrinking, force merging, and even deletion.
Elasticsearch Keystore Support
Keystore is an Elasticsearch tool that allows users to securely store sensitive settings such as credentials for blob store repositories accessed from within Elasticsearch. These include AWS S3, Azure Blob Storage, and Google Cloud Storage.
With ECE 2.2, users now have API and UI access to create and store secure settings to an Elasticsearch keystore, and ECE makes sure that these settings are always available to cluster nodes, regardless of their location, which allows ECE users to configure various Elasticsearch plugins more securely.
All New Ansible Playbooks
One of the more common requests from ECE users was to be able to install and manage ECE installation with popular configuration management and infrastructure-as-code tools. ECE version 2.2 includes a number of Ansible playbooks to install and manage ECE more easily.
Ready for 7.0
ECE 2.2 is ready for the Elastic Stack version 7.0, which was also released today. Greenfield ECE 2.2 installations will include version 7.0 of the stack automatically, and ECE users who upgraded from earlier versions can simply add the 7.0 stack pack to their environment and upgrade their clusters to 7.0.
Another important improvement is that ECE 2.2 will support a rolling upgrading from 6.7 to 7.0, without incurring any downtime — a major version upgrade with zero downtime.
In addition to all the above, ECE 2.2 also includes several enhancements that improve scalability and usability:
- Performance and stability improvements due to more efficient use of ZooKeeper, which is the heart of the ECE distributed state and coordination layer. These improvements are achieved by significantly reducing the number of connections to ZooKeeper. Clusters from version 6.7 onwards will no longer connect directly to ZooKeeper for any purpose, effectively making the platform much more scalable.
- System clusters have been upgraded to version 6.6, which allows users to use the new infrastructure monitoring and logging apps in Kibana to monitor and view logs and metrics of ECE hosts and containers.
Elastic is a search company. As the creators of the Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash), Elastic builds self-managed and SaaS offerings that make data usable in real time and at scale for use cases like application search, site search, enterprise search, logging, APM, metrics, security, business analytics, and many more.
Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.