Elasticsearch on Kubernetes: A New Chapter Begins

20 May 2019

Contact information

Deborah Wiltshire

Elastic Corporate Communications

KubeCon, BARCELONA, Spain - 20 May 2019 -

Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack, announced Elastic Cloud on Kubernetes (ECK), a new orchestration product based on the Kubernetes Operator pattern that lets users provision, manage, and operate Elasticsearch clusters on Kubernetes.

Over the past few years, Kubernetes has emerged as the de facto standard for orchestrating containers and applications running in them. The trend is no different in the Elasticsearch community. Elastic Cloud on Kubernetes delivers on Elastic's promise to be where their users are, providing users with the best possible solutions to deploy and operate Elastic products on their platform of choice.

From releasing official Docker images for Elasticsearch and Kibana to modifying Beats to collect logs and metrics from the ephemeral pods and daemonsets, Elastic's journey with Kubernetes goes way, way back. Last December, Elastic doubled down on this commitment by joining the CNCF and launching Helm Charts. ECK is a natural next step — albeit a big one — in Elastic's commitment to making it easier for users to deploy and operate Elastic products and solutions in Kubernetes environments.

An Elasticsearch Operator, but so much more

Built on the Kubernetes Operator pattern, ECK installs into a Kubernetes cluster and goes beyond just simplifying the task of deploying Elasticsearch and Kibana on Kubernetes. It focuses on streamlining all those critical Elasticsearch operations, such as:

  • Managing and monitoring multiple clusters
  • Upgrading to new stack versions with ease
  • Scaling cluster capacity up and down
  • Changing cluster configuration
  • Dynamically scaling local storage (ECK includes Elastic Local Volume, a local storage driver)
  • Scheduling backups

But ECK is much more than a Kubernetes Operator. In addition to automating all the operational and cluster administration tasks, it focuses on streamlining the entire Elastic Stack on Kubernetes experience. The vision for ECK is to provide an official way to orchestrate Elasticsearch on Kubernetes and provide a SaaS-like experience for Elastic products and solutions on Kubernetes.

Secure by default

All Elasticsearch clusters launched on ECK are secure by default, which means they have encryption enabled and are protected with a strong default password right at creation time. This experience aligns with what users get when using Elasticsearch Service on Elastic Cloud.

Providing this secure-by-default experience in a seamless way was no easy feat. Read about the latest security changes made on the Elastic Stack side to make this possible. TL;DR: Starting with version 6.8 and 7.1, core Elasticsearch security features — TLS encryption, role-based access control, and file and native authentication — are now free.

More free features: Canvas, Maps, Uptime, oh my

All clusters deployed via ECK include powerful free features and capabilities such as frozen indices for dense storage, Kibana Spaces, Canvas, Elastic Maps, and more. You can even monitor Kubernetes logs and infrastructure using Elastic Logs and Elastic Infrastructure apps. It's the fully featured Elastic Stack experience on Kubernetes that's only available from Elastic.

Deploy hot-warm-cold and custom topologies

Hot-warm-cold is a powerful Elasticsearch cluster topology for logging, metrics, and other time series use cases. It's a common architectural pattern to balance long-term storage and performance needs without breaking the bank. With ECK, users can deploy hot-warm-cold clusters on Kubernetes, and then easily configure data lifecycle policies using index lifecycle management (ILM) to move data between node tiers as it ages.

There's no compression algorithm for experience

When it comes to deploying software, day 1 is easy. Day 2 not so much. A lot goes into streamlining the operation of a stateful system like Elasticsearch in a dynamic orchestration framework like Kubernetes. How do you provide persistent local storage that can dynamically scale? Elastic is building Elastic Local Volume, an integrated storage driver for Kubernetes, right into ECK. Best practices like draining a node prior to scaling down, rebalancing shards as you scale up, and many more, are baked right in.

Elastic Cloud on Kubernetes builds on Elastic's years of operational knowledge as the creators of Elasticsearch and Elastic Cloud Enterprise, and operators of the Elastic Elasticsearch Service, Elastic's SaaS service available on AWS and GCP. Elastic has encoded all that operational experience into how Elasticsearch and Kibana deployments are orchestrated and operated within Kubernetes.

From ensuring no data loss on configuration changes to zero downtime when scaling, Elastic left no operational stone unturned when building ECK.

Forever free tier

Since the early days of Elasticsearch, Elastic's goal has always been to provide new users with a rich getting started experience by packing a lot of powerful features into the free, default distribution. ECK is no different.

The default distribution of ECK is forever free. In the spirit of openness and transparency, Elastic has also made all the source code for ECK publicly viewable, licensed under the Elastic License, in the Elastic cloud-on-k8s GitHub repository.

An Enterprise (paid) subscription enables additional features, including the ability to deploy clusters with advanced features such as field- and document-level access control, machine learning, graph analytics, and more. In the future, the Enterprise subscription will also unlock additional advanced orchestration features.

Official GKE support, with more on the way

This initial alpha launch of ECK supports Google Kubernetes Engine (GKE) and vanilla Kubernetes version 1.11 and above. ECK is also available via the Future versions will continue to expand support to other flavors of Kubernetes. Many customers also want to take advantage of Elasticsearch on managed Kubernetes running in an on-premise environment such as GKE On-Prem. ECK takes care of this with a reliable and consistent way to run and manage Elasticsearch clusters at scale.

Google Cloud

"Many Google Kubernetes Engine users deploy Elasticsearch and need an easy and reliable way to run, manage and secure their Elastic clusters at scale, and ECK helps customers do that. Google's commitment to open source since our founding along with our track record of contributing to and supporting the broader community sets us apart. Having collaborated with Elastic we are excited to see the benefits our GKE customers will experience."

--- Aparna Sinha, Director, Product Management for Kubernetes and Anthos

Red Hat

"Having the Elastic Cloud on Kubernetes Operator available on allows developers and Kubernetes administrators access to a curated solution from Elastic. We look forward to working to bring innovative features and capabilities to the Kubernetes community with Elastic."

--- Julio Tapia, director, Cloud Platforms Partners Ecosystem, Red Hat

Additional information

Visit the download page for more information

About Elastic

Elastic is a search company. As the creators of the Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash), Elastic builds self-managed and SaaS offerings that make data usable in real time and at scale for use cases like application search, site search, enterprise search, logging, APM, metrics, security, business analytics, and many more.

Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.