Technical FAQedit

This frequently-asked-questions list answers some of your more common questions about configuring Elasticsearch Service.

  • Can I implement a Hot-Warm architecture?
  • Can I run tribe nodes or cross-cluster search?
  • What about dedicated master nodes?
  • Can I use a Custom SSL certificate?
  • Do you support VPC peering to Elasticsearch Service?
  • Can Elasticsearch Service autoscale?
  • Do you support IP sniffing?
  • Does Elasticsearch Service support encryption at rest?
  • Why is the Nodes count option greyed out on my deployment Edit page?

    Can I implement a hot-warm architecture?
    hot-warm architecture refers to an Elasticsearch setup for larger time-data analytics use cases with two different types of nodes, hot and warm. Elasticsearch Service supports creating your own hot-warm architecture through a ready-made hardware profile that you can configure for your own use case.
    Can I run tribe nodes or cross-cluster search?
    Tribe nodes act as federated clients across multiple clusters, meaning they can issue read and write operations against the nodes in all clusters. Cross-cluster search allows any node to act as a federated client across multiple clusters, without joining those clusters as a node. Elasticsearch Service supports cross-cluster search, which is our newer feature and preferred over tribe nodes.
    What about dedicated master nodes?
    Master nodes are responsible for cluster-wide actions, such as creating or deleting an index, tracking which nodes are part of the cluster, and deciding which shards to allocate to which nodes. Elasticsearch Service supports dedicated master nodes through our hardware profiles.
    Can I use a Custom SSL certificate?
    We don’t support custom SSL certificates, which means that a custom CNAME for an Elasticsearch Service endpoint such as mycluster.mycompanyname.com also is not supported.
    Do you support VPC peering to Elasticsearch Service?
    VPC peering is a type of connection between virtual private networks that is used to route network traffic. We support secure peering using AWS Private Link. To run Elasticsearch Service in a dedicated VPC with a secure connection from your environment, use the Elasticsearch Service Private subscription. For more information, see Set up Elasticsearch Service Private.
    Can Elasticsearch Service autoscale?

    We don’t support autoscaling, but it is extremely easy for you to scale your Elasticsearch cluster via the Elasticsearch Service Console without interrupting the availability of your cluster. It’s as easy as moving a slider and saving your changes.

    True autoscaling would require a fairly close analysis of the load on your cluster and would have to be performed preemptively, before your cluster is loaded up, so as to allow time for the new nodes to be operational before they can help reduce load or request times. Clusters scaling up automatically could also negatively affect your billing. We don’t want you to receive an unexpectedly large bill for a cluster that got scaled up automatically without your consent.

    Do you support IP sniffing?
    IP sniffing is not supported by design and will not return the expected results. We prevent IP sniffing from returning the expected results to improve the security of our underlying Elasticsearch Service infrastructure.
    Does Elasticsearch Service support encryption at rest?
    Yes, encryption at rest (EAR) is enabled in Elasticsearch Service by default. We support EAR for both the data stored in your clusters and the snapshots we take for backup, on all cloud platforms and across all regions.
    Why is the Nodes count option greyed out on my deployment Edit page?
    To increase the number of nodes assigned to an instance configuration you must first scale up to the maximum RAM for that instance type. For example, if the maximum value on the RAM per Node slider for your Elasticsearch data node is 64GB, you need to scale up to that value before you can add additional nodes. Vertical scaling (increasing the JVM heap size) is preferred over horizontal scaling (adding more nodes) to benefit the performance of your deployment.