It will be interesting to see if this is enough to retain the majority of the userbase or if we'll still see a majority migrate to the 'Open Distro' fork.
1) Amazon did not actually fork elasticsearch or maintains any patches against it.
2) Elasticsearch does in fact provide completely OSS distributions and docker images for their products.
3) Amazon has created several OSS plugins for Elasticsearch that they bundle with their open distro that compete directly with what Elasticsearch does in their non OSS add-ons to their product.
So, obviously Elasticsearch is responding to Amazon by ensuring there's little functional gap with the stuff you get for free.
I'd argue most new users are still better off on elastic cloud vs amazon's hosted version of their distro and should not be attempting to run this themselves. I've used both and would pick elastic cloud every time for the simple reason of being more reliable and easy to deal with (e.g. backups, upgrades, cluster topology changes, etc.). Also, it seems they are quite competitive on price/performance.
For reference, we pay about 170 Euro a month for a simple setup that takes care of all our logging (couple of GB worth of logs / day). I'd hate running blind without that. IMHO at those prices, self hosting is not worth the effort (devops time required to do it would pay for several years of hosting).
It seems that they are hiding that info and it really locks you into only doing customizations that the docker image is directly built for.
I also don't like to pull images blindly. I generally fork the dockerfile source so that I can build the software from source and have a bit more control and knowledge of what I am installing.
Some background here:
https://devclass.com/2019/03/12/aws-launches-elasticsearch-d...
I'm interested to see what Elastics next move will be.
grabs popcorn
IMO, it doesn't seem like a near-term risk, but could Elastic ever change its basic license so it costs money for everyone?
https://news.ycombinator.com/item?id=16487440
Summary -- vague use of the word 'open' and exclusive use of free in the beer sense, led to some significant angst about what this means for end users.
I know it’s not all 100% open source, but it’s better than a nginx reverse proxy hack or similar.
Thank you Elastic for continuing to create fantastic software.
We're a really happy ES customer. We've on ESv6 at the moment and it's been running amazingly for us. We've halved our storage and running costs by moving from 5 to 6.
We've always been a licensed customer and they are in front of AWS with their features (we run our k8s stack on AWS though :) )
The soft limit is currently at 1000 shards per node, but you should be aiming at 25-50GB of data per shard.
Is this a very rushed reaction to it? Or is this related? I would really love to have a clarification of what's happening in that space.
It turned out that with the open core and premium-service models, the original company might not be the only one providing paid services or development. Which was a bit of a surprise to those original devs.
https://github.com/opendistro-for-elasticsearch/security
which has feature parity with the free version elastic just released afaict.
The conclusion that I've reached is that the whole lucene model for logs is kind of outdated. Why am I tuning Java GC params to run "grep foo /logs". I think computers today can do fine with sharded flat files, a minimal index ("which node contains logs from pod foo-2387438-2384738 at 12:34AM"), and then just scale horizontally over (log messages, searches).
I hope my friends over at Tailscale are doing that and I can just move off ES entirely ;)
It's irresponsible to charge for features such as transport security, in my opinion.
Want to charge for enterprise auditing, federation, reporting and granular access control? Fine, go right ahead. But withholding basic security features like transport security and basic access control that should be core leaves a bad taste in my mouth.
How many unsecured Elasticsearch servers have been popped, leading to data breaches as a direct result of this decision?
They could be using Elasticsearch for a side project. IMO, open source projects should not be unsecured.
Roles, okay. Not TLS.
Security should almost always be a baseline requirement before something goes up for public sale.
TLS isn't like say, LDAP integration. One of those is a fancy enterprise feature you can totally charge for (and probably should), and one of those is a basic critical feature.
It would be unethical to charge $400/year to properly store user passwords as hashed instead of plaintext, wouldn't it?
Paired with an OpenResty reverse proxy I was able to set up a reasonably secure cluster back when X-Pack was prohibitively expensive and the AWS offering wasn't under their BAA.
Big thanks to that team of contributors!
