Open Distro for ElasticSearch is an Apache 2.0 licensed distribution of ElasticSearch enhanced with enterprise security, alerting, SQL way of querying ElasticSearch data and performance analyzer. Now with the appbase.io clusters you can host an open distro flavour of ElasticSearch.
You can select Open Distro as an ElasticSearch flavour while creating a cluster. For detailed information on how to create a cluster, you can check the Clusters docs.
Node-to-Node encryption and HTTP Basic authentication is enabled using the security features of Open Distro.
Audit Logging is enabled to track access to your ElasticSearch cluster and is useful for compliance purposes.
Once the cluster deployment is completed, you can configure other Open Distro / ElasticSearch options by updating ElasticSearch configurations.
For Open Distro clusters, the ElasticSearch configuration (think elasticsearch.yml) is implemented via Config Maps. To access the ElasticSearch configuration, go to the kubernetes Dashboard and open the Config Maps section.
You can then open the elasticsearch-config Config Map and add or edit any ElasticSearch configurations + configurations available via Open Distro
Once the configurations are updated successfully, you will have to manually restart the ElasticSearch pods from Kubernetes Dashboard. All the ElasticSearch pods have a
elasticsearch- prefix followed by the node number, e.g.
elasticsearch-1. You can delete these pods in sequence (i.e. delete a pod, wait for it to be spinned up with the new configuration, then delete the next one and so on..). Deleting a pod triggers re-deployment with the updated configurations.
Note: This will not cause any data loss. And doing the pod restarts in sequence will also ensure that your users don't see any issues with accessing the search service.