Elastic Cloud Enterprise 2.9.0

edit

Release highlights

edit

Introducing deployment autoscaling! New autoscaling support on Elastic Cloud Enterprise helps you to balance cost with efficient performance by adjusting the resources available to your deployments automatically. This reduces the need for you to adjust capacity manually as requirements and loads change over time. In this initial release, data tiers can scale up automatically in response to past and present storage usage, and machine learning nodes can scale both up and down based on memory requirements for the current jobs. Check Deployment autoscaling.

Added support for cross-cluster search (CCS) and replication (CCR) across ECE environments. Break down data silos by searching across remote clusters regardless of where they are deployed. Increase data redundancy by storing copies of your data with CCR to ensure, in the event of a regional failure, a secondary, remote cluster can be used as a hot backup. Reduce search latency by storing copies of your data in a location nearer to the user. Check Enable cross-cluster search and cross-cluster replication.

Add an optional warm and cold tier in all 3+1 deployments. All built-in system-owned deployment templates have been extended to include an optional warm and cold data tier. You can now enable a warm tier on any type of deployment, and for deployments on Elastic Stack version 7.10 and higher, you can take advantage of snapshot-backed indices in a dedicated cold data tier and store much more data at the same cost. Check Data tiers.

Features

edit

Unhide deployment aliases fields from Deployments API. Deployment field alias added to support user-friendly URLs for deployment resources.

Log delivery health status. Callout section lists all observability health issues for a deployment.

Add data tiers to UI. Data tiers and their associated Elasticsearch node.roles are now supported in the UI.

Add Elasticsearch’s searchable snapshots partial cache settings to whitelist. Allows searchable snapshots partial storage settings to be configured when creating new deployments.

Change AdminConsole API to include internal details and failure type within info_log. The logs generated from a plan change now contain more details. This helps you debug problems and understand why a plan may have failed. Three new attributes are now included in the step logs:

  • details: Contains details about a step failure, visible to all console users.
  • internal_details: Contains sensitive details about the step failure, visible only to admin console users.
  • failure_type: Describes the type of failure that occurred.

Add Copy ID link to the application links. Adds a Copy ID link to the deployment overview. This helps you get the application ID’s required for CCS/CCR.

Add prices app to the billing service. Adds prices application to the billing service to expose the /v1/prices/adjustment?domain=<domain-id> endpoint as a REST API. The API validates that domain-id is one of types.adjustements fields (currently "aws", "azure", "gcp", "found") and will always return the current adjustment.

Enhancements

edit

Allow Kibana CORS settings on Cloud. Cloud adds cross-origin resource sharing support for Kibana with the following settings:

  • server.cors.enabled - Set to true to allow cross-origin API calls. Default: false.
  • server.cors.allowCredentials - Set to true to allow browser code to access response body whenever request performed with user credentials. Default: false.
  • server.cors.allowOrigin - List of origins permitted to access resources. You must specify - server.cors.allowOrigin when server.cors.allowCredentials: true. Default: ["*"]

Adds the response body copy time to the proxy logs. Adds a new field backend_repsonse_body_time to proxy request logs that indicates the amount of time taken to stream the response body from the upstream application to the calling client.

Adds handling zone to the proxy logs. Adds a new field handling_zone to proxy request logs that indicates the destination zone of a proxied request.

Remove subscription from user menu. The subscription level badge is removed from the user menu. Users should navigate to Account & Billing to view their subscription level.

Log cluster changes. Improved logging for allocation requests caused by cluster data changes.

GCM: Filter resources by name when pulling. Adds the ability for GCM to pull resources filtered by name.

Add Enterprise Search crawler.log (logs+metrics delivery). crawler.log is a new type of log, introduced as part of the App Search Web Crawler Beta, released with version 7.11.0.

Add externalLinks to AllocatorInfo. Adds an externalLinks attribute to allocators, which allows you to adding links to external resources like Kibana dashboards with allocator’s metrics.

Whitelist the vis_type_table.legacyVisEnabled Kibana setting. Adds new data table setting vis_type_table.legacyVisEnabled to allow list. This setting can be used to switch to the legacy data table.

GovCloud Registration page. Allow GovCloud users to self-service registration.

Start using Metricbeat for monitoring in 7.6+ clusters. For 7.6+ deployments, monitoring will now be implemented using Metricbeat, since legacy collection monitoring is deprecated and planned for removal. Any deployment update on a monitored 7.6+ deployment will undergo a one-time rolling plan change to transition the deployment to Metricbeat-based monitoring.

Improve logging on EnsureRepository. Improves error reporting for some failures that can occur when creating snapshot repositories.

Disable internal collection when Metricbeat is enabled. Optimizes Metricbeat monitoring by disabling legacy monitoring collection in Elasticsearch, Kibana, and APM when Metricbeat is in use.

Prevent plans terminating and creating resources of the same kind. Adds a validation to check that resources of the same kind are not terminated and added in a single plan. This can happen if the refId of a resource is changed, which would cause issues.

Respect Kibana authc.selector user preferences. When configuring Kibana in a deployment, users are now able to set xpack.security.authc.selector.enabled: false without it being overwritten by internal Cloud SSO settings.

Do not remove zero sized tiers from create request. Adds zero sized tiers to create request for the data tiers project. This addition is also required to create a deployment with autoscaling, as autoscaling requires all tiers to be submitted for requests.

Add Workplace Search thumbnail enable/disable config. Adds a workplace_search.content_source.sync.thumbnails.enabled configuration for Enterprise Search, which determines whether or not thumbnails will be generated for synced documents.

Add information about SAML API to SAML guide. Support for stack version 7.11 includes a new SAML API.

Send an email on GCP paused/ended unsubscribe events. - GCP Marketplace customers are now emailed after disconnecting a project with the list of deployments that will be terminated if they don’t reconnect the project. The email includes the timestamp when deployment termination will occur. The grace period for GCP Marketplace customers after disconnecting a project was reduced from 14 days in the case of unsubscribe and 31 days in the case of deletion, to 5 days in both cases. After this grace period elapses, customer deployments will be terminated, though snapshots remain for 30 days.

Turn on marketplace toggle always. Allows users to get both marketplace and non-marketplace prices for AWS on the public facing pricing page.

Enable subscription self-serve for AWS Marketplace users. Allows AWS Marketplace users to self-select their billing subscription level.

Change user settings validation to validate objects as a whole. Adds validation rules for user settings to require the order setting when specifying a custom realm through user settings for Elasticsearch clusters on version 8.0 or higher.

Stop leaking exception details to users. Plan failures shown in the user console no longer include root cause exception details in messages.

Add server.publicBaseUrl to Kibana settings allowlist. Users may now set the server.publicBaseUrl in their Kibana settings. Customers who access Kibana from a custom URL using a reverse proxy can now properly configure Kibana alerts and other features that link back to Kibana.

Bug fixes

edit

Fix no Kibana upgrade. Fixes a bug where a disabled or terminated Kibana would not allow users to upgrade their deployment version.

Fix company info validation. Fixes a bug that was improperly validating users input when they were updating their credit card information.

Fix action after enabling monitoring, clear selected deployment. Fixes an issue while enabling logs and metrics on a deployment. User sees the Enable button before the status flips to pending and shows the new monitoring deployment.

Re-enable allocations when major version upgrade fails. Re-enables allocations by setting them back to all after a (rolling) major version upgrade fails. Allocations are also set to primaries and not none before rolling an instance, as recommended by Elasticsearch.

Fix partial upgrade bug. Fixes a bug that would restrict some users from continuing with a failed upgrade.

Fix Kibana metrics link errors. Fixes errors that are shown in Kibana when following metrics links from logs and metrics UI.

Azure proxy protocol test. The Azure health check fails when it sets a proxy protocol, because the library we use does not allow UNSPEC when the command is LOCAL, which is incorrect.

According to the Proxy protocol, when the command is LOCAL the transport should be UNSPEC. We don’t enforce this as AWS sends LOCAL and TCPv4 as the transport.

Updating disk notifications toggle to reflect default setting. Fixes the default UI setting for disk notifications.

chmod user bundles after unpacking them. User bundles with read-only files/folders will no longer cause nodes to boot loop on restart.

Fix "See required changes" link. Fixes an inactive button in the Change my subscription modal.

Fix stuck allocator task scheduler. Fixes the issue with duplicated ticks and leader latches in ClusterTaskScheduler by introducing a scheduler with a single fixed tick loop.

Make some ES domain fields optional. Fixes a bug that would sometimes cause plans to fail during the Migrating shard data step.

Revert "Only display cloud-snapshot". Fixes a bug where we were only showing certain snapshots in the UI, sometimes causing an inconsistent message with the snapshots that actually exist in the cluster.

Handle terminated deployments and missing templates on Edit screen. Editing terminated or certain system deployments should no longer throw an error.

Keep legacy exporter enabled when monitoring with Metricbeat. Fixes a bug where legacy collection monitoring of externally deployed services (for example Logstash) is disabled when Metricbeat monitoring is enabled in Cloud. Fixes a bug where monitoring index retention was not being enforced when self-monitoring is enabled. Fixes a bug where restoring a snapshot into a new deployment with cluster state can restore broken monitoring settings that require manual Elasticsearch settings changes.

Apply correct timestamps to downloaded bundles. Fixes a bug that could cause instances to bootloop during rolling plans if a cluster is configured with user bundles.

Use recommended JVM heap allocation for dedicated masters. Fixes an issue where dedicated masters can OOM due to over-allocated heap size.

Use smaller Elasticsearch heap when Filebeat and Metricbeat are running. Fixes a bug where, when logs and metrics are enabled on Elasticsearch clusters, small, master-only, instances and tiebreaker instances have memory swapping issues.

The "Optimize cluster settings" step respects failsafe setting. Some plans could fail if ML node was down, even if the force flag (failsafe setting) was set. This change lets plans continue even if the Optimize ML Cluster settings step fails and if the failsafe flag is set.

Strip hop by headers from the response. Strips hop by hop headers from the response, and enhances the removal of hop by hop headers from both request and response by also removing any header specified in the Connection header.

Log metrics UI errors, Kibana and 24 hour logs. - Fixes error messages for logs and metrics screen. Fixes issue where 24 hour logs do not show when logs monitoring is not enabled. Fixes error when there is no Kibana option.

Regression fix: set initial_master_nodes during single-master cluster upgrades. Prevents permanent loss of quorum when doing a rolling upgrade 6.x ⇒ 7.x on clusters with a single master eligible instance.

Fix template sorting so the default template is first on ECE. Fixes sorting of templates so that the default template is preselected instead of cross-cluster search.

Hide shadow realm users from /api/v1/users results. As part of Cloud SSO to Kibana and Enterprise Search, ECE creates "shadow" native realm users for every user that logs in to ECE. As of ECE 2.9, these users are now hidden from the Native Users list and /api/v1/users API results.

Use disk queue in Metricbeat. Fixes issues on dedicated master instances version 7.6+ using the monitoring feature where memory pressure is elevated and GC are more frequent on the elected master by using Metricbeat’s disk queue.

Add voting exclusion for instances losing master role. Fixes a variety of edge cases that could lead to cluster quorum loss on 7.x+ clusters, such as running a plan that switches from multiple master nodes to a single master node.

Set min_doc_count to 0 for derivative aggregation to work. Fixes "GC Overhead Per Node" metric in Performance tab in console.

Remove _type specifier in console request metrics query. Fixes a bug where user console metrics would not show the request metrics.

Enable AttemptClusterStabilisation feature flag. Running a plan in which some instances are mutated will now first (re-)start any other instances that are not running. This mitigates the risk of losing cluster quorum during certain plans (such as adding dedicated masters) when the cluster is in an abnormal state.

Get rid of nested retry loop. Cluster creation plans which fail will now fail faster instead of hanging during the rollback-migrate step.

Avoid chown of home dir when log delivery enabled. Fixes a bug where Kibana can take a long time to start when log delivery is enabled.

Clear (don’t set) initial-master-nodes if cluster already bootstrapped. Clusters will no longer end up in a split brain if masters are added while all other masters are currently offline.

Use lowest cluster version for voting exclusions API check. Fixes a bug that would sometimes cause Elasticsearch major version upgrades 6.x ⇒ 7.x to fail.

Split vacate modals. Fixes a bug where using the "Move instance (node)" menu item for Elasticsearch instances on the Deployment Overview page would’ve moved all Elasticsearch instances for the cluster from the allocator for the instance you were trying to move, as opposed to just the instance you were trying to move.

Fix the user menu hover and focus states. Fixes visual bugs in the user menu. The buttons were not the full width of their parent, and the focus state was emphasizing that issue. Also, the moon icon had the wrong colour.

Add back 24 hr logs viewer. Add back 24 hr logs view when Logs and Metrics is not enabled.

Change node type default in API. Changes the default values documented in the API for node types. The node types data, master, ingest, and ml default to false when they are not specified.

Deprecations

edit

Deprecate field ccs inside ElasticsearchClusterInfo. Version 3.0.0 will include the following breaking change: The field ccs in no.found.adminconsole.api.v1.routes.clusters.info.ElasticsearchClusterInfo has been deprecated and will no longer be supported in version 3.0.0. This field was used to obtain information about the remote clusters of an Elasticsearch cluster. As a replacement, there is now a specific endpoint that should be used to retrieve information about the remote clusters: GET /api/v1/deployments/{deployment_id}/elasticsearch/{ref_id}/remote-clusters This change is needed in order to support configuration of remote clusters through Kibana and the Elasticsearch API directly.

Deprecate automatic handling of Cross-Origin Resource Sharing (CORS) requests by the ECE proxy. ECE 3.x will rely on Elastic Stack to handle CORS requests. For more information, check Configure Cross-Origin Resource Sharing (CORS).

Update workplace search config version to 7.12. The following configs are deprecated and will be removed in version "8.0.0":

  • workplace_search.custom_api_source.document_size.limit
  • workplace_search.custom_api_source.total_fields.limit

Use the following configs instead:

  • workplace_search.content_source.document_size.limit
  • workplace_search.content_source.total_fields.limit

Add workplace search content source limit configs. The following configs are deprecated and will be removed in version "8.0.0":

  • workplace_search.custom_api_source.document_size.limit
  • workplace_search.custom_api_source.total_fields.limit

Use the following configs instead:

  • workplace_search.content_source.document_size.limit
  • workplace_search.content_source.total_fields.limit

Remove support for container start options. Removes support for container_start_options in infrastructure containers. Going forward, any provided container_start_options will be ignored.

Update restrictions for transport clients. Adds a note that the transport client is deprecated and will be removed in 8.0.

Docs

edit

Remove basicAuth as a supported auth type from the ESS public API spec. Updated API documentation to remove Basic Authentication from supported authentication mechanisms for Elastic Cloud.

Add information about SAML API to SAML guide. Support for stack version 7.11 includes a new SAML API.

Update restrictions for transport clients. Adds a note that the transport client is deprecated and will be removed in 8.0.

Add a deprecation note to the route class. We deprecate ip-filtering API endpoints, use their traffic-filter counterparts. The ip-filtering endpoints were introduced during IP filtering beta and we replaced them with traffic-filter endpoints (CRUD, Associations) for traffic filter general availability.

The ip-filtering endpoints will be removed in a future version.