Elastic 2.7.0-6.8.1
Upgrades
-
Upgraded Elasticsearch and Kibana to 6.8.1. This Elasticsearch version requires that nodes communicate through TLS if X-Pack Security is enabled. We made it so that when
elasticsearch.xpack_security_enabled
is set totrue
the scheduler will provision TLS artifacts and configure nodes to only accept TLS connections for both transport and HTTP mechanisms, similar to what one would get by settingservice.security.transport_encryption.enabled
totrue
. (#12) -
Upgraded SDK version from
0.55.4
to0.56.2
.Please take a look at the following SDK change logs for more information:
Changes: (#34)
-
Replaced Oracle JRE (jre-8u192) with newer OpenJDK (openjdk-jre-8u212b03). (#3060)
New Features
-
Added support for Elasticsearch plugin installation via proxy. New settings are:
elasticsearch.plugin_http_proxy_host
elasticsearch.plugin_http_proxy_port
elasticsearch.plugin_https_proxy_host
elasticsearch.plugin_https_proxy_port
Changes: (#4)
-
Added custom domain support for Elastic. New setting is
service.security.custom_domain
. This custom domain is used in place of the defaultautoip.dcos.thisdcos.directory
. This can be used to expose the service securely outside of the cluster, but requires setting up external DNS. Check this documentation page for more information. (#9) -
Made it possible to scale down the amount of coordinator nodes. (#15)
-
Added custom YAML configuration support to Kibana. New setting is:
kibana.custom_kibana_yml
(#14) -
Added plugin installation support for Kibana. New setting is:
kibana.plugins
(#16) -
Added volume profile support. New settings are:
master_nodes.volume_profile
data_nodes.volume_profile
ingest_nodes.volume_profile
coordinator_nodes.volume_profile
Check the Storage Service documentation for more details. (#18)
-
Added placement constraints capability to Kibana. New setting is
kibana.placement
(array of placement constraint arrays). Check the Marathon placement constraints documentation for more details. (#27) -
Added virtual network (CNI) support to Kibana. New settings are:
virtual_network_enabled
(boolean)virtual_network_name
(string, defaultdcos
)virtual_network_plugin_labels
(array of objects withkey
andvalue
keys)
Changes: (#28)
-
Added scheduler-plan based health checks. (#3069)
Bug Fixes
- Fixed Kibana service URL (
<cluster-url>/service/kibana
). This makes Kibana's service URL work out of the box even when X-Pack Security is enabled. This was a limitation in the previous version, where we required Kibana to be exposed with EdgeLB. Which is still possible, but not required anymore. (#3036) - Fixed issue where setting
http.cors.allow-origin
to*
would cause the deploy to fail to due the Elasticsearch configuration file be compiled with incorrectly escaped content. (#23) - Fixed the duplicate
Xmx
andXms
JVM flags in the command to start the Elasticsearch process. This didn't actually cause any issues because the JVM only considers the last ones, which were the ones we were configuring, but inspecting the command withps aux
would show both, which could be confusing to operators. (#2975)
Improvements
- Moved the service source code to its own repository: mesosphere/dcos-elastic-service. (#3107)
- Made most of the Elasticsearch settings be configurable from the service configuration file. (#20)
- Exposed
xpack.monitoring.exporters.default_exporter.use_ingest
setting and defaulted it tofalse
to avoid polluting the Elasticsearch node logs with harmless warnings. (#26) - Added
MARATHON_SINGLE_INSTANCE_APP
andDCOS_PACKAGE_FRAMEWORK_NAME
to Kibana's Marathon app labels. (#3056) - Made
search_remote_connect
default tofalse
. (#2999)