NoSQL for years was associated with JSON. The thing is: if you’re a hardcore backend Java developer, JSON, YAML, and other data formats might not feel native to you. Also, if you were ears-deep into debugging a query from Java code, sending the same request for visualization in Kibana using KQL wasn’t trivial. Meet ES|QL: Elasticsearch’s new query language, being at first glance a mixture of SQL and… Bash ;-) Works the same in Java and Kibana (and other programming languages too!) Additionally, by leveraging Project Valhalla and vector operations, ES|QL can achieve performance improvements over previous solutions. If you’re eager to investigate the options of the ES|QL and how it makes your life easier (while also giving a feel of being a SQL DB), this talk is for you.
If I got a dollar every time I hear “we had to disable security and authentication in Elasticsearch because otherwise it was unusable”, I’d be a bit richer by now ;-)
Honestly, I don’t quite get where the confusion comes from. It’s 2024, yet some of us are still surprised by “what do you mean: certificate and password???”
Let me explain security in Elasticsearch in a few simple paragraphs.
I’ll start by saying this isn’t just about Elasticsearch, but anything that communicates over HTTPS. It could be an HTTP server, a database, or any other system.
To have HTTPS instead of HTTP, you need a certificate. Normally, when we secure communication with our HTTP server (to get the padlock in the address bar), we need to obtain a certificate. Such a certificate is issued by some organization and applies to a specific.server.com.