LogoLogo
cegedim.cloudITCareAPIPrivacy
English
English
  • Documentation
  • ITCare
    • What is ITCare ?
      • Get started with ITCare
      • Demos
    • Enercare
      • Carbon footprint
    • Release notes
  • ITCare API
    • Overview
    • Authentication
    • Errors
    • Pagination
    • API Reference
      • Quick start
      • Analytics
        • Matomo
      • Changes
        • Changes
      • Compute
        • Application Servers
        • Backup Policies
        • Containers
        • Environments
        • Instances
        • Platform
        • Resource Filters
        • Resource Types
        • Resources
        • Services
        • Statuses
        • Tag Keys
        • Tag Values
        • Types
      • Databases
        • Databases
        • MariaDB
        • OpenSearch
        • PostgreSQL
        • Redis
        • SQL Server
      • Hardwares
        • Hardwares
      • Messaging
        • Apache Kafka
        • Message Brokers
        • RabbitMQ
      • Networking
        • Domains
        • Load Balancers
        • Network Clusters
        • Networks
      • Operations
        • Actions
        • Operations
      • Storage
        • Glusterfs
        • Overdrive
      • Topology
        • Topology
  • Services
    • Products
    • Support policy
    • Patch policy
    • RACI
  • Analytics
    • Matomo
      • Matomo - Features
      • Matomo - Get started
  • Compute
    • Virtual instances
      • Virtual instances - Features
        • Linux - Hardening
      • Virtual instances - Get started
    • Containers (K8s)
      • K8s - Features
        • Hardening
        • Persistent Storage
      • K8s - Get started
        • High Availability
  • Databases
    • MariaDB
      • MariaDB - Features
      • MariaDB - Get started
    • OpenSearch
      • OpenSearch - Features
        • v2 - Breaking changes
      • OpenSearch - Get started
    • PostgreSQL
      • PostgreSQL - Features
      • PostgreSQL - Get started
      • PostgreSQL - Upgrade
    • Redis
      • Redis - Features
      • Redis - Get started
      • Redis - Upgrade
    • SQL Server
      • SQL Server - Features
      • SQL Server - Get started
  • Messaging
    • Apache Kafka
      • Apache Kafka - Features
      • Apache Kafka - Get started
      • Apache Kafka - Upgrade
    • RabbitMQ
      • RabbitMQ - Features
      • RabbitMQ - Get started
    • SMS
      • SMS - Get started
  • Monitoring
    • ExtraHop
  • Security
    • Advanced Vulnerability Assessment
    • Bot Defense
      • Bot Defense - Features
    • Data Masking
      • Data Masking - Get started
    • Phishing Campaign
  • Storage
    • GlusterFS
      • GlusterFS - Features
      • GlusterFS - Get started
    • Object Storage
      • Object Storage - Features
        • S3 API compatibility
        • Limitation and Best Practices
        • Presigned URL
        • Bucket Policies
        • Bucket Lifecycle
        • Object Lock
      • Object Storage - Get started
        • Manage Object Users
        • Manage versioning in Bucket
        • Manage Bucket access
    • OverDrive
      • OverDrive - Features
      • OverDrive - Get started
Powered by GitBook
On this page
  • Topologies
  • 3 nodes topology
  • At least 5 nodes topology
  • Resiliency
  • Features
  • Security
  • Authentication
  • Authorizations
  • Secured Transport
  • Passwords
Export as PDF
  1. Databases
  2. OpenSearch

OpenSearch - Features

Topologies

OpenSearch cluster is available as:

  • 3 nodes cluster - not recommended for Production use

  • 5 or more nodes cluster - recommended for Production use

3 nodes topology

In the 3 servers topology, all server are playing the master role, two of them are also used as data nodes. Each index are by default replicated on those two data nodes.

At least 5 nodes topology

With 5 to more servers, three node are used as masters only nodes and don't host any data. Depending of the Area, master nodes are dispatched across 2 or 3 Availability Zones. The remaining nodes host only data and are spread over two Availability Zones.

Resiliency

In an Area with 3 Availability Zones, the cluster is resilient against one AZ failure.

In an Area with 2 Availability Zones, the cluster might fail if the Availability Zone containing two masters is not available.

Features

This section lists which feature / capabilities are available to users, and how to request / perform them :

Self Service

Customer can perform action autonomously using ITCare.

On Request

Customer can request for the action to be done by cegedim.cloud support team.

Features
Self-service
On request
Comments

SSH access

SSH access is disabled and reserved to cegedim.cloud administrators.

Change configuration file

On request via ticket.

Security

Authentication

Authentication uses OpenSearch internal security system.

It can be configured on request to accept Active Directory as an authentication backend.

Authorizations

Authorizations is done using RBAC.

It can be configured on request to accept Active Directory as a backend role provider.

Secured Transport

TLS/SSL is activated by default for the incoming and internal network flows.

Passwords

This section explains how the password management is handled:

Password
Stored by cegedim.cloud
Stored by customer
Enforced
Comment

admin account

ANY other account

kibana account

Used by the dashboard server to connect to the cluster

support account

Used by cegedim.cloud support team (it has limited access and cannot read index datas)

centreon account

Used by cegedim.cloud monitoring system (it has only access to monitoring information)

prometheus account

Used by cegedim.cloud metering system (it has only access to monitoring information)

PreviousOpenSearchNextv2 - Breaking changes

Last updated 1 year ago