OpenSearch (Beta)

OpenSearch is based on Apache Lucene and provides a distributed, multitenant-capable full-text search engine.

Beta Warning

Please note that breaking changes may still occur during the beta period. We recommend that you do not rely on the service until it is generally available. During this period, resource management through Cockpit or our command-line tool nctl may be limited or unavailable.

Getting Started

You can use nctl or Cockpit, our web interface to get started:

Cockpit
nctl

Create a New Service directly in Cockpit to get started. Don't forget to allow your IP to connect to the instance.
Retrieve the credentials from the overview page. Note the FQDN, user and password.

Connect to the newly created instance:

curl -XGET "https://${FQDN}/_cluster/health" -sku "${USER}:${PASSWORD}"

Ensure you are logged in with nctl:
```
nctl auth login
```

Create an opensearch cluster:

nctl create opensearch my-test-os --allowed-cidrs=203.0.113.1/32 # replace 203.0.113.1 with your public IP address to allow connections from your system

Connect to the newly created cluster:

nctl get opensearch my-test-os # note the FQDN
nctl get opensearch my-test-os --print-user # note the user
nctl get opensearch my-test-os --print-token # note the token
curl -XGET "https://${FQDN}/_cluster/health" -sku "${USER}:${PASSWORD}"

The resource can be managed via Cockpit, our command-line tool nctl or by directly using the API.

Billing is automated based on the resources used. Nine's automated management ensures the smooth operation of the service.

Updates and Maintenance Windows

Security and software updates are generally performed during the NKE maintenance windows.

Therefore, short service interruptions may occur during this maintenance window without prior notice.

Pricing

note

We recommend nine-search-s or larger sizings for production workloads. If high availability is required, a multi node cluster should be used.

	XS nine-search-xs	S nine-search-s	M nine-search-m	L nine-search-l	XL nine-search-xl
Virtual CPU (VCPU)	2	2	4	4	8
RAM	2 GB	4 GB	8 GB	16 GB	32 GB
Storage space	10 GB	20 GB	60 GB	120 GB	200 GB
Monthly fees (`single`)
Monthly fees (`multi`)	n/a

Additional storage space per 10 GB:

Storage space is automatically expanded. It is not possible to reduce the disk size after expansion.

Configuration options

On-Demand Services come with a sensible base configuration that is suitable for most setups. They also provide the ability to change certain configuration options. Adjusting these configuration options can result in a restart of the instance.

The instance can be customized with the following configuration options:

Name

The name of the instance can be freely chosen, but must be unique. Once created, the name cannot be changed.

Location

Depending on available resources, instances can be created in two locations within the "ColoZüri" data center or the "NTT" data center in Rümlang. The location cannot be changed later.

Version

Currently, the version 2 of OpenSearch is being used to power On-Demand OpenSearch.

Allowed IP addresses

Defines the IPv4 addresses and address ranges that are allowed to establish connections to the service. Access from our Kubernetes products (NKE and GKE) and from deplo.io is enabled by default.

The access restriction can be adjusted at any time. Adjustments are made non-disruptively moments after the form is submitted.

Cluster Type

The type of OpenSearch cluster that should be configured. A single node cluster consists of one, single instance, while a multi node cluster consists of three instances to provide additional fault tolerance and higher availability and/or improved performance.

Refer to the official documentation to learn more about configuring number_of_shards and number_of_replicas. And to choose optimal values for your use case.

Machine Type

The amount of memory available to OpenSearch. The Java heap size scales according to the configured memory.

Machine types can be changed after creation, which will restart the instances and can lead to them being unavailable for a few minutes.

Connection

tip

As per Allowed IP Addresses, you may need to allow additional IPs to connect to your instance.

The instances are accessible via https on the default port 443. All requests require basic auth. Check the Getting Started section for details on how to retrieve the credentials.

TLS

The on-demand services only accept connections secured by TLS. Depending on the client or library used, it may be necessary to explicitly enable TLS.

The TLS certificate is self-signed. In addition to enabling TLS transport encryption, you may need to provide the certificate authority used for validation.

You can retrieve the CA either through Cockpit or nctl:

Cockpit
nctl

Open the On-Demand Services overview and select the respective service.
The CA is available under the resource's Certificate tab.

Ensure you are logged in with nctl:
```
nctl auth login
```

Retrieve the certificate:

nctl get opensearch my-test-opensearch --print-ca-cert

Backups

Stored data is persisted across instance restarts, but no restorable backups are created. An integration for creating and storing snapshots using the OpenSearch snapshot API is planned.

Automatic Storage Space Expansion

To provide the most robust environment possible, the available storage space is monitored at 5 minute intervals. If our monitoring detects that the available storage space falls below a threshold, an expansion of the storage quota is automatically performed. The additional storage space is charged automatically.

Storage space can not be decreased even if the index size has been reduced. The only way to reduce disk usage is to re-create the cluster.

Getting Started​

Updates and Maintenance Windows​

Pricing​

Configuration options​

Name​

Location​

Version​

Allowed IP addresses​

Cluster Type​

Machine Type​

Connection​

TLS​

Backups​

Automatic Storage Space Expansion​