Planning the Cluster Version and Security Mode
This topic introduces different OpenSearch cluster versions, including features supported by each version and its application scenarios. It also describes the characteristics and application scenarios of different cluster security modes (including different application-layer protocols).
Introduction to Different Cluster Versions
When selecting an OpenSearch cluster version, consider factors such as service requirements, available features, performance, security updates, and long-term support, ensuring that the selected version can meet both current and future needs and provide a stable, secure environment for your data.
- If you are deploying CSS OpenSearch clusters for the first time, you are advised to use the latest version.
- If you are migrating an in-house built or third-party OpenSearch cluster to CSS without altering the cluster, keep the version of the source cluster.
- If you are migrating an in-house built or third-party OpenSearch cluster to CSS while recoding it, choose OpenSearch 2.19.0.
|
Feature |
OpenSearch 1.3.6 |
OpenSearch 2.17.1 |
OpenSearch 2.19.0 |
Related Documents |
|---|---|---|---|---|
|
Open-source vector search |
√ |
√ |
√ |
|
|
CSS vector search |
√ |
x |
√ |
|
|
Decoupled storage and compute |
√ |
x |
√ |
Configuring Decoupled Storage and Compute for an OpenSearch Cluster |
|
Flow Control 2.0 |
x |
x |
√ |
|
|
Large query isolation |
x |
x |
√ |
|
|
Enhanced aggregation |
x |
x |
√ |
|
|
Read/write splitting |
x |
x |
√ |
Configuring Read/Write Splitting Between Two OpenSearch Clusters |
|
Switching between hot and cold storage |
√ |
√ |
√ |
Switching Between Hot and Cold Storage for an OpenSearch Cluster |
|
Index recycle bin |
x |
x |
√ |
|
|
Enhanced data ingestion performance |
√ |
x |
√ |
Enhancing the Data Ingestion Performance of OpenSearch Clusters |
|
Index monitoring |
x |
x |
√ |
Cluster Security Modes
HTTPS access can be disabled only for OpenSearch 1.3.6 and 2.19.0 security-mode clusters. For other versions, HTTPS access is forcibly enabled and cannot be disabled.
|
Cluster Type |
Key Settings |
Description |
Applicable Scenario |
|---|---|---|---|
|
Non-security mode cluster |
Security Mode: disabled |
Access to such a cluster requires no user authentication, and data will be transmitted in plaintext using HTTP. |
Use when creating a cluster for internal testing or workloads that have a low security standard.
Make sure the cluster is deployed in a secure environment. Do not expose the cluster's network interface to the public network. |
|
Security-mode cluster |
Security-mode cluster + HTTP:
|
Such a cluster requires user authentication. It supports access control and data encryption, and it uses HTTP to transmit data in plaintext. |
Use to balance security and performance.
Make sure the cluster is deployed in a secure environment. Do not expose the cluster's network interface to the public network. |
|
Security-mode cluster + HTTPS:
|
Such a cluster requires user authentication. It supports access control and data encryption, and it uses HTTPS to encrypt communication and enhance data security. |
Use when security takes precedence over performance and public network access is required.
|
- Administrator: The default administrator username is admin, and the password is the one specified during cluster creation.
- Cluster user: created by the cluster administrator on OpenSearch Dashboards. User permissions can be configured to ensure proper isolation. For details, see Creating Users for an OpenSearch Cluster and Granting Cluster Access.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
