We have 7 ES node + 2 logstash server to collect log from AWS machines around the world by filebeat. Those ES and logstash nodes are just desktop PC at the moment. We want to put them into a more reliable infrastructure.
What infrastructure should i prefer? Put each of the nodes on AWS machines, dockers or bare metal servers? or should we use AWS Elasticsearch service directly?
The easiest way is ro start from cloud.elastic.co.
Cloud by elastic is one way to have access to all features, all managed by us. Think about what is there yet like Security, Monitoring, Reporting, SQL, Canvas, Maps UI, Alerting and built-in solutions named Observability, Security, Enterprise Search and what is coming next 
...
Otherwise, you can indeed start some EC2 instances and run elasticsearch on it but you will have to manage the service yourself.
1 Like
thx for your reply.
I have heard that running on bare metal server or on dockers in local machines have better performance than cloud ES service or hosting ES on cloud VM, is that true?
I have no idea.
IMHO you should test first the easiest path to get your cluster running and if you find it's not enough for your use case, invest more of your time to build yourself the cluster.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.