We have our filebeat-logstash-Elasticsearch-kibana ecosystem on a private subnet within our organization network. Due to the placement of all components on a fenced subnet, we don't need any security features such as role based access control, encryption during transit or when feeding data into Elasticsearch from logstash. Kibana too is behind an Nginx reverse proxy and basic authentication control at Nginx provides us good enough security for our use case.
So all our Elasticsearch nodes have the following setting
xpack.security.enabled: false
Reading the 8.0 release notes, first thing that jumps up is Security is now on by default
My shallow understanding is that to use security, we would need to:
- Setup TLS keys on Elasticsearch nodes
- Edit
elasticsearchplugin in Logstash to add the new certificate information - Edit kibana config to tell it to use TLS to talk to Elasticsearch
- Maybe ad authentication to Kibana
Given this is a production cluster, we cannot afford to have a failed 8.0 upgrade. So I would like to know if we can upgrade the current "no-security" ElasticStack-7.17 to a "no-security" ElasticStack-8.0 and then think about enabling security/TLS? I couldn't find relevant information in the release documentation of Elasticsearch, logstash and Kibana.