My organization is currently running the elastic stack v6.8.14 and will be upgrading to current 7.11.x in the near future. We are running this on kubernetes and have two clusters - prod and nonprod.
Our nonprod cluster is 9 nodes and about 10.6 TB. The prod cluster is smaller at 6 nodes and 5.5TB.
What I need to know is the best upgrade path to 7.11.x. Is it via ECK 1.4? Or should I continue with standalone images of ES, LS, Kibana, and Filebeats? Are there any resources anyone has on exactly HOW to do this upgrade? I know there are breaking changes between ES 6.8.x and 7.x .
If ECK is the right option, is there a best practice or how to on how to move from standalone apps to the ECK operator?
Finally, ELK management has proven challenging for our team. As yet there is only 1 person who configures and maintains the ELK clusters and he has no backup :(. Would moving to a SaaS type offering here be feasible? 5.5 TB seems cost prohibitive. We have a relationship with MS Azure. I doubt we'd put non-prod into Azure as well, but hey you never know. Management makes crazy decisions.