Elastic and Google Cloud have partnered to help enterprises of all sizes deploy Elastic Enterprise Search, Observability, and Security on Google Cloud.
It’s the official managed Elasticsearch offering on Google Cloud with exclusive integrations and expert support.
Access Elastic Cloud via Google Cloud Marketplace and create a deployment in any of our multiple regions.
Overview
Benefits of a managed service
Get the latest version and security updates — including exclusive features and access to Elastic Support. Plus, Elastic Cloud grows teh same way as the requirements change over time.
Benefits | Features |
---|---|
Deployments made easy |
|
Security by default |
|
Hands-free maintenance |
|
Elastic wears the pager |
|
Future-proof |
|
Shared responsibility system
Shared responsibilities:
At a high level, Elastic is responsible for the security and operation of Elastic Cloud, including the underlying infrastructure and the Elastic software that runs on top of it. You make decisions about your specific configuration, ensuring your deployment size meets your business needs, account and user management, operations such as restoring snapshots, and your data.
Elastic Responsibilities:
Infrastructure
Building out infrastructure on-premise in Amazon Web Services, Google Cloud, and Microsoft Azure, regions and availability zones
Optimizing cloud storage and locally attached disk ratios for your deployment
Managing availability, so you won’t see insufficient capacity or stock out errors when you create a deployment
Applying software updates and security patches to your underlying infrastructure
Platform and network security
Encrypting your cluster data and snapshots and managing your keys
Encrypting communications between nodes and components such as Elasticsearch, Kibana, and APM
Orchestration of the Elastic Stack
Ensuring connectivity between components
Automatically applying customer’s configuration changes and plugins
Applying customer’s specified capacity parameters
Taking periodic snapshots (customer sets the cadence, Elastic does the work)
Customer’s responsibilities:
Operations
Giving careful consideration to the sizing requirements of the deployment
Deciding when and how a customer wants to restore snapshots
Ensuring the health of customer’s configurations, plugins, indexes, and shards
Enabling out-of-the-box monitoring and alerting capabilities to ensure the deployment remains healthy
Security
Securing communications between Elastic Cloud and other systems, such as applications, databases, and other cloud services
Implementing configurations that adhere to security best practices
Applying user- and account-based access rights
Data
Available regions
For Google Cloud Platform:
Taiwan (asia-east1), gcp-asia-east1
Tokyo (asia-northeast1), gcp-asia-northeast1
Seoul (asia-northeast3), gcp-asia-northeast3
Mumbai (asia-south1), gcp-asia-south1
Singapore (asia-southeast1), gcp-asia-southeast1
Sydney (australia-southeast1), gcp-australia-southeast1
Finland (europe-north1), gcp-europe-north1
Belgium (europe-west1), gcp-europe-west1
London (europe-west2), gcp-europe-west2
Frankfurt (europe-west3), gcp-europe-west3
Netherlands (europe-west4), gcp-europe-west4
Montreal (northamerica-northeast1), gcp-northamerica-northeast1
Sao Paulo (southamerica-east1), gcp-southamerica-east1
Iowa (us-central1), gcp-us-central1
South Carolina (us-east1), gcp-us-east1
N. Virginia (us-east4), gcp-us-east4
Oregon (us-west1), gcp-us-west1
In more detailed (deployment templates and instance configurations): see the official documentation.
Elasticsearch Service GCP instance configurations
Google Compute Engine (GCE) N2 general purpose VM types are now available for Elastic Cloud deployments in all supported Google Cloud regions. N2 VMs have a better mix of vCPU, RAM, and internal disk, and are up to 50% more cost effective when compared to N1 VM types.
See also: Selecting the right configuration for you.
Deployment choices
Elastic Stack: Choose this option if you’re looking to do something unique or if one of the other preconfigured solutions doesn’t quite fit. Choose from different hardware profile templates, such as the hot-warm architecture profile template, which makes it easy to get started and offers lots of flexibility.
Elastic Enterprise Search: Search everything, anywhere. Elastic App Search provides all the tools you need to design and deploy powerful search experiences for your websites and mobile apps. Elastic Workplace Search gives your teams a unified search experience across all their collaboration, productivity, and storage tools, helping them find whatever they need, wherever it may be.
Elastic Observability: Unify logs, metrics, traces, and more from your ecosystem in a scalable stack that's open and built for speed. Monitor, search, and analyze all of your operational data in a rich UI to quickly resolve issues and consistently deliver exceptional digital experiences.
Elastic Security: Effective cybersecurity requires data at scale — Elastic Security solves for core data and scale problems. Leading security teams use the free and open solution for SIEM, endpoint security, threat hunting, cloud monitoring, and more. An intuitive UI and vast ecosystem of integrations help arm every analyst to succeed.
To better understand the options, read more about how to create your deployment.
Pricing
Usage fee: Usage fee is billed every month
Elastic Billing Units for GCP: USD 0.0001 /unit
If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform Skus apply. Please refer to GCP Price List for the latest pricing.
Cancelation and change policy
Your subscription fee is billed every month.
Final prices in your bill will be set in accordance with your billing setup, and might be subject to exchange rates.
Support
Standard support includes Ticket-based support 2 support contacts
Gold support includes Ticket-based support 6 support contacts SLA-based support Business hours support coverage: Critical: 4 hours L2: 1 day L3: 2 days Unlimited # of incidents
Platinum support includes Ticket-based support 8 support contacts SLA-based support 24/7/365 Support coverage Critical: 1 hour L2: 4 hours L3: 1 day Unlimited # of incidents
Secure deployments on Elastic Cloud with Google Cloud Private Service Connect
The Google Cloud Private Service Connect is officially integrated with Elastic Cloud.
Elastic Cloud VPC connectivity is now available to all customers across all subscription tiers and cloud providers (AWS, Microsoft Azure, and Google Cloud).
Private Service Connect allows you to create private and secure connections from your clients running in your Google Cloud environments to your Elastic Cloud deployment endpoints running on Google Cloud. Private Service Connect provides service endpoints in your virtual private cloud (VPC) that provide private connectivity and policy enforcement, allowing you to easily connect to services like Elastic Cloud. All the traffic remains within the Google network, and it’s easy to set up and scale.
Step-by-Step Google Cloud Private Service Connect configuration
Prerequisite: Obtain a static IP on Google Cloud for assigning to the endpoint.
Step 1: Create a Private Service Connect endpoint using the Elastic Cloud service attachment
Create a Private Service Connect Endpoint using the service attachment URI for the region your deployment is hosted on in Elastic Cloud.
Once you create the endpoint, it will be accepted automatically in a few seconds.
Step 2: Create a domain name service (DNS) record for the Private Service Connect endpoint
Create a private DNS zone using the zone name for the region.
Add an A name record to resolve to the IP address of the Private Service Connect endpoint, and add your network to the private hosted zone. This will help with accessing the endpoint using a friendly domain name.
Step 3: Configure the necessary information for Elastic Cloud to allow traffic only from the explicitly allowed endpoints.
Create a traffic filter of type Private Service Connect endpoint using the endpoint ID created in Step 1:
Associate the traffic filter to one or more deployments
You can associate this traffic filter with one or more deployments hosted in the region, and only traffic from explicitly allowed VPC (though the Private Connect endpoints) will be allowed to the respective deployment endpoints.
Attachments:
image-20221008-065631.png (image/png)
blog-ec-gcp-8.png (image/png)
image-20221008-071839.png (image/png)
image-20221008-072114.png (image/png)
image-20221008-072159.png (image/png)
image-20221008-072322.png (image/png)
image-20221008-072421.png (image/png)
image-20221008-072533.png (image/png)