 Hi there, and thanks for stopping by Elasticsearch's virtual booth. We'd rather have been able to have this conversation in person, but at least we know you're not just here for the cool stickers. I'd like to take the next few minutes to tell you, no, scratch that, show you how Elasticstack and the Kubernetes world play together. And don't worry, there actually is virtual swag. First, let's start with the basics. Elasticsearch is a free and open data store and search engine, commonly used in projects where speed and scale are crucial. From powering the engine that connects drivers and passengers at Uber, to helping NASA explore questions about life on Mars, the search and analytics capabilities of the Elasticstack is powering mission-critical applications for thousands of companies globally. Elasticsearch is the heart of the Elasticstack and serves as the underpinnings for multiple use cases. In today's always-on world, your customers, partners, and team members need to find things. But think about it, most user experiences start with a search box, the right product, relevant support information, or that document that you simply can never remember the name of. That's where AppSearch and EnterpriseSearch come in. This always-on world also means that you've got to be vigilant with your ecosystem and infrastructure. Monitoring and compliance requirements continue to evolve. You need to secure cloud deployments as well as your network, users, and hosts. Elasticsearch security, built directly on the Elasticstack, ensures that you can maintain a security posture across your entire organization, regardless of deployment type, while protecting users, assets, and sensitive data. And you need to do all of this at an unprecedented scale. Our world has become even more virtual, and the increasing demand for software is also causing an uptick in the amount of infrastructure needed to run it on. Whether that infrastructure is self-managed, in the cloud, or, most commonly, a bit of both. Along with the endpoint monitoring mentioned earlier, it's important to also know how these disparate systems are performing. And Elastic Observability lets you see what's running where, which hosts, pods, or containers are overcapacity, or give you a preemptive heads-up if you're about to breach an SLA. We'll dig a little deeper on this area later. The best software can't help you if you can't use it where you want. Elasticstack has multiple deployment options, letting you run how and where you want. Whether it's one ginormous cluster for everything, or separate clusters adjacent to your workloads, sharing information via cross-cluster replication and search. The easiest way to get started with the Elasticstack is with the Elasticsearch service on Elastic Cloud, where you can create and manage your deployments from a simple web UI. If you decide that you need more storage or want to span more availability zones, then that's just a few clicks away. Picking up the latest and greatest features is also easy, with the latest versions available the day they're released. If you'd prefer to manage your own deployments, you've got multiple options. You can download the Elasticstack for free and manage it yourself. If you'll be provisioning new deployments frequently, or want a SaaS experience, then Elastic Cloud Enterprise provides the same great management experience as the Elasticsearch service, only on your infrastructure. But what about running on Kubernetes, you may ask? This is KubeCon after all. Elastic Cloud and Kubernetes, the official operator for the Elasticstack in Kubernetes, is a great option for running Elastic products on Kubernetes. ECK extends Kubernetes orchestration capabilities to support the setup and management of these solutions on Kubernetes, not just for day one operations, but also day two and beyond. I'm going to jump into a terminal and go through a quick demo on ECK to show you what I mean. I'm basically going to walk through the steps from the Quickstart docs. I'm running a newly installed Kubernetes cluster on GKE. If I list out some of the namespaces, we can see that we've got the default namespace and some Kube system ones as well. Installing the operator is just a simple Kube control apply command with the URL for the most reason version. It's echoing out the assets as they're loaded. If I check again, we've got a new Elastic system namespace, and the Elastic operator pod is all that's running in there. I'll quickly make sure it's generating logs. And it is. Now let's stand up an Elastic cluster. I'm just going to use the defaults directly from the Quickstart. Now the provisioning happens asynchronously. I can check the status with a getElasticSearch command. This shows that the health is not yet known, and we want it to be green. I can use a selector to list the pods in my Quickstart cluster. As we can see, it's still starting up. Okay, it looks like it's done now, and the health is green. Let's go ahead and verify connectivity. To do this, we need the password that was generated for the Elastic user at startup. This gets stored as a secret. We'll use a query template to extract and decode the password from the secret, and stuff it into an environment variable, as well as into my max clipboard to use later. To reach the cluster, I need a tunnel, since it's running remotely on my GKE cluster. And now, I can just use a curl command to verify the connection. It turns out that there's a newer version of ElasticSearch, and a one-known cluster really isn't all that robust. Let's upgrade it to 7.8, and move to three nodes instead. This time, I'll just run a little loop to check its progress, so I can speed it up in post. It's going to upgrade and scale, and after a short time, I'm back to all green, now with three healthy nodes. I also want to spin up a Kibana instance, and that's similar to how we started ElasticSearch. We can monitor this, like the last one, but instead, with a Kibana selector, until it also turns green. Okay, now that it's all green, we'll set up another tunnel, load Kibana, and log in with a password we got earlier. So this was a quick and easy run-through of creating a cluster with ECK. ECK has many more options and capabilities, setting up an APM server, persistent storage, backups, and more. Start a chat to learn more, or explore resources in the resources section. Earlier I mentioned the importance of monitoring your infrastructure. As we've seen with ElasticSearch and ECK, cloud native deployments are dynamic. Applications come and go, they scale up and down, and with CICD workflows, they're constantly evolving with new features and fixes. With the dynamic app ecosystem, we need dynamic monitoring as well. Mixing and matching static monitoring with an ever-changing application stack negates that goal of agility and hampers evolution. Kubernetes and Docker provide mechanisms that allow you to add metadata to your application stack. These hints and labels allow you to describe the jobs when deploying or scaling applications or services. This metadata is also a perfect way to trigger automated monitoring for new or changed services through automatic discovery. With automatic discovery, Elastic's lightweight data shippers for logs, metrics and availability, file beat, metric beat, and heartbeat can automatically start monitoring new pods, containers, and services as they get spun up or scaled, and then ship logs and metrics to ElasticSearch. Elastic has integrations to gather logs and metrics for many services and formats. This includes several CNCF projects, graduated sandbox, and those in between. Some examples here are things like NATS, Core DNS, and Envoy Proxy, plus integrations for cloud native adjacent services, things that aren't CNCF projects, but are commonly used alongside Kubernetes deployments like Istio, Nginx, and Postgres. Plus, most integrations come with visualizations and dashboards that you can use out of the box, customize, or mix and match. If you're already using other high-level infrastructure monitoring tools like Azure Monitor, Google Stackdriver, or AWS CloudWatch, you're likely facing swivel chair monitoring, where you have to look at multiple interfaces to get the full picture. With Elastic Observability, it's easy to pull in logs and metrics from these services, enabling you to consolidate your infrastructure monitoring from multiple cloud providers to a single stack. Prometheus, a CNCF graduated project, is another tool commonly used to gather, query, and serve metrics in Kubernetes environments. Pulling them into Elastic Search allows you to chart them alongside your other metrics, along with the logs and metrics from your infrastructure, apps, and services, with recently added support for promql queries. Logs and metrics let you see what's happening at points in time. For even more visibility of your full stack, you can enable application performance monitoring. APM lets you peek inside that black box to see where your applications are spending their time. With service maps to give you a bird's eye view of how your services are interacting, while machine learning-powered health indicators let you know when something's wrong. Once you learn of an issue, whether it be by integrated learning, machine learning, or just browsing around, you can start investigating and drill down to get those transaction details. Not seeing any errors, we can check out the JVM metrics, where we see a telltale sawtooth pattern showing an increased garbage collection and heap growth. Because all of our data is in one data store, tied together by the Elastic Common Schema, we can avoid swivel chair investigations. I can take my theory and jump directly to the corresponding logs, search for a keyword to zero in, then back up a little but stay in context. In this case, I see that something's wrong with our caching algorithm, with cache misses where it should be getting hits. Elastic APM agents are available for common programming languages and frameworks, and Elastic APM also has support for other open instrumentation specifications and formats, such as Open Tracing, Yeager, and Open Telemetry. The Elastic stack lets you work where and how you want to with multiple deployment options, on-prem, in the cloud, self-hosted, or as a managed service. Out of the box solutions for observability, security, and enterprise search, seamlessly combine your business data and KPIs with your monitoring data for all your services in a single unified platform. Try it out today with a trial on Elastic Cloud, download it and manage it yourself, or follow the same quick start we walked through and install ECK on your Kubernetes cluster and manage the full lifecycle effortlessly. We hope you enjoyed this video. Check out the resources pane for more information, and if you have questions, start up a chat. We'd love to hear from you.