It’s over a month since Elastic (the company) announced that they are changing the open-source licensing for Elasticsearch from Apache 2.0 to SSPL. Since then, a flurry of activity has been underway from every side. For Elasticsearch users, the question is whether to continue using Elasticsearch under the SSPL license or to look for an alternative. Elastic says that the SSPL license will not affect most users. However, one look at the license by your legal team may show that the SSPL license is a risk your company will not want to take. In this case, you need an alternative. That’s what we discuss in this article — the best alternatives for Elasticsearch after the license change.
1. The AWS fork of Elasticsearch
AWS announced the Open Distro for Elasticsearch back in 2019. They likely anticipated the license change and wanted to secure their Elasticsearch cloud service from the company Elastic. However, a distro is a mere copy of the original with some modifications. The original would still be the version that the open-source community contributes to. A fork is a separate version of the code and would have its own maintainers and open-source community developing it separately. This is a bigger commitment. AWS had not forked Elasticsearch. That was about to change with the Elasticsearch licensing change.
AWS has now announced that they will be forking Elasticsearch under the Apache 2.0 license. They have invited other organizations to join with them in making this fork the truly open-source Elasticsearch that everyone needs. This fork has drawn support from others in the logging space like Logz.io and is likely to be the successor to the old open-source Elasticsearch.
It would be based on the last Apache-licensed Elasticsearch version 7.10. It would include all the functionality of Elasticsearch and has the potential to grow to be more powerful than the old Elasticsearch in the future. One complaint that companies like AWS have had is that Elastic has taken the focus off the open-source project and only invested in their proprietary solutions. As a result, suggestions from outside contributors were routinely rejected. With this new fork, AWS and other organizations have the opportunity to define a new direction for the product, one that isn’t controlled by a single organization.
For this to happen, though, the AWS fork will need to be governed by a vendor-neutral oversight committee, something like the CNCF (Cloud-Native Computing Foundation). Given the importance of Elasticsearch, the CNCF seems like a natural home for the project.
2. Solr: The closest alternative
Solr was created in 2008 as a solution for data search. Elasticsearch was created in 2010 to fill in the gaps left by Solr when it comes to search. However, Solr still thrives as a project on its own and matches Elasticsearch on many fronts. For one, both Elasticsearch and Solr are built on Lucene — the open-source search engine.
Both Solr and Elasticsearch have similar features, such as sharding (a distributed way to store and process data), and schema-less mapping, which is great for unstructured data. This means it automatically recognizes schemas within a dataset. The list goes on with full-text search, real-time indexing, dynamic clustering, and more. Being an old database, Solr supports both RDBMS’ such as Oracle, and modern NoSQL databases as well. Having survived for over a decade, Solr is still actively used and is backed by a huge open-source community. Help is always at hand at one of the forums.
3. ArangoDB: The all-rounder
ArangoDB is a great alternative to Elasticsearch. It is open source under the Apache v2 license. It does search engine duties similar to Elasticsearch but packs more — document, key-value, and graph stores. And the best part is it uses a single query language, AQL, for all these different data stores. This makes it a very versatile all-rounder. It is a great fit if you’ve been overwhelmed by managing Elasticsearch plus other databases like MongoDB and are looking to simplify operations with a single solution.
ArangoDB recently added full-text search capability to their product. Its AQL is an intuitive query language that newbies can easily master, and even write complex queries with ease. Some users mention the lack of a community as large as Elasticsearch or MongoDB as a drawback. However, ArangoDB offers a solution called Oasis, the cloud-hosted version of the tool for those who would rather not maintain their own instance.
4. InfluxDB: When it’s time-series
InfluxDB is a time-series database that is open-sourced under the MIT license. It is primarily used to process monitoring data which is typically in time-series format. It has two components Kapacitor for background processing and Chronograf, which is the UI. It can be easily integrated with Grafana for visualization. InfluxDB is capable of handling time-series data at high scale without performance lags.
It has its own InfluxQL for querying. InfluxQL processes data using Tasks and allowed you to set repetitive tasks that can run frequently. This is useful to watch particular metrics. InfluxDB is easy to set up and is a great alternative to Elasticsearch if monitoring is your main purpose.
5. Vespa: A simple alternative
Vespa is an open-source data search tool that is not as popular as the others on this list but is also very capable. Vespa relieves you of sharding duties by handling replication and distribution of data into buckets on its own. This means it is easier to scale by just adding nodes and letting Vespa do the data management. For queries, it uses the YQL (Yahoo Query Language) since it was created by Yahoo. Some find YQL queries simpler than the Elasticsearch queries.
Commercial alternatives
While the above are open-source alternatives to Elasticsearch, there are quite a few commercial alternatives that may fit the bill as well.
6. Algolia: Full-text search at its best
Algolia is dedicated to being the best search & answer solution. It is excellent at indexing large volumes of data and producing real-time search results while typing. It has ready-made integrations to e-commerce platforms like Shopify and Magento and is a breeze to get set up. Scale is not an issue with the solution being fully-managed. Although, you’ll need to watch costs as your usage grows. If all you use Elasticsearch for is full-text search, and you’re open to a paid solution, Algolia is a great option.
Elasticsearch is most widely used for log analysis. If this is your use-case, there are two relatively new commercial options that are very interesting.
7. EraDB: Logging like Elasticsearch
EraDB is a time-series analytics solution that replicates the ElistacSearch query API. It has support for tools in the Elasticsearch ecosystem such as Logstash, Kibana, Grafana, Kafka, and Telegraf. While it can’t do all that Elasticsearch does, EraDB makes for a capable log management solution with some machine learning chops as well.
8. Opsbrew: Route & pre-process data with pipelines
The newest solution on this list, Opsbrew is different from the others in that it isn’t a database or a search engine. Rather, it is a noOps log pipeline management solution. This may sound like a mouthful, but essentially what it does is ingest log data from any number of sources and route them to any number of desired destinations. It handles pre-processing of logs and any monitoring data without any operational headache.
Opsbrew consolidates monitoring data from multiple analytics tools like SIEM and APM and allows you to manage multiple monitoring pipelines in one place. Beyond log ingestion, Opsbrew provides real-time insights and alerts on a specific category, event, or parameter and visualizes it using charts. Opsbrew also enables you to hide sensitive data and filter data on the fly without even a mandatory regex or grok. It would make a great companion alongside any of the tools mentioned in this post.
While the Elasticsearch license change caught many by surprise, it need not be the end of the story. There are numerous alternatives that do what Elasticsearch does, and some that do specific tasks much better. Where do you see yourself headed after Elasticsearch v7.10?
Featured image: Pixabay
There’s also Typesense, which is an open source alternative to Algolia: https://typesense.org/