The ReadonlyREST story is closely interwoven with the open-source software (OSS) revolution in general, and with the spectacular success of a specific OSS project: Elasticsearch.
By promoting open exchange, collaboration, transparency, and community-oriented development, OSS has unleashed a whole new way of bringing innovative, high-quality, and secure software products and platforms to market. Elasticsearch is a classic example. This JSON-based search and analytics engine was initially developed by Shay Bannon, a developer between jobs, as a culinary recipe search application. In 2012, Shay, along with Steven Schuurman, Uri Boness, and Simon Willnauer, founded a company to support the open-source full-text search engine that underlay the initial app.
Gradually, Logstash, a log ingestion tool, and Kibana, a data visualization tool, were added to Elasticsearch to create the ELK Stack. In 2015, Beats (lightweight data shippers) were added to the stack, and the company rebranded as Elastic. In March 2017, the company announced that it had reached a milestone: 100 million downloads of the open-source stack. In October 2018, Elastic went public on the New York Stock Exchange (ESTC), and, as of August 18, 2019, its market cap is $6.42 billion.
Like many OSS products, ReadonlyREST was born out of a developer’s desire to provide a better solution to a real problem—systematically securing user access to the ELK Stack. In this blog post, we reminisce a bit about the exciting early days of ReadonlyREST, and contemplate where we are today and where we’re heading.
The Good Old Days
In 2013, Simone Scarduzio, the founder of ReadonlyREST, was employee #2 in a music startup in London. He was the engineer in charge of the backend systems. The app used Elasticsearch extensively to power a multi-dimensional full-text search box, with the search results comprised of song and album titles, artists, writers, radio stations, and so on. The app used a Java API to collect the search requests originating on the end-users’ mobile devices and to forward only the READ requests to Elasticsearch. Simone felt this API layer was just another moving part that added unnecessary complexity to the backend. “Why,” he thought, “can’t I just get Elasticsearch to reject requests that are not READ requests?”
A question that Simone posted in StackOverflow verified that, at that time, there were no security plugins for Elasticsearch. With the blessing of the startup owner, and inspired by a “Hello World” Elasticsearch plugin blog post, Simone spent several weekends building an Elasticsearch plugin that worked literally as “ReadonlyREST” (i.e., only letting READ REST requests through and rejecting all others). Simone made the new plugin freely available on GitHub for the benefit of the OSS community. It was not long before developers started downloading the plugin from GitHub, forking it, asking questions, reporting bugs, and so on. However, Simone had zero visibility into who was actually using the plugin and how.
Fast forward to 2016. Simone made a major life change and moved to Bali. Interestingly enough, in this tropical paradise, he found and joined an excellent co-working space full of entrepreneurs actively engaged in developing and bringing small but highly useful web apps to market. Simone caught the entrepreneurial bug, learned a lot about sales and marketing, and came up with an idea for an online app—which was promptly torn apart when presented to his more experienced peers in the co-working space.
He then remembered his ReadonlyREST (ROR) Elasticsearch plugin, which was still getting a lot of interest on GitHub. One of his entrepreneur friends suggested that Simone make the download available for free from a simple website, but require the downloader to leave an email address. As the list of emails began to grow, Simone was surprised and delighted to see that many of them were work addresses, including from large organizations such as CERN, Intel, and NVIDIA. Simone then spent four months improving and stabilizing the free Elasticsearch plugin, and the list of emails grew even more quickly. He created a forum that attracted numerous active participants. In short, he now had a substantial and accessible target audience—a platform of users to whom he could sell companion plugins that extended the capabilities of the basic plugin, which would always remain free.
How We Got to Where We Are Today
Today, the ROR product suite is comprised of the free Elasticsearch security plugin and two commercial Kibana plugins that run on top of it:
ReadonlyREST PRO: secure Kibana login and logout, as well as basic Kibana customization at login.
ReadonlyREST Enterprise: secure multi-tenant Kibana login/logout, an SAML connector, and advanced customization of the Kibana UX.
In this section, we describe how these products evolved into what they are today, driven by real-life use cases.
Free Elasticsearch Plugin
Since the stabilized version of the Elasticsearch plugin was released in 2016, three important features were added by members of the OSS community. The first was an LDAP connector. This much-requested feature was contributed by an independent developer, and it attracted many more enterprise users to the plugin. It’s also worth noting that this developer, who continued contributing to the project, recently became the main engineer for the ROR Elasticsearch plugin.
The next major improvement was adding Elasticsearch field-level and document-level security features to the plugin. These, too, were external contributions—in this case, from developers at a French company. The features raised the granularity of the access control rules beyond the index level, granting or refusing access to certain documents with an index, or to certain fields within a document. These features made the ROR Elasticsearch plugin an indispensable tool for Elastic Stack users seeking to comply with GDPR and other data protection regulations.
The most recent improvement, dynamic variables, was added by the ROR team in response to the real-life need of one of our larger customers, CERN. With this new feature, security admins can write one block of rules in the ACL, and then allow any valid LDAP user to access any Elasticsearch index to which their username has been concatenated. Dynamic variables are, in essence, a templating method that transforms the slow, tedious, and often error-prone declarative approach to access definition into something closer to programming. With errors being one of the main causes of breaches, the dynamic variables feature makes large-scale Elasticsearch deployments far more secure.
ReadonlyREST PRO Plugin
The ReadonlyREST PRO plugin, which requires the Elasticsearch plugin to be installed and running, was launched in May 2017 as a simple Kibana login, with the browser prompting the user for credentials and sending them on to Elasticsearch. Since then, a number of valuable improvements and features have been added, including:
Enhanced login and a secure Logout button: The plugin now uses a proper login form that forwards the credentials to Elasticsearch and then stores the logged-in user’s session on the client-side as an encrypted cookie. When the user clicks the Logout button, the cookie is deleted. This more advanced and secure Kibana login capability also allows Kibana to become stateless, with no need to store the user session server-side. This approach helps with load balancing across multiple Kibana servers and enables high availability deployments of Kibana.
Hiding Kibana apps: This feature makes it possible to hide apps from the Kibana sidebar and topbar, thus simplifying the user experience. Salespeople, for example, will simply not see the apps that are more relevant to developers, making Kibana more approachable for non-technical teams.
Basic logon screen customization: Kibana is often a component embedded in other products. With the Pro plugin, the Kibana logon screen can be white-labeled to align with the third-party product’s brand.
Support for JWT tokens: This enables user credentials to be embedded as an authentication token inside the Kibana URL. This feature is helpful for securely sharing links, using the credentials of a pre-defined read-only user. It is also useful for securely embedding live Kibana graphs in HTML inline frames (iframe).
ReadonlyREST Enterprise Plugin
The PRO plugin is well suited for multiple Kibana users who are sharing the same data and dashboards in order to solve the same problem. But what about larger organizations with diverse departments that are interested in different subsets of the data to solve their own unique problems?
The ReadonlyREST Enterprise plugin was a strategic breakthrough, overcoming the formidable technicalities of providing a multi-tenant Kibana experience. Now, different groups of users, such as sales, marketing, and engineering, can access their own dashboards and configurations as though they each have their own Kibana. The Enterprise plugin also helps organizations significantly optimize their compute resources (and lower costs) by deploying a single, larger ELK Stack cluster that is used by many tenants.
Other advanced features available in the Enterprise plugin are:
Compliance with SAML and other delegated identification protocols, such as OpenID: Larger enterprises can now integrate their ELK Stack with their existing authentication service and benefit from enhanced security features such as login using their company account, SSO login, and two-factor authentication.
An SLA for dedicated onboarding and priority support.
What the Future Holds
ReadonlyREST is committed to providing our users with competitive, cutting-edge, ELK Stack security solutions. We take pride in the long runway that we offer our free users. On its own, the Elasticsearch plugin offers an unprecedented set of free features. However, because it is compatible with other Elasticsearch plugins, such as Elastic Stack non-OSS extensions, you can also benefit from their free features, like monitoring and alerting.
Just as we believe that simplicity is the best approach to high-quality, high-performing software, we also intend to keep our pricing model straightforward. We don’t confuse our users with hard-to-understand tiers, and our fixed annual prices ensure that there are no budgetary surprises, even if the number of ELK nodes increases.
Last but not least, ReadonlyREST has established, and listens carefully to a robust feedback loop, in order to ensure that our products will always be aligned with real needs and use cases.
We invite you to become part of our exciting story by trying out our plugins and joining the community.
Simone Scarduzio — “Since 2013, ReadonlyREST provides unmatched usability, price accessibility, and highly specialized support in Elasticsearch and Kibana security and multi-tenancy.”
HOW CERN SAVES MONEY WITH READONLYREST
This year, CERN (The European Organization for Nuclear Research) optimized the usage of computing resources by consolidating 30+ Elasticsearch clusters into a handful of multi-user clusters.
Watch the presentation CERN organized to understand the guiding principles behind ReadonlyREST.