Elasticsearch and Opensearch
The Orchestration Cluster stores and reads data from either Elasticsearch or OpenSearch. You can select the database by setting the CAMUNDA_DATABASE environment variable or the equivalent configuration property.
Valid values: elasticsearch (default) or opensearch.
CAMUNDA_DATABASE=opensearch
We now support Amazon OpenSearch. To see which versions are supported, refer to supported environments. Using Amazon OpenSearch requires a new Camunda installation. Migration from previous Elasticsearch setups is not supported.
Connection settings
To connect to a secured (HTTPS) Elasticsearch or OpenSearch instance:
- URL protocol: Use
httpsinstead ofhttp. - Authentication: Set a valid username/password combination for basic authentication.
- AWS credentials: For Amazon OpenSearch, set
awsEnabledtotrueto use AWS credentials instead of basic auth. - SSL/TLS: SSL settings such as
self-signedor disabling hostname verification should only be used if connection issues occur. - JVM certificates: Certificates may need to be imported into the JVM runtime.
You can specify either host and port (deprecated) or url (recommended).
Common configuration options
.{ES/OS} in the values below reference either .elasticsearch or .opensearch.
| Name | Description | Default value |
|---|---|---|
camunda.data.{ES/OS}.cluster-name | Name of the Elasticsearch/OpenSearch cluster | elasticsearch / opensearch |
camunda.data.{ES/OS}.url | URL of the cluster REST API | http://localhost:9200 |
camunda.data.{ES/OS}.username | Username to access the cluster REST API | - |
camunda.data.{ES/OS}.password | Password to access the cluster REST API | - |
camunda.data.{ES/OS}.security.certificate-path | Path to SSL certificate | - |
camunda.data.{ES/OS}.security.self-signed | Certificate is self-signed | false |
camunda.data.{ES/OS}.security.verify-hostname | Validate hostname for SSL | false |
| awsEnabled | Use AWS credentials (OpenSearch only) | false |
camunda.data.{ES/OS}.index-prefix: '' | Prefix for index names | operate / tasklist |
camunda.data.{ES/OS}.number-of-shards | Number of shards for all indices | 1 |
camunda.data.{ES/OS}.number-of-replicas | Number of replicas for all indices | 0 |
Shard and replica settings are applied on first startup or during version updates. After indices are created, they can be adjusted in the cluster template and applied to new indices.
Application configuration examples
Elasticsearch
camunda:
data:
secondary-storage:
elasticsearch:
cluster-name: elasticsearch
url: https://localhost:9200
security:
self-signed: true
OpenSearch
camunda:
data:
secondary-storage:
opensearch:
cluster-name: opensearch
url: https://localhost:9200
security:
self-signed: true
Disable Elasticsearch deprecation logging
For Elasticsearch version ≥8.16.0, it is recommended to turn off deprecation logging:
curl -X PUT "http://localhost:9200/_cluster/settings" \
-H "Content-Type: application/json" \
-d '{
"persistent": {
"logger.org.elasticsearch.deprecation": "OFF"
}
}'
Notes
- Settings like
self-signed, SSL verification, or AWS credentials apply depending on your deployment environment. - Templates for indices are created automatically during first startup or upgrades. Manual adjustments to shards, replicas, or index settings can be made in the cluster templates.