Is this fork or not?


I have some concerns:

  • What I can see under Open Distro for ES GitHub org seems like there are forks for community or 3rd party plugins. Or are they not forks?
  • If there are feature requests or bug reports around say SQL or Security where are users expected to open tickets? In relevant AWS Open Distro or in origin plugin repo?



Hi Lukáš,

You can open your tickets and issues here with Open Distro for Elasticsearch for any issues with the code in these repositories. We will ensure fixes and enhancements get back upstream where relevant. This includes SQL which is based on the Apache 2.0-licensed elasticsearch-sql project and any code developed with floragunn on the Security side.




I am sorry, I really do not understand :frowning: I am used to go to the upstream, opening tickets there and usually push PR as well.

Are you saying that you in fact discourage community from going directly to SearchGuard or SQL plugin repos and opening, discussing and working on the tickets there? Instead you want to do a proxy/mediator between upstream plugins and community?

Also, you mentioned several times that you partnered with SearchGuard. Can you please elaborate more on this more? What does it mean? Can you make the partnership details public?

May be it is just me (it is late Friday) but I am really confused. These question are very important to me and I am surprised they haven’t been covered and explained in announcing blog posts and videos.

Thanks for bearing with me,


Hi Lukas,

Thanks for your feedback. Agree there are some things we could have done better here in communication, SQL commit history, etc. Getting to launch has been a significant endeavor for us which we tried to execute on quickly so we can start making further developments in the open with the community. By example, we posted an RFC for index rotation to get feedback and we intend to iterate on that with the community on GitHub ( There are definitely areas we could have done better on but our goal is to listen and improve as we continue to iterate.

We want to make sure that Open Distro becomes a really great option for developers. To get there we will need to ensure that all the different pieces are well integrated. For example, SQL should be well integrated into alerting, security should be integrated with everything. The only way we believe we can achieve that is by ensuring that the community has the ability to innovate across the components. This is why we felt it’d be better to host all the artifacts in one place. Also, we want to make sure that going forward we have a clear acknowledgment of Apache 2.0 contributions as part of the PR process (which we made easy via a simple template as part of PRs, not requiring a CLA for the average contribution). I think that will make it easier for folks to get involved and contribute code.

To answer your question re: components:
• Both event monitoring & alerting and performance analyzer were built by us internally. We did use some third-party libraries as part of that including the blessed-contrib for the ASCII command line visualization of PerfTop -
• For SQL, already at launch we documented the use of NLPChina/Elasticsearch-SQL in the (with a thank you) but we will make it even more visible. We did make many improvements to the project and also wrote the JDBC driver from scratch. We have been in touch with the upstream project to contribute any improvements back, but as I said earlier, we want to retain the flexibility to more deeply integrate the features which is why we think we will get more flexibility as a community to be able to rev on these things in the same project.
• For Security, it does include contributions from floragunn. We have collaborated with them on bringing security features to Open Distro. Again, for the earlier reasons mentioned, I imagine that there may be changes/enhancements we make as part of Open Distro which may or may not be interesting to them and their users. They will not necessarily remain the same projects going forward. I think time will tell but everything we ship is Apache 2.0 licensed.

I hope this clarifies things somewhat. Appreciate your feedback. We are already getting a lot of interest in joining and contributing. Would love to see you as a contributor too!