Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Michael_Tarallo
Employee
Employee

Welcome! - What Qlik Sense Enterprise for Elastic IS and IS NOT

READ ME FIRST:

Qlik Sense Enterprise for Elastic is Qlik's multi-cloud environment, that you set up and maintain. Currently, to get a hold of the software and to use Qlik Sense Enterprise for Elastic, it is necessary to contact your Qlik representative or Qlik Support to request the appropriate license and instructions. You must install Qlik Sense Enterprise for Elastic, and then enable multi-cloud with your Qlik Sense Enterprise for Windows. I expect more self-service instructions and installation options to be available in the future.

Hi guys - this forum is dedicated to those interested in learning more about Qlik's Multi-Cloud solution. If you have stumbled across this post without seeing our other content, the best way to get started is to check out this blog along with its companion data sheet and videos available here: Introducing Multi-Cloud Deployment for Qlik Sense Enterprise.

Some things you need to know

I'd like to take a few minutes of your time to share some of the things I've learned when working with our multi-cloud solution specifically around some of the technical architecture and terminology that supports Qlik Sense Enterprise for Elastic (QSEFE). My hope is that it answers some of your burning questions. There will be an official, more formal FAQ available shortly along with many other assets we are creating, so please stay tuned to this section in the community as we will post more when available.

QSEFE IS a new capability / feature - NOT a product

When we talk about QSEFE - we are referring about a new capability that gives Qlik Sense Enterprise customers, choices and flexibility on where they can host and deploy their analytics and do so at cloud scale.

Phase 1 - focuses on Qlik Sense Consume use cases - more to come!


As stated in the blog and video, Phase 1 allows you to publish apps from your Qlik Sense Enterprise environment that runs on Windows to Qlik Sense Enterprise for Elastic running on your choice of platform - on premise, or in public or private clouds - hosted by others or even Qlik when subscribed to Qlik Cloud Services. The published apps currently can be consumed only, in other words - edit, reload, create capabilities will be available in the future phases.


This is not Qlik Sense for Linux!

One thing I need to address immediately is that QSEFE is NOT about a LINUX version of Qlik Sense. Yes, our Qlik Sense Enterprise for Elastic (QSEFE) software - runs within "containers" that can run on Linux - but understand the keyword here is "containers".

Ugh!! Now you want to know, - "But wait, what are containers?" First here is a great resource to start with: https://techcrunch.com/2016/10/16/wtf-is-a-container/ - and yes, yes the title is "WTF is a container."
In short, think of a container as a mini virtual machine (VM).

It runs in Containers - Docker

Containers simply make it easier for developers to know that their software will run, no matter where it is deployed. They also enable what’s often called “microservices.” Instead of having one large monolithic application, microservices break down applications into multiple small parts that can talk to each other.

Containers have been around for a long time and used within Linux, but they were difficult to use - so a software company, Docker, https://www.docker.com/ - has promised to revolutionize this and make containers easier to use and the development community welcomed it with open arms. So now you ask - Docker who? To keep it short and sweet, it is explained very succinctly here: https://www.docker.com/what-docker - Docker provides a container platform for building software that can run and scale in the cloud. This platform can run on many operating systems and environments which mostly consists of Windows and various flavors of Linux. SO you can very well install QSEFE on Windows using a flavor of Docker that is for Windows such as: https://www.docker.com/docker-windows so hopefully that is clear. (but who would want to!) -  In turn we have have built a "Docker Image" of QSEFE. This image is available in a "repository" - in which one uses command line shell syntax  to pull down the image and set it up in your Docker environment. Can you run containers without Docker? You can - but that is not how we chose to implement QSEFE.


Container Orchestration - Kubernetes (K8s)


So now that you have a bit about containers under your belt - you need a way to orchestrate and manage your containers - to do this we bring in Kubernetes - - Kuuba what now? - Kubernetes - pronounced - koo-ber-ne-tes - NOT koo-ber-knee-tees - as I learned. Originally designed and used by Google for many years for their cloud computing and then was opened sourced in 2014. (Oh and yes Docker has its own management / orchestration mode know as Docker Swarm or running the Docker engine in swarm mode, but we are not going that deep here.) In short Kubernetes "orchestrates" your Docker containers. "Orchestrates" WTH does that mean? - Other than sounding cool, like I know what I am talking about in a sales situation - Kubernetes / orchestration provides a platform for automating deployment, scaling, monitoring of operations of application containers across clusters of hosts -- ooooh techy. Another great resource that explains it: What does Kubernetes actually do and why use it? | DevelopIntelligence Blog - so basically Kubernetes helps with keeping track of your containers, starts and stops services - automatically scaling when needed as it adjusts CPU and memory to meet demand. <phew I'm sweating> - I would recommend reading this information here to learn more. In that document you will see that K8s is more than just orchestration software.

Without rehashing the aforementioned blogs and getting too markety - I'd like to conclude by asking you to comment and post questions here. I am still new to this technology (Docker / Kubernetes) and would also love to learn more from many of you. If you feel I forgot something or if you wish I provided more detail on a particular area, please let me know. My goal is to share as much information that I learned that made it easier for me to understand this new capability that we are providing.

Looking forward to hearing from you.

Regards,

Mike Tarallo

Qlik

Resources:

Regards,
Mike Tarallo
Qlik
Labels (1)
  • SaaS

11 Replies
konrad_mattheis
Luminary Alumni
Luminary Alumni

Where can I find the install documentation?

Michael_Tarallo
Employee
Employee
Author

Hi Konrad - there should be some sort of communication going out about how to engage with our team in order to set this up. There isn't any official self-service materials just yet, but I expect there to be more forthcoming.

Hope this helps.

Regards,
Mike Tarallo
Qlik
gustavgager
Partner - Creator II
Partner - Creator II

In the video, you say that there will be some sort of SSO for multi cloud enviroments. I guess that would mean that you need some sort of external identity provider and use SAML or JWT for the entire deployment?

If you have a customer with a simple AD domain (no ADFS for example). A multi-cloud enviroment would not work since the external server (qlik cloud or public/prive cloud server) would not have access to the internal AD of the company.

Can you please explain how that is supposed to work?

Michael_Tarallo
Employee
Employee
Author

Hi Gustav - that is a good question, I believe it was stated that all users will have a single login and single license. In regards to how the security is handled via and identity provider, I am not sure of the details. I know that Qlik Sense Enterprise can use SAML / AD / Web Ticketing, custom authentication etc. let me send a few notes to the product team and see if I can get a few answers for the community. In the mean-time, being you are a partner - you can also contact your Qlik Partner rep - who can also work with you on some of these things, possibly providing you with a technical resource to get some questions answered.

Regards,
Mike Tarallo
Qlik
Joe_Bickley
Employee
Employee

Hi Gustav.

As with many SaaS services, the authentication mechanism you use perhaps on premise, needs to be able to integrate with services outside the boundaries of the organisation.  In addition as in the case of multi-cloud, you also want the same identity (user name and groups) to be securely available to the systems you want to combine.

To enable that we have adopted one of the new security standards for Qlik Cloud Services and the QSE for Elastic package - this is Open ID connect (or OIDC). This is standard that solves some of the draw backs of systems like SAML and is offered by a lot of common cloud authentication providers such as Okta and Auth0 - ADFS also partially implements it but there adoption isnt complete and we need to do some future work to support it - we also plan to implement SAML and others in the future.   Most of these providers also support SAML at the same time, this means you can have one IDP that provide OIDC to cloud and elastic and SAML for QSE on windows.

Essentially a modern IDP is required to integrate cloud services along with on premise resources.  More details on this will be supplied soon.

Thanks

Joe

gustavgager
Partner - Creator II
Partner - Creator II

Alright i understand. I figured that you would need some kind of "external" identity provider in order to get it working. Most of our customers use Windows Authentication to the local domain only. Some of these customers would like to add a cloud endpoint for some of the apps (in qlik cloud for example). But then the identification would be a problem since local AD and an external identity provider will be handled as two different accounts. It will be problematic to setup on current AD-only customers.

But thank you for your insight into this. I will probably add more questions in this thread later on. Thank you

AlexOmetis
Partner Ambassador
Partner Ambassador

I've been working with Auth0 to get an OIDC-compliant SSO solution set up for our Qlik Sense Enterprise server so that we can have it ready when we get access to the licence & install details for QSEFE. I notice they have an AD connector that you can use to authenticate to a purely onsite domain (Connect your app to Active Directory) it requires a connector installing on the local network though so that might be a sticking point. Alternatively I wonder if those organisations have an Azure AD - as most Office 365 customers do - again, you can integrate this with Auth0 (Connect your app to Microsoft Azure Active Directory) or directly with Qlik Sense via SAML...

Qlik Partner Ambassador 2024
diegobormann
Partner - Contributor II
Partner - Contributor II

Hi All,

I currently wrestling to set up a demo environment, some PoC for 2 customers. I have setup a single node  cluster in Azure AKS, following the more detailed documentation. All seems to running fine (PODS are all running).

(Note: My demo enterprise server is not in Azure).

Then I come to the point I need to setup the OIDC. I have a couple of questions about this:

1. Why use Auth0 or Okta (both paid services) instead of Azure's own OIDC ?

Azure Active Directory v2.0 en de OpenID Connect-protocol | Microsoft Docs

The installation instructions you need to give a hostname. What hostname?

From the installation doc:

hostname: "lexcorp.elastic.example"

2. Do I need to set something up in Azure to bind a hostname to the cluster? --> How?

The introduction video: Qlik's Multi-Cloud Solution - Part 2 - Brief Demonstration (Phase 1) - YouTube

Is showing that you should be able to connect to: https://elastic.local:32443/explore/local

3. Is this the same as the "lexcorp.elastic.example"?

Like to hear from you!

Kind Regards,

Diego Bormann

diegobormann
Partner - Contributor II
Partner - Contributor II

Ok am a little further with this.

In Azure, you can find 2 public IP addresses in the load balancer section.

Trying https://<ip-address> on 1 of the 2 addresses is giving me the following response :

{"errors":[{"title":"No authentication configured for this hostname","code":"LOGIN-2","status":"401"}]}

I created a DNS record to point to that IP adres (i call it myDNS.com here). I used that in the hostname section.

Next steps was to use Auth0 to create an app. The only thing not really documented is the reply URL's: I added the following:

https://<myDNS.com>,https://<myDNS.com>/login,https://<myDNS.com>/login/callback

You can then add users, or use SSO with Azure (that is what I've done, there is a pretty good guide about that)

going to: https://myDNS.org now redirects me to my login option and after that it is showing me the Cloud HUB.

Next step for me is to configure my enterprise server to sync documents to the cloud hub.

Hope my findings helps