[mienski]

Even doing the official Elastic training - Elasticsearch Engineer 1 gives you everything you need to hurt yourself to set up, use and admin a cluster, but no security is covered unless you sign up for the next course and pay another couple of thousand dollars. Security really should be covered as a default in EE1.

I'm a huge fan of beginner tutorials that include security as a default, rather than having it as the thing you do last - and then commonly in actual project work all the development gets done against an insecure cluster in dev, then someone turns security on at the end, it all breaks and you now have a group of stressed-out people only incentivized to remove the thing that is now delaying the project at the very last moment. Makes for some easy mental gymnastics.

[ayende]

With RavenDB, you cannot setup a unsecured server unless you are _really_ trying. And we worked on getting secured setup to be a click through process with under 10 minutes to setup a whole cluster.

You can see it here: https://www.youtube.com/watch?v=K-2iZ_lJVag

That was done explicitly because of issues like that. Security isn't a feature, and the fact that your product keep leaking details is not the fault of the user the 100th time this happens.

[mattmein]

This is completely unrelated, but I remember your blog about dotnet development. I followed it about 10 years ago and remember when you started with RavenDb. I haven't done any dotnet development in about 7 years, but you taught me a lot about programming properly. Thanks.

I'm glad RavenDb is still going well.

[zaszrespawned]

plug