Book Image

Mastering Elasticsearch 5.x - Third Edition

Book Image

Mastering Elasticsearch 5.x - Third Edition

Overview of this book

Elasticsearch is a modern, fast, distributed, scalable, fault tolerant, and open source search and analytics engine. Elasticsearch leverages the capabilities of Apache Lucene, and provides a new level of control over how you can index and search even huge sets of data. This book will give you a brief recap of the basics and also introduce you to the new features of Elasticsearch 5. We will guide you through the intermediate and advanced functionalities of Elasticsearch, such as querying, indexing, searching, and modifying data. We’ll also explore advanced concepts, including aggregation, index control, sharding, replication, and clustering. We’ll show you the modules of monitoring and administration available in Elasticsearch, and will also cover backup and recovery. You will get an understanding of how you can scale your Elasticsearch cluster to contextualize it and improve its performance. We’ll also show you how you can create your own analysis plugin in Elasticsearch. By the end of the book, you will have all the knowledge necessary to master Elasticsearch and put it to efficient use.

Related Content you might be interested in

Current Title:

Small book image
Mastering Elasticsearch 5.x - Third Edition
Feb, 2017 | 428 pages
Small book image
Learning Elasticsearch
Abhishek Andhavarapu
Jun, 2017 | 404 pages
Small book image
Elasticsearch 5.x Cookbook
Alberto Maria Angelo Paro
Feb, 2017 | 696 pages
Small book image
Elasticsearch 7 Quick Start Guide
Douglas Miller | Anurag Srivastava
Oct, 2019 | 186 pages
Table of Contents (20 chapters)
Mastering Elasticsearch 5.x - Third Edition
Mastering Elasticsearch 5.x - Third Edition
Credits
Credits
About the Author
About the Author
Acknowledgements
Acknowledgements
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Preface
Preface
Free Chapter
1
Revisiting Elasticsearch and the Changes
Revisiting Elasticsearch and the Changes
An overview of Lucene
Introducing Elasticsearch 5.x
Summary
2
The Improved Query DSL
The Improved Query DSL
The changed default text scoring in Lucene - BM25
Re-factored Query DSL
Choosing the right query for the job
Query rewrite explained
Query templates
Summary
3
Beyond Full Text Search
Beyond Full Text Search
Controlling multimatching
Multimatch types
Controlling scores using the function score query
Built-in functions under the function score query
Query rescoring
Structure of the rescore query
Elasticsearch scripting
Painless - the new default scripting language
Lucene expressions
Summary
4
Data Modeling and Analytics
Data Modeling and Analytics
Data modeling techniques in Elasticsearch
Managing relational data in Elasticsearch
Data analytics using aggregations
Summary
5
Improving the User Search Experience
Improving the User Search Experience
Correcting user spelling mistakes
Suggesters
Implementing your own auto-completion
Working with synonyms
Summary
6
The Index Distribution Architecture
The Index Distribution Architecture
Configuring an example multi-node cluster
Choosing the right amount of shards and replicas
Routing explained
Shard allocation control
Query execution preference
Stripping data on multiple paths
Index versus type - a revised approach for creating indices
Summary
7
Low-Level Index Control
Low-Level Index Control
Altering Apache Lucene scoring
Available similarity models
Setting a per-field similarity
Similarity model configuration
Choosing the default similarity model
Choosing the right directory implementation - the store module
The store type
NRT, flush, refresh, and transaction log
Segment merging under control
Understanding Elasticsearch caching
Summary
8
Elasticsearch Administration
Elasticsearch Administration
Node types in Elasticsearch
Discovery and recovery modules
The human-friendly status API - using the cat API
Backing up
Restoring snapshots
Summary
9
Data Transformation and Federated Search
Data Transformation and Federated Search
Preprocessing data within Elasticsearch with ingest nodes
Federated search
Summary
10
Improving Performance
Improving Performance
Query validation and profiling
Very hot threads
Scaling Elasticsearch
Managing time-based indices efficiently using shrink and rollover APIs
Summary
11
Developing Elasticsearch Plugins
Developing Elasticsearch Plugins
Creating the Apache Maven project structure
Creating a custom REST action
Creating the custom analysis plugin
Summary
12
Introducing Elastic Stack 5.0
Introducing Elastic Stack 5.0
Overview of Elastic Stack 5.0
Introducing Logstash, Beats, and Kibana
Summary

Managing time-based indices efficiently using shrink and rollover APIs

Recently, we talked a lot about how to scale Elasticsearch clusters and some general guidelines to follow while going into production. In this section, we are going to talk about two new APIs introduced in Elasticsearch 5.0. The Shrink and Rollover APIs. Both of these APIs are specially designed for managing time series-based indices such as, daily-/weekly-/monthly-created indices for logs, or an index for each week or month of tweets.

We know these basic points related to shards of an index:

  • We need to define the number of shards in advance at the time of index creation and we can't increase or decrease the number of shards for index once it is created.

  • The greater the number of shards, the more indexing throughput, the lesser the search speed, and greater number of resources are needed.

Both of these problems may be an overkill for the performance and management of your cluster when the data size grows and scaling is needed...

Previous Section
End of Section 5
Next Section