Leapfire Solutions, LLC • Sunnyvale, California

Elasticsearch is ...

  • A full-text search engine
  • A query engine for many different data types over arbitrary fields
  • An analytics engine for gaining data insights
  • An indexed document store for structured and unstructured data
  • Distributed and highly scalable
  • Replicated, Highly Available, Partition Tolerant, Eventually Consistent
  • A system that distributes the power of the single-server Lucene search engine and exposes it as a simple JSON REST API
  • Part of the Elastic Stack comprising Elasticsearch, Beats, Logstash, and Kibana
  • An Apache-License open-source project written in Java

Elasticsearch can ...

  • Perform powerful full-text search
  • Quickly satisfy ad-hoc queries over any fields
  • Cost-effectively horizontally scale; it is cloud native
  • Solve aggregation queries for data analysis (e.g., top-ten products sold)
  • Efficiently handle time-series data that have retention periods
  • Enable flexible data modeling that can accept new fields dynamically
  • Enable high-availability through data replication
  • Automatically rebalance data when nodes come and go; it’s elastic!
  • Provide stability of cluster-information through two-phase commit
  • Create consistent backups through Snapshots
  • Allow tunable tradeoffs between Consistency, Availability, and Partition-Tolerance
  • Enable multi-tenancy data-separation through tenant-specific indexes; it performs well with thousands of indices per cluster

Elasticsearch Terminology

  • A Node is an instance of the Elasticsearch software running on a single machine.
  • A Cluster is a set of co-operating Nodes that share the same Cluster name.
  • A Document is a representation of an application object expressed in JSON. It is similar to a database row.
  • A Document Field is a slice of data in a Document that can be queried independently. It is similar to a database column.
  • An Index is a set of documents that can be queried. It is similar to a database instance having multiple tables.
  • A Shard is an Index partition that Elasticsearch uses to distribute and replicate the documents. It is invisible to the programmer.
  • A Mapping is a schema for documents. It is similar to a relational table.
  • A Document Type is a collection of documents that share a mapping.
  • A Field Type is the datatype of a field such as text, keyword, integer, date, ip address, and so on.

Elastic asks

“How did Geena become so knowledgeable of Elasticsearch?”

Elastic Training Classes that I have taken

▸ Core Elasticsearch
▸ Core Elasticsearch: Operations
▸ From 5 to 1000 Nodes
▸ Core Elasticsearch: Developer
▸ Advanced Elasticsearch: Data Modeling

“And another one bites the dust. Replication has saved my butt… Because, I’ve got an Elastic Heart.”