============= Elasticsearch ============= Elasticsearch provides a distributed, multitenant-capable full-text search engine with a HTTP web interface and schema-free JSON documents. Sample pillars ============== Single-node elasticsearch with clustering disabled: .. code-block:: yaml elasticsearch: server: enabled: true bind: address: 0.0.0.0 port: 9200 cluster: multicast: false index: shards: 1 replicas: 0 Setup shared repository for snapshots: .. code-block:: bash elasticsearch: server: snapshot: reponame: path: /var/lib/glusterfs/repo compress: true Cluster with manually defined members: .. code-block:: yaml elasticsearch: server: enabled: true bind: address: 0.0.0.0 port: 9200 cluster: multicast: false members: - host: elastic01 port: 9300 - host: elastic02 port: 9300 - host: elastic03 port: 9300 index: shards: 5 replicas: 1 Common definition for curator: .. code-block:: yaml elasticsearch: server: curator: timeout: 900 logfile: /var/log/elasticsearch/curator.log logformat: json master_only: true actions: - action: delete_indices description: >- Delete indices older than 45 days (based on index name). Ignore the error if the filter does not result in an actionable list of indices (ignore_empty_list) and exit cleanly. options: ignore_empty_list: True continue_if_exception: False disable_action: False filters: - filtertype: pattern kind: regex value: '.*\-\d\d\d\d\.\d\d\.\d\d$' - filtertype: age source: name direction: older timestring: '%Y.%m.%d' unit: days unit_count: 90 - action: replicas description: >- Reduce the replica count to 0 for indices older than 30 days (based on index creation_date) options: count: 0 wait_for_completion: False continue_if_exception: False disable_action: False filters: - filtertype: pattern kind: regex value: '.*\-\d\d\d\d\.\d\d\.\d\d$' - filtertype: age source: creation_date direction: older unit: days unit_count: 30 - action: forcemerge description: >- forceMerge indices older than 2 days (based on index creation_date) to 2 segments per shard. Delay 120 seconds between each forceMerge operation to allow the cluster to quiesce. This action will ignore indices already forceMerged to the same or fewer number of segments per shard, so the 'forcemerged' filter is unneeded. options: max_num_segments: 2 delay: 120 continue_if_exception: False disable_action: True filters: - filtertype: pattern kind: regex value: '.*\-\d\d\d\d\.\d\d\.\d\d$' - filtertype: age source: creation_date direction: older unit: days unit_count: 2 Client setup ------------ Client with host and port: .. code-block:: yaml elasticsearch: client: enabled: true server: host: elasticsearch.host port: 9200 Client where you download an index template that is stored in the direcotry *files/*: .. code-block:: yaml elasticsearch: client: enabled: true server: host: elasticsearch.host port: 9200 index: my_index: enabled: true template: elasticsearch/files/my_index_template.json Read more ========= * https://www.elastic.co/ * http://alex.nederlof.com/blog/2012/11/19/installing-elasticsearch-with-jenkins-on-ubuntu/ * http://websightdesigns.com/wiki/Setting_up_Centralized_Event_Parsing_on_Ubuntu_12.04 * https://gist.github.com/wingdspur/2026107