=============
-ElasticSearch
+Elasticsearch
=============
+Elasticsearch provides a distributed, multitenant-capable full-text search engine with a HTTP web interface and schema-free JSON documents.
+
Sample pillars
==============
+Single-node elasticsearch with clustering disabled:
+
+.. code-block:: yaml
+
+ elasticsearch:
+ server:
+ enabled: true
+ bind:
+ address: 0.0.0.0
+ port: 9200
+ cluster:
+ multicast: false
+ index:
+ shards: 1
+ replicas: 0
+
+Setup shared repository for snapshots:
+
+.. code-block:: bash
+
+ elasticsearch:
+ server:
+ snapshot:
+ reponame:
+ path: /var/lib/glusterfs/repo
+ compress: true
+
+Cluster with manually defined members:
+
.. code-block:: yaml
elasticsearch:
server:
enabled: true
- version: 1.0.1
bind:
address: 0.0.0.0
port: 9200
+ cluster:
+ multicast: false
+ members:
+ - host: elastic01
+ port: 9300
+ - host: elastic02
+ port: 9300
+ - host: elastic03
+ port: 9300
+ index:
+ shards: 5
+ replicas: 1
+
+Common definition for curator:
+
+.. code-block:: yaml
+
+ elasticsearch:
+ server:
+ curator:
+ timeout: 900
+ logfile: /var/log/elasticsearch/curator.log
+ logformat: json
+ master_only: true
+ actions:
+ - action: delete_indices
+ description: >-
+ Delete indices older than 45 days (based on index name).
+ Ignore the error if the filter does not result in an actionable
+ list of indices (ignore_empty_list) and exit cleanly.
+ options:
+ ignore_empty_list: True
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: '.*\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: name
+ direction: older
+ timestring: '%Y.%m.%d'
+ unit: days
+ unit_count: 90
+ - action: replicas
+ description: >-
+ Reduce the replica count to 0 for indices older than 30 days
+ (based on index creation_date)
+ options:
+ count: 0
+ wait_for_completion: False
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: '.*\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: creation_date
+ direction: older
+ unit: days
+ unit_count: 30
+ - action: forcemerge
+ description: >-
+ forceMerge indices older than 2 days (based on index
+ creation_date) to 2 segments per shard. Delay 120 seconds
+ between each forceMerge operation to allow the cluster to
+ quiesce.
+ This action will ignore indices already forceMerged to the same
+ or fewer number of segments per shard, so the 'forcemerged'
+ filter is unneeded.
+ options:
+ max_num_segments: 2
+ delay: 120
+ continue_if_exception: False
+ disable_action: True
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: '.*\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: creation_date
+ direction: older
+ unit: days
+ unit_count: 2
+
+Client setup
+------------
+
+Client with host and port:
+
+.. code-block:: yaml
+
+ elasticsearch:
+ client:
+ enabled: true
+ server:
+ host: elasticsearch.host
+ port: 9200
+
+Client where you download an index template that is stored in the direcotry
+*files/*:
+
+.. code-block:: yaml
+
+ elasticsearch:
+ client:
+ enabled: true
+ server:
+ host: elasticsearch.host
+ port: 9200
+ index:
+ my_index:
+ enabled: true
+ template: elasticsearch/files/my_index_template.json
Read more
=========
+
+* https://www.elastic.co/
* http://alex.nederlof.com/blog/2012/11/19/installing-elasticsearch-with-jenkins-on-ubuntu/
* http://websightdesigns.com/wiki/Setting_up_Centralized_Event_Parsing_on_Ubuntu_12.04
* https://gist.github.com/wingdspur/2026107