Auto kill queries taking more time

sreekanth · November 22, 2021, 7:23am

We are using 7.3 ES. Due to few bad queries fired by end user, ES CPU/Memory jumps to very high and impacts all others. We want to know any way to stop those long-running queries and return 429 or some status, so the client can handle this.
We got default_search_timeout option which is shard level timeout. And also this results in sending partial data to client. We are looking for some global end user query level settings. Also as I said, we want to return error rather partial data.

Please help us on some options to protect our cluster with these.

warkolm · November 22, 2021, 7:58am

7.3 is EOL, please upgrade

If you upgrade you get access to a number of different improvements around this area as well!

sreekanth · November 22, 2021, 9:38am

Sure thanks, planning to move to 7.8. Are there any flags or options for the same query I asked above? Overall We don't want one bad query from 1 client impacting others

Mark_Harwood · November 22, 2021, 11:14am

See the query setting allow_partial_results or the cluster setting default_allow_partial_results

sreekanth · November 22, 2021, 12:26pm

thanks a lot. this works for us

DavidTurner · November 22, 2021, 12:47pm

7.8 is also pretty old and becomes EOL in less than a month. It would be wise to choose something newer.

warkolm · November 22, 2021, 9:02pm

7.15 is latest!

system · December 20, 2021, 9:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.