ES best practices?

saif · June 9, 2015, 2:39pm

hello

I used recently ElasticSearch I have 4 servers
and wanted to know the good pratice
how many:
node-master
node-data
how minimum_master_nodes: 4/2 + 1 = 3?
number_of_shards
number_of_replicas

because I work with a large number of log server .. almost 3000
so I have a lot of data .. 20G per day at least
I use the RAID-0

thank you

mosiddi · June 9, 2015, 4:05pm

how ur search pattern is going to look like? How much would u retain data and till when? How much documents per second u would expect coming to ur ES? the idle shard/replica, index, etc. depend a lot on ur scenario than general practice.

saif · June 10, 2015, 7:21am

thank you for your reply
I used to centralize logs with ELK for 3000 servers
it's 9 pm and I have only 1800 servers connects and i have 4,132,830 docs

just for testing i used 2 servers 2 master nodes 5 shared

thank you

mosiddi · June 10, 2015, 8:22am

Couple of general guidelines we follow -

Minimum 3 master nodes to avoid split-brain
We need HA (high-availability) and in our configuration, we leverage 2 replicas for the same
Too less and too much shards - Both are bad. You have to select decent number. We have multiple indices and each index have 10 primaries. We cap the data going to each index using some parameters so that they are manageable.
We have 3 query nodes basically to support HA, load balancing and fault-tolerance.

Topic		Replies	Views
Ideal number of shards for 2 node ES cluster Elasticsearch	4	446	March 26, 2020
Suggestion on Elasticsearch scaling and performance for log management Elasticsearch	9	705	October 15, 2019
Few queries on setting up a high performing and scalable ES setup Elasticsearch	3	327	July 6, 2017
Setting up Multi-node Architecture of ELK for log monitoring Elasticsearch	6	684	June 10, 2019
No. of Shards Per index in ES Cluster Elasticsearch	4	1223	July 5, 2017

ES best practices?

Related topics