Hi all,
I am using elasticsearch 5.6.4 in a cluster setup.
Here's what my environment looks like:
- 5 nodes in the cluster.
- Each node has 16 GB of RAM and a VCPU with 4 cores.
- The setup is entirely hosted on the cloud.
- Cluster setup is the default setup, meaning every node performs all of the roles (data, ingest, master, etc.).
I have 4 indices on it. Each index is about 7 gigs with 5 shards and 1 replica dedicated to each.
Now the issue is when I try to run a nested aggregation query on it using python/console/curl, the entire cluster goes down. With the querying node going down first and then eventually all of them.
My query looks somewhat like this:
GET indexname/_search { "aggs": { "first": { "terms": { "field": "Field1.keyword", "size": 100000 }, "aggs": { "second": { "terms": { "field": "Field2.keyword" }, "aggs": { "third" { "terms": { "field": "Field3.keyword", } } } } } } } }
Things that I have tried so far:
-
Modify shard size.
-
Experiment with heap size.
-
Changing searching techniques (breadth first and depth first).
-
Toggle execution hint.
-
Modify timeout.
-
Query using elasticsearch-dsl plugin for Python.
Any help is appreciated.
Thanks,
AKwiro.