An Elasticsearch Overview

Introduction

If you asked five different people to try and describe Elasticsearch, you’re likely to get five completely different answers. Even if a developer is well-versed in using Elasticsearch, there’s just so much going on with this complex, powerful product that it can be hard to distill it all down to a concise definition. In this article, we’ll try to provide that definition for you. Keep reading for an Elasticsearch overview that will get you up to speed on this technology and how it works.

What Is Elasticsearch?

At its core, Elasticsearch is a full-text search and analytics engine. It’s fast and powerful, for sure. But the adjectives don’t stop there. You can also describe Elasticsearch as:

• open-source
• enterprise-grade
• scalable
• broadly-distributable
• RESTful

That’s a pretty good summary of what Elasticsearch is; now, let’s take a closer look at what Elasticsearch can do:

Lightning-Fast Search

Typical SQL-based database management systems simply aren’t designed to tackle full-text search, and they have a tough time dealing with loosely-structured data. These are areas where Elasticsearch shines. A query that might take over 10 seconds with SQL will execute in less than 10 milliseconds using Elasticsearch.

What makes Elasticsearch so speedy? Part of it is its lean design– unlike a relational database, it’s not constrained by rigid schemas. In addition, its queries are constructed using a simple yet efficient query language. Elasticsearch queries are able to look at a number of target values, and they assign a score to each element in the result set based on how strongly it aligns with the query’s focus. With these factors in place, even complex queries executed against large datasets can return results in a few milliseconds.

Effortless Indexing

Elasticsearch’s indexing process converts raw data into documents and stores them in a format much like a typical JSON object. An Elasticsearch document is composed of a set of keys and their respective values; the keys are always strings, but the values can consist of many different data types, such as strings, numeric values, lists and more.

Indexing a new document into Elasticsearch is a simple, straightforward process. All you need to do is make a HTTP POST request that sends the data for the document in the form of a JSON object. JSON is also used to perform searches– you can make a HTTP GET request with your query in JSON format in the body. While the APIs for popular languages such as Python, Ruby and Go make it easy to access Elasticsearch in applications, many developers rely on this cURL functionality for testing and debugging purposes.

Direct Access to Your Data through Denormalization

If you have experience working with SQL and relational databases, one of the toughest aspects of Elasticsearch to wrap your mind around is the idea of denormalization. It’s important to step away from the relational database mindset– there are no subqueries or joins in Elasticsearch, so denormalization is critical. With denormalized document storage, it may seem like redundant copies are being added to an index, but this method of storage is what eliminates the need for things like joins. Even better, this denormalization leads to fewer data reads and faster full-text searches.

Scalable and Distributable

Elasticsearch can scale up beautifully to hundreds or thousands of nodes and multiple petabytes of data. This kind of capacity is possible due to its distributed architecture, which allows users to remain happily unaware of architecture changes taking place “behind the scenes”. Try following along with the examples in one of our Elasticsearch tutorial articles– whether you’re running a single node or a 100-node cluster, everything will appear to work in the same way.

With Elasticsearch, documents can be partitioned across a configuration of containers known as “shards”. If a cluster contains multiple nodes, the documents are distributed to shards across each of the nodes; shards are balanced across all the nodes in a cluster to manage search load and indexing processes. The replication of shards offers redundancy in the event of a failed node. The failover is seamless– shards are automatically redistributed across remaining nodes when a node is temporarily lost.

Conclusion

It’s clear that Elasticsearch is a powerful and versatile product. Its ability to search and analyze huge volumes of data in near real time makes it the natural choice for applications with complex search requirements. In this article, we talked about Elasticsearch’s key features and use cases, but this Elasticsearch overview really just scratches the surface of what the product can do. If you’re interested in harnessing the power of Elasticsearch for your organization, don’t hesitate to contact Objectrocket for more information on how you can get started.