Scribd Logo
Upload

Welcome to Scribd!

  • Architecture Best Practices

    Uploaded by

    pedro_luna_43
    151 views27 pages
    buenas practicas en arquitectura Cloud

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    buenas practicas en arquitectura Cloud

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    151 views27 pages

    Architecture Best Practices

    Uploaded by

    pedro_luna_43
    buenas practicas en arquitectura Cloud

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 27

    The webinar will start soon...

    Elasticsearch Best
    Practice Architecture

    1
    whoami

    Eric Westberg
    Solutions Architect
    Stockholm, Sweden
    Joined Elastic last year

    2
    Webinar Housekeeping & Logistics

    • Slides and recording will be available following the webinar


    • Please ask questions via “Q&A”

    3
    Application Site Enterprise
    Search Search Search Logging
    Future Solutions
    Business Security
    Metrics APM
    Analytics Analytics

    Kibana Visualize & Manage

    Elasticsearch Store, Search, & Analyze


    Elastic Stack

    Beats Logstash Ingest

    SaaS Self Managed

    Elastic Cloud Elastic Cloud Deployment


    Standalone
    Enterprise
    Inside an Elasticsearch
    Cluster

    5
    Elasticsearch Node Types
    Nodes can play one or more roles, for workload isolation and scaling

    • Master Nodes
    – Control the cluster, requires a minimum of 3, one is active at any given time
    Elasticsearch
    • Data Nodes
    – Hold indexed data and perform data related operations
    Master (3) – Differentiated Hot and Warm Data nodes can be used

    Ingest (X)
    • Ingest Nodes
    – Use ingest pipelines to transform and enrich before indexing
    Coordinating (X)
    • Coordinating Nodes
    Data – Hot (X)
    – Route requests, handle search reduce phase, distribute bulk indexing
    – All nodes function as coordinating nodes
    Data – Warm (X)
    • Alerting Nodes
    – Run alerting jobs
    Alerting (X)
    • Machine Learning Nodes
    Machine Learning (2+) – Run machine learning jobs

    6 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Split Brain

    • Cluster with 3 master eligible nodes


    • Concern if network becomes partitioned
    • The cluster would inadvertently elect two masters, which is referred to
    “split brain”

    Network disconnection

    node 1 node 2 node 3

    7
    Avoiding Split Brain

    • A master eligible node needs at least minimum_master_nodes votes to win an election


    ‒ Setting it to a quorum prevents the split brain scenario
    • Recommendation for production clusters is to have 3 dedicated master eligible nodes
    ‒ with the setting minimum_master_nodes = 2

    Network partition

    node 1 node 2 node 3

    8
    Inside a Large Elasticsearch Logging Cluster
    Reduce infrastructure costs, isolate workloads, and manage data lifecycle

    Master Elasticsearch

    Query
    Alerting
    Index
    Response

    Ingest Coordinating

    Machine
    Hot Data Warm Data
    Learning

    Curator

    9 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Logging Architectures

    10
    Quick Start
    Beats, Elasticsearch and Kibana

    Beats

    Elasticsearch

    FILEBEAT WINLOGBEAT

    Kibana
    HEARTBEAT METRICBEAT
    Uniform Nodes (3+)

    PACKETBEAT AUDITBEAT

    File Spool
    Queue

    11 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Advanced Processing and Resiliency
    Adding Logstash processing, differentiated Elasticsearch node types

    Beats
    Logstash Elasticsearch

    FILEBEAT WINLOGBEAT
    Master Nodes (3)

    Kibana
    HEARTBEAT METRICBEAT Workers (1+)
    Data Nodes (2+)

    Persistent
    PACKETBEAT AUDITBEAT Queues ML Nodes (2+)

    File Spool
    Queue

    12
    Flexible ingestion and input sources

    Beats
    Elasticsearch

    FILEBEAT WINGLOGBEAT Master (3)

    HEARTBEAT METRICBEAT Logstash Ingest (X)

    Coordinating (X) Kibana


    PACKETBEAT AUDITBEAT

    Data – Hot (X)


    Kafka

    Data – Warm (X)


    Data store Web APIs Workers (2+)
    Redis

    Messaging Alerting (X)


    Queue

    Sensors Machine Learning (2+)


    Social

    13 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Application Metric Collection with Elastic APM

    Beats Logstash Elasticsearch Kibana

    Datastore JMX

    APM Curated
    App

    apm-agents
    apm-server

    NodeJS Python

    Real User Monitoring


    (RUM)

    14
    Deployment Best
    Practices

    15
    Centralized Monitoring Cluster
    Maintain isolated monitoring cluster for monitoring workload isolation

    Kibana Monitoring Monitoring Kibana


    Data Elasticsearch Data
    Monitoring
    Cluster
    Logstash Logstash

    Elasticsearch Elasticsearch
    Monitoring
    Data

    Beats

    16 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Cloud Monitoring Cluster
    Opt-in Elastic Cloud cluster for monitoring on-premise stack

    Kibana Monitoring
    Data

    Elastic Cloud
    Logstash Monitoring
    Cluster

    Elasticsearch

    Beats

    On-Prem Cluster

    17 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Isolated Audit Logging Cluster
    Maintain isolated audit logging cluster for increased security and compliance

    Elasticsearch
    Cluster 1

    Elasticsearch Elasticsearch
    Audit Logs Audit Log
    Elasticsearch
    Cluster Kibana
    Cluster 2
    Audit and
    Compliance

    Elasticsearch
    Cluster 3

    18 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Multi Data Center

    19
    Multiple Data Centers, Duplicate Data

    Kafka

    Redis
    Logstash Elasticsearch Kibana
    Messaging
    Queue
    Replication

    ACTIVE

    Load
    Logstash Elasticsearch Kibana Balancer

    Kafka

    ACTIVE
    Redis

    Messaging
    Queue

    20 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Multi Data Centers with a Queue at Each DC

    DC1
    Beats

    Kafka

    Logstash Messaging
    Queue
    Datastore Web APIs

    Logstash Elasticsearch

    DC2
    Beats

    Kafka

    Logstash Messaging
    Queue
    Datastore Web APIs

    21
    Multi Data Center, Distinct Data and Cross-Cluster Search

    Beats Logstash Elasticsearch Kibana

    Elasticsearch
    Cross-Cluster
    Search Cluster Kibana

    Beats Logstash Elasticsearch Kibana

    22 All product names, logos, and brands are property of their respective owners and are used only for identification purposes. This is not an endorsement.
    Scaling Kibana

    23
    High Availability
    Pair two coordinating nodes with two independent Kibana nodes

    Host A

    Elasticsearch Kibana

    Coordinating Node

    Host B

    Load
    Elasticsearch Kibana Balancer

    Coordinating Node

    24
    Separating Dashboards by Groups
    Isolate user content by group in different Kibana instances

    Group A
    Kibana
    Elasticsearch

    Kibana Group B

    Kibana
    Group C

    25
    Questions?
    Thank You
    ● Web : www.elastic.co
    ● Products : https://www.elastic.co/products
    ● Forums : https://discuss.elastic.co/
    ● Community : https://www.elastic.co/community/meetups
    ● Twitter : @elastic
    ● Contact us : www.elastic.co/contact

    You might also like