LoginSignup
2

More than 5 years have passed since last update.

Elasticsearch Basic Operation

Last updated at Posted at 2017-08-27

What is Elasticsearch?

Elasticsearch is a distributed, RESTful search and analytics engine capable of solving a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data so you can discover the expected and uncover the unexpected.
https://www.elastic.co/products/elasticsearch

Followings are some basic concepts of Elasticseach.
(From: https://www.elastic.co/guide/en/elasticsearch/reference/5.5/_basic_concepts.html)

Index

An index is a collection of documents that have somewhat similar characteristics. For example, you can have an index for customer data, another index for a product catalog, and yet another index for order data. An index is identified by a name (that must be all lowercase) and this name is used to refer to the index when performing indexing, search, update, and delete operations against the documents in it. In a single cluster, you can define as many indexes as you want.

Type

Within an index, you can define one or more types. A type is a logical category/partition of your index whose semantics is completely up to you. In general, a type is defined for documents that have a set of common fields. For example, let’s assume you run a blogging platform and store all your data in a single index. In this index, you may define a type for user data, another type for blog data, and yet another type for comments data.

Document

A document is a basic unit of information that can be indexed. For example, you can have a document for a single customer, another document for a single product, and yet another for a single order. This document is expressed in JSON (JavaScript Object Notation) which is an ubiquitous internet data interchange format.
Within an index/type, you can store as many documents as you want. Note that although a document physically resides in an index, a document actually must be indexed/assigned to a type inside an index.

To make it easy to understand, comparing to traditional Relational Database, document is kind of record in RDB, type is kind of table in which documents are stored, and index is kind of database to which types belong.

Okay, I understand. Elasticsearch is kind of a database, right? Maybe it is not enough answer. There must be much more things we can do with Elasticsearch. But now I don't know how Elasticsearch works at all. I think it is time to learn through practices with very simple operations. So stop googling it and let's start hands-on practice.

Test Elasticsearch on Docker Container

Thanks to docker image, you don't need to install Elasticsearch on your system. Just use the image here https://hub.docker.com/_/elasticsearch/ .

Then, start Elasticsearch container like below.
https://www.elastic.co/guide/en/elasticsearch/reference/5.5/docker.html

docker run  --rm -d  -p 9200:9200  --name elasticsearch_test  -e "http.host=0.0.0.0" -e "transport.host=127.0.0.1" elasticsearch:5.5

Confirm Elasticsearch is running on a container properly. You can send HTTP GET Request to Elasticsearch endpoint using curl command.

root@ubuntu:~# curl -XGET "http://127.0.0.1:9200/"
{
  "name" : "xcsp_BC",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "dX_o_QS6SpeSBkPv2ztSNQ",
  "version" : {
    "number" : "5.5.2",
    "build_hash" : "b2f0c09",
    "build_date" : "2017-08-14T12:33:14.154Z",
    "build_snapshot" : false,
    "lucene_version" : "6.6.0"
  },
  "tagline" : "You Know, for Search"
}

Then, post new data into Elasticsearch. Here, URL format is http://url:port/index/type. Json format data to post is {"name":"test_user"} in this case.

root@ubuntu:~#  curl -XPOST  "http://127.0.0.1:9200/test/user" -d '{"name":"qiita"}'
{"_index":"test","_type":"user","_id":"AV4iTpM-Ci61bOB7Hnlg","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"created":true}

Check the new data is stored in Elasticsearch. You can find the posted data in _source field.

root@ubuntu:~# curl http://localhost:9200/test/user/_search?pretty=true -d '
{ 
    "query" : { 
        "match_all" : {} 
    },
    "stored_fields": []
}
'
****The return is below****
{
  "took" : 80,
  "timed_out" : false,
  "_shards" : {
    "total" : 5,
    "successful" : 5,
    "failed" : 0
  },
  "hits" : {
    "total" : 1,
    "max_score" : 1.0,
    "hits" : [
      {
        "_index" : "test",
        "_type" : "user",
        "_id" : "AV4iTpM-Ci61bOB7Hnlg",
        "_score" : 1.0,
        "_source" : {
          "name" : "qiita"
        }
      }
    ]
  }
}

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
2