eG Monitoring
 

Measures reported by ESClusterTest

An Elasticsearch cluster is a group of one or more Elasticsearch nodes instances that are connected together. The Elasticsearch cluster efficiently distributes the tasks, searches and indexes across all the nodes. The nodes in the Elasticsearch cluster can be assigned different jobs or responsibilities:

  • Data nodes - stores data and executes data-related operations such as search and aggregation
  • Master nodes - in charge of cluster-ide management and configuration actions such as adding and removing nodes
  • Client nodes - forwards cluster requests to the master node and data-related requests to data nodes
  • Ingest nodes - for pre-processing documents before indexing

By default, each node is automatically assigned a unique identifier, or name, that is used for management purposes and becomes even more important in a multi-node, or clustered, environment. To add and efficiently manage a large amount of data in the cluster, Elasticsearch enables creating indices in the cluster. An index is a collection of documents with similar characteristics, and is identified by a name. Th index name is used to refer to the particular index while performing indexing, search, update, and delete operations against the documents in the cluster. The index can potentially store a large amount of data that can exceed the hardware limits of a single node. For example, a single index of a billion documents taking up 1TB of disk space may not fit on the disk of a single node or may be too slow to serve search requests from a single node alone. To solve this problem, Elasticsearch provides the ability to subdivide the index into multiple pieces called shards. When you create an index, you can simply define the number of shards you want. Each shard is a fully-functional and independent index that can be allocated to any node in the cluster. Furthermore, Elasticsearch allows you to create one or more copies of the shards called replica shards or replicas to provide high availability in case a primary shard/node goes offline or fails or becomes unavaiable for any reason. Using the shards, administrators can horizontally split/scale content volume and distribute and parallelize operations across the nodes. If the shards are not assigned to any nodes or in intializing/relocating state for longer time, the cluster may go imbalanced. To avoid this, administrator should continuously monitor the health of the cluster at shards level. This can be easily achieved using ESClusterTest!

This test continuously monitors the cluster, and the health of the cluster at regular intervals. In addition, this test also reports the count of active shards and the number of shards in the unassigned/initializing/relocating state. These revelations help administrators to track the balance of the cluster continously.

Output of the test: One set of results for the target Elasticsearch cluster.

The measures made by this test are as follows:

Measurement Description Measurement Unit Interpretation
Cluster_Health_Status Indicates the current health of the cluster.   This measure reveals the health of the cluster at shard level. The numeric values that correspond to the measure values mentioned above are as follows:

Measure Value Numeric Value Description
Red 0 Indicates that the specific shard is not allocated to any node in the cluster
Yellow 1 Indicates that the primary shard is allocated but replicas are not assigned to any node.
Green 2 Indicates that all shards in the cluster are allocated to the nodes.

Note:

This test typically reports the Measure Values listed in the table above to indicate the current health of the cluster. However, the graph of this measure is represented using the numeric equivalents only.

Active_Primary_Shards Indicates the number of primary shards that are currently active on the cluster. Number  
Active_Shards Indicates the total number of shards that are currently active on the cluster. Number  
Unassigned_Shards Indicates the number of shards that are in the UNASSIGNED state. Number A low value is desired for this measure. A high value indicates that many shards are yet to be allocated to the nodes, which may cause imbalance in the cluster and make the cluster unreliable when the nodes crash. To avoid this, administrators may have to allocate the unassigned shards to the various nodes on the cluster or delete the shards if the data in the shards is not needed anymore.
Initializing_Shards Indicates the number of shards that are currently in the INITIALIZING state. Number  
Relocating_Shards Indicates the number of shards that are being moved from one node to another node in the cluster. Number Typically, administrators move the shards from one node to another node to maintain cluster's balance when a new node is added to the cluster or many shards are idle or in unassinged state.
Number_Of_Data_Nodes Indicates the number of data nodes in the cluster. Number  
Number_Of_Nodes Indicates the total number of nodes in the cluster. Number