SlideShare a Scribd company logo

Elasticsearch's aggregations & esctl in action or how i built a cli tool to interact with elasticsearch

F
FaithWestdorp

Elasticsearch's aggregations & esctl in action or how i built a cli tool to interact with elasticsearch

Technology
1 of 45
Download to read offline
Aggregations How do they work?
2 Sum POST /test/_doc {"foo": 1} POST /test/_doc {"foo": 2} POST /test/_doc {"foo": 3} POST /test/_doc {"foo": 4} POST /test/_doc {"foo": 5} POST /test/_refresh POST /test/_search { "size": 0, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } ==== 15 As simple as possible class SumAggregator implements Aggregator { final DocValues vals; double sum; SumAggregator(Context ctx) { vals = ctx.docValues("foo"); } @Override void collect(int docId) { if (false == vals.advanceExact(docId)) continue; sum += vals.nextValue(); } @Override SumResult result() { return new SumResult(sum); } }
3 Sum POST /test/_doc {"foo": 1} POST /test/_doc {"foo": 2} POST /test/_doc {"foo": 3} POST /test/_doc {"foo": 4} POST /test/_doc {"foo": 5} POST /test/_refresh POST /test/_search { "size": 0, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } ==== 15 As simple as possible class SumAggregator implements Aggregator { final DocValues vals; double sum; SumAggregator(Context ctx) { vals = = ctx.docValues("foo"); } @Override void collect(int docId) { if (false == vals.advanceExact(docId) continue; sum += vals.nextValue(); } @Override SumResult result() { return new SumResult(sum); } }
4 Sum POST /test/_doc {"foo": 1} POST /test/_refresh POST /test/_doc {"foo": 2} POST /test/_doc {"foo": 3} POST /test/_refresh POST /test/_doc {"foo": 4} POST /test/_doc {"foo": 5} POST /test/_refresh POST /test/_search { "size": 0, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } ==== 15 Less lying class SumAggregator implements Aggregator { double sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues("foo"); return docId -> { if (false == vals.advanceExact(docId) continue; sum += vals.nextValue(); }; } @Override SumResult result() { return new SumResult(sum); } }
5 Date Histogram POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Buckets! class DateHistoAggregator implements Aggregator { private final Aggregator child; private final LongKeyedBucketOrds ords; @Override LeafCollector leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues("t"); LeafCollector childLeaf = child.leafCollector(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; long rounded = round(vals.nextValue()); long childOrd = ords.find(ord, rounded); childLeaf.collect(childOrd, docId); }; } }
6 Sum POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Minimal lying class SumAggregator implements Aggregator { double[] sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; if (sum.length >= ord) { sum = grow(sum, ord + 1); } sum[ord] += vals.nextValue(); }; } @Override SumResult result(long ord) { return new SumResult(sum[ord]); } }
7 But
8 Grow double[] grow(double[] old, int target) { int extra = min(3, target >> 3); int newSize = target + extra; return Arrays.copyOf(old, newSize); } Oversizing to asymptotically remove allocations class SumAggregator implements Aggregator { double[] sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; if (sum.length >= ord) { sum = grow(sum, ord + 1); } sum[ord] += vals.nextValue(); }; } @Override SumResult result(long ord) { return new SumResult(sum[ord]); } }
9 DocValues POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Just one please class SumAggregator implements Aggregator { double[] sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; if (sum.length >= ord) { sum = grow(sum, ord + 1); } sum[ord] += vals.nextValue(); }; } @Override SumResult result(long ord) { return new SumResult(sum[ord]); } }
10 Check out this hashtable POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Brains?! class DateHistoAggregator implements Aggregator { private final Aggregator child; private final LongKeyedBucketOrds ords; @Override LeafCollector leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues("t"); LeafCollector childLeaf = child.leafCollector(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; long rounded = round(vals.nextValue()); long childOrd = ords.find(ord, rounded); childLeaf.collect(childOrd, docId); }; } }
Thanks!
Thanks!
13 Jeff Moore 08/25/20, Systems Engineer, Bandwidth esctl in Action or How I Built a CLI tool to Interact with Elasticsearch
14 About this presentation It was fairly difficult deciding between catering towards Devs or Ops. In the end, I decided to side with the Ops side of the house. Based on audience request, I will go into the code in depth - or that can be the topic of a later talk. Feel free to stop me at any point* so we can discuss this utility - however, suggestions are encouraged to be held until the end of the slide deck
15 Contributors Welcome! https://github.com/geoffmore/esctl
16 Hopeful Takeaways - An extensible CLI tool that may impact both yourself and your Org - Lessons learned from over a year of becoming a stronger Golang developer
17 Caveats - This is not complete. - Work has been focused on getting good boilerplate - Not all endpoints have been implemented (templates, indices, etc) - This is not intended to replace the SDKs
18 Why esctl? Devs have a lot of SDKs, but Ops doesn’t appear to have anything
1919 We needed an easier way to interact with Elasticsearch as operators of the cluster
20 Intent of esctl 1. Standard endpoints are mocked, with basic config options exposed as flags 2. Extra commands are added based on functions that could be necessary (i.e admin, util)
2121 Inspiration
22
23
24 escli and esctl A brief history of two cli tools
25 escli vs esctl Comparison of metrics Metric escli esctl Language Bash Golang Function implementation Bash functions Subcommands # of commands (Aug 2020) 117 44 New functions Easy to add Tedious Extensibility Difficult Easy Refactorability Difficult Not as difficult Barrier to entry Easy Difficult
26 Getting Started Demo Overview of Demo Environment 1 2 3 4 Overview of local cluster init script Overview of Kubernetes manifests Demo of commands and features
27 Homelab Architecture
28
29 On Command Structure - Elasticsearch api structure is very different to that of Kubernetes - Format in v0.1.4 is esctl <endpoint/resource> <function> - Format in Kubectl is kubectl <function> <endpoint/resource>
30 Command Structure Comparison pt. 1 kubectl vs. esctl - Similarities CLI Tool Command Function Resource kubectl kubectl get nodes Get Nodes esctl esctl cat nodes Get Nodes
31 Command Structure Comparison pt. 2 kubectl vs. esctl - Differences CLI Tool Command Function Resource kubectl kubectl get ns Get Namespaces esctl esctl index get Get Indices (Yes, I am comparing namespaces to shards. Feel free to discuss offline)
32 Command Structure Comparison pt. 3 kubectl vs. esctl - the Justification The endpoint behind commands like esctl cat nodes is /_cat/nodes. By mocking functions after their API syntax, there is no mental translation tax needed to move to/from esctl and the REST API
33 Proudly Built on go-elasticsearch SDK Elasticsearch SDK, mostly written by Karel Minarik from Elastic Defines api endpoint options as struct fields Allows client initialization Located at https://github.com/elastic/go-elasticsearch
34
35 esctl Extensibility Examples - Showing Inactive Watchers Problem: Watchers not currently active (read: disabled) need to be listed Solution: - Get all watchers (SearchRequest on .watches index) - Filter to desired activity state - Return output (esutil helper function)
36 esctl Extensibility Examples - Getting Search Metrics Problem: User queries need to be validated before a DeleteByQuery is run Solution: • Take a query • Merge a known aggregation definition to that query • Execute that query (SearchRequest) • Return output (esutil helper function)
37 esctl Extensibility Examples - Removing Empty Indices Problem: Empty indices created by ILM policies cause disk utilization inbalances Solution: - Get a list of all indices (IndicesGetRequest) - Filter to indices containing 0 documents - Delete those indices (IndicesDeleteRequest)
3838 Still Not Sold? esctl api <HTTP verb> endpoint
39 Lessons Learned - Writing a CLI tool isn’t easy - Design should come before writing code to avoid a large number of refactors - Reading documentation thoroughly before using imported code is extremely valuable - This CLI tool continues to be a great learning opportunity for me
40 Overall, building this CLI tool was a painful experience; but, if it was painless, I would be a Java dev instead of a Golang dev Me, just now
41 Future Improvements - Add documentation - Discuss command structure - Need a logo - Codegen?
42 What I Need from YOU! - Use it - File bugs and RFEs
4343 Questions?
4444 https://www.linkedin.com/in/jeff-moore-k8s https://github.com/geoffmore Reach Out!
4545 Thanks!

Recommended

Monitoring Your ISP Using InfluxDB Cloud and Raspberry Pi
Monitoring Your ISP Using InfluxDB Cloud and Raspberry PiMonitoring Your ISP Using InfluxDB Cloud and Raspberry Pi
Monitoring Your ISP Using InfluxDB Cloud and Raspberry PiInfluxData
 
Flux and InfluxDB 2.0 by Paul Dix
Flux and InfluxDB 2.0 by Paul DixFlux and InfluxDB 2.0 by Paul Dix
Flux and InfluxDB 2.0 by Paul DixInfluxData
 
05 pig user defined functions (udfs)
05 pig user defined functions (udfs)05 pig user defined functions (udfs)
05 pig user defined functions (udfs)Subhas Kumar Ghosh
 
RxJS Evolved
RxJS EvolvedRxJS Evolved
RxJS Evolvedtrxcllnt
 
Transducers in JavaScript
Transducers in JavaScriptTransducers in JavaScript
Transducers in JavaScriptPavel Forkert
 
Using Grafana with InfluxDB 2.0 and Flux Lang by Jacob Lisi
Using Grafana with InfluxDB 2.0 and Flux Lang by Jacob LisiUsing Grafana with InfluxDB 2.0 and Flux Lang by Jacob Lisi
Using Grafana with InfluxDB 2.0 and Flux Lang by Jacob LisiInfluxData
 
Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...
Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...
Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...InfluxData
 
Time Series Meetup: Virtual Edition | July 2020
Time Series Meetup: Virtual Edition | July 2020Time Series Meetup: Virtual Edition | July 2020
Time Series Meetup: Virtual Edition | July 2020InfluxData
 

Recommended

Monitoring Your ISP Using InfluxDB Cloud and Raspberry Pi
Monitoring Your ISP Using InfluxDB Cloud and Raspberry PiMonitoring Your ISP Using InfluxDB Cloud and Raspberry Pi
Monitoring Your ISP Using InfluxDB Cloud and Raspberry PiInfluxData
 
Flux and InfluxDB 2.0 by Paul Dix
Flux and InfluxDB 2.0 by Paul DixFlux and InfluxDB 2.0 by Paul Dix
Flux and InfluxDB 2.0 by Paul DixInfluxData
 
05 pig user defined functions (udfs)
05 pig user defined functions (udfs)05 pig user defined functions (udfs)
05 pig user defined functions (udfs)Subhas Kumar Ghosh
 
RxJS Evolved
RxJS EvolvedRxJS Evolved
RxJS Evolvedtrxcllnt
 
Transducers in JavaScript
Transducers in JavaScriptTransducers in JavaScript
Transducers in JavaScriptPavel Forkert
 
Using Grafana with InfluxDB 2.0 and Flux Lang by Jacob Lisi
Using Grafana with InfluxDB 2.0 and Flux Lang by Jacob LisiUsing Grafana with InfluxDB 2.0 and Flux Lang by Jacob Lisi
Using Grafana with InfluxDB 2.0 and Flux Lang by Jacob LisiInfluxData
 
Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...
Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...
Barbara Nelson [InfluxData] | How Can I Put That Dashboard in My App? | Influ...InfluxData
 
Time Series Meetup: Virtual Edition | July 2020
Time Series Meetup: Virtual Edition | July 2020Time Series Meetup: Virtual Edition | July 2020
Time Series Meetup: Virtual Edition | July 2020InfluxData
 
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...InfluxData
 
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...InfluxData
 
Writing Hadoop Jobs in Scala using Scalding
Writing Hadoop Jobs in Scala using ScaldingWriting Hadoop Jobs in Scala using Scalding
Writing Hadoop Jobs in Scala using ScaldingToni Cebrián
 
Sorter
SorterSorter
SorterThomas Knudstrup
 
Flux and InfluxDB 2.0
Flux and InfluxDB 2.0Flux and InfluxDB 2.0
Flux and InfluxDB 2.0InfluxData
 
HTTP APIs as first class procedures in your language: cutting out SDK complex...
HTTP APIs as first class procedures in your language: cutting out SDK complex...HTTP APIs as first class procedures in your language: cutting out SDK complex...
HTTP APIs as first class procedures in your language: cutting out SDK complex...ProgrammableWeb
 
Scalding
ScaldingScalding
ScaldingMario Pastorelli
 
Optimizing the Grafana Platform for Flux
Optimizing the Grafana Platform for FluxOptimizing the Grafana Platform for Flux
Optimizing the Grafana Platform for FluxInfluxData
 
Spark 4th Meetup Londond - Building a Product with Spark
Spark 4th Meetup Londond - Building a Product with SparkSpark 4th Meetup Londond - Building a Product with Spark
Spark 4th Meetup Londond - Building a Product with Sparksamthemonad
 
Apache Flink Training: DataSet API Basics
Apache Flink Training: DataSet API BasicsApache Flink Training: DataSet API Basics
Apache Flink Training: DataSet API BasicsFlink Forward
 
Writing Ansible Modules (CLT'19)
Writing Ansible Modules (CLT'19)Writing Ansible Modules (CLT'19)
Writing Ansible Modules (CLT'19)Martin Schütte
 
Wprowadzenie do technologi Big Data i Apache Hadoop
Wprowadzenie do technologi Big Data i Apache HadoopWprowadzenie do technologi Big Data i Apache Hadoop
Wprowadzenie do technologi Big Data i Apache HadoopSages
 
Ordered Record Collection
Ordered Record CollectionOrdered Record Collection
Ordered Record CollectionHadoop User Group
 
Talk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetTalk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetCocoaHeads France
 
Hive Functions Cheat Sheet
Hive Functions Cheat SheetHive Functions Cheat Sheet
Hive Functions Cheat SheetHortonworks
 
Wprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
Wprowadzenie do technologii Big Data / Intro to Big Data EcosystemWprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
Wprowadzenie do technologii Big Data / Intro to Big Data EcosystemSages
 
Amazon elastic map reduce
Amazon elastic map reduceAmazon elastic map reduce
Amazon elastic map reduceOlga Lavrentieva
 
Map kit light
Map kit lightMap kit light
Map kit lightCocoaHeads France
 
Scalding: Twitter's Scala DSL for Hadoop/Cascading
Scalding: Twitter's Scala DSL for Hadoop/CascadingScalding: Twitter's Scala DSL for Hadoop/Cascading
Scalding: Twitter's Scala DSL for Hadoop/Cascadingjohnynek
 
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018Piotr Wikiel
 
Presto anatomy
Presto anatomyPresto anatomy
Presto anatomyDongmin Yu
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기NAVER D2
 

More Related Content

What's hot

Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...InfluxData
 
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...InfluxData
 
Writing Hadoop Jobs in Scala using Scalding
Writing Hadoop Jobs in Scala using ScaldingWriting Hadoop Jobs in Scala using Scalding
Writing Hadoop Jobs in Scala using ScaldingToni Cebrián
 
Flux and InfluxDB 2.0
Flux and InfluxDB 2.0Flux and InfluxDB 2.0
Flux and InfluxDB 2.0InfluxData
 
HTTP APIs as first class procedures in your language: cutting out SDK complex...
HTTP APIs as first class procedures in your language: cutting out SDK complex...HTTP APIs as first class procedures in your language: cutting out SDK complex...
HTTP APIs as first class procedures in your language: cutting out SDK complex...ProgrammableWeb
 
Optimizing the Grafana Platform for Flux
Optimizing the Grafana Platform for FluxOptimizing the Grafana Platform for Flux
Optimizing the Grafana Platform for FluxInfluxData
 
Spark 4th Meetup Londond - Building a Product with Spark
Spark 4th Meetup Londond - Building a Product with SparkSpark 4th Meetup Londond - Building a Product with Spark
Spark 4th Meetup Londond - Building a Product with Sparksamthemonad
 
Apache Flink Training: DataSet API Basics
Apache Flink Training: DataSet API BasicsApache Flink Training: DataSet API Basics
Apache Flink Training: DataSet API BasicsFlink Forward
 
Writing Ansible Modules (CLT'19)
Writing Ansible Modules (CLT'19)Writing Ansible Modules (CLT'19)
Writing Ansible Modules (CLT'19)Martin Schütte
 
Wprowadzenie do technologi Big Data i Apache Hadoop
Wprowadzenie do technologi Big Data i Apache HadoopWprowadzenie do technologi Big Data i Apache Hadoop
Wprowadzenie do technologi Big Data i Apache HadoopSages
 
Talk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetTalk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetCocoaHeads France
 
Hive Functions Cheat Sheet
Hive Functions Cheat SheetHive Functions Cheat Sheet
Hive Functions Cheat SheetHortonworks
 
Wprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
Wprowadzenie do technologii Big Data / Intro to Big Data EcosystemWprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
Wprowadzenie do technologii Big Data / Intro to Big Data EcosystemSages
 
Scalding: Twitter's Scala DSL for Hadoop/Cascading
Scalding: Twitter's Scala DSL for Hadoop/CascadingScalding: Twitter's Scala DSL for Hadoop/Cascading
Scalding: Twitter's Scala DSL for Hadoop/Cascadingjohnynek
 
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018Piotr Wikiel
 

What's hot (20)

Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
Scott Anderson [InfluxData] | InfluxDB Tasks – Beyond Downsampling | InfluxDa...
 
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
Anais Dotis-Georgiou & Faith Chikwekwe [InfluxData] | Top 10 Hurdles for Flux...
 
Writing Hadoop Jobs in Scala using Scalding
Writing Hadoop Jobs in Scala using ScaldingWriting Hadoop Jobs in Scala using Scalding
Writing Hadoop Jobs in Scala using Scalding
 
Sorter
SorterSorter
Sorter
 
Flux and InfluxDB 2.0
Flux and InfluxDB 2.0Flux and InfluxDB 2.0
Flux and InfluxDB 2.0
 
HTTP APIs as first class procedures in your language: cutting out SDK complex...
HTTP APIs as first class procedures in your language: cutting out SDK complex...HTTP APIs as first class procedures in your language: cutting out SDK complex...
HTTP APIs as first class procedures in your language: cutting out SDK complex...
 
Scalding
ScaldingScalding
Scalding
 
Optimizing the Grafana Platform for Flux
Optimizing the Grafana Platform for FluxOptimizing the Grafana Platform for Flux
Optimizing the Grafana Platform for Flux
 
Spark 4th Meetup Londond - Building a Product with Spark
Spark 4th Meetup Londond - Building a Product with SparkSpark 4th Meetup Londond - Building a Product with Spark
Spark 4th Meetup Londond - Building a Product with Spark
 
Apache Flink Training: DataSet API Basics
Apache Flink Training: DataSet API BasicsApache Flink Training: DataSet API Basics
Apache Flink Training: DataSet API Basics
 
Writing Ansible Modules (CLT'19)
Writing Ansible Modules (CLT'19)Writing Ansible Modules (CLT'19)
Writing Ansible Modules (CLT'19)
 
Wprowadzenie do technologi Big Data i Apache Hadoop
Wprowadzenie do technologi Big Data i Apache HadoopWprowadzenie do technologi Big Data i Apache Hadoop
Wprowadzenie do technologi Big Data i Apache Hadoop
 
Ordered Record Collection
Ordered Record CollectionOrdered Record Collection
Ordered Record Collection
 
Talk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetTalk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe Converset
 
Hive Functions Cheat Sheet
Hive Functions Cheat SheetHive Functions Cheat Sheet
Hive Functions Cheat Sheet
 
Wprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
Wprowadzenie do technologii Big Data / Intro to Big Data EcosystemWprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
Wprowadzenie do technologii Big Data / Intro to Big Data Ecosystem
 
Amazon elastic map reduce
Amazon elastic map reduceAmazon elastic map reduce
Amazon elastic map reduce
 
Map kit light
Map kit lightMap kit light
Map kit light
 
Scalding: Twitter's Scala DSL for Hadoop/Cascading
Scalding: Twitter's Scala DSL for Hadoop/CascadingScalding: Twitter's Scala DSL for Hadoop/Cascading
Scalding: Twitter's Scala DSL for Hadoop/Cascading
 
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
Apache beam — promyk nadziei data engineera na Toruń JUG 28.03.2018
 

Similar to Elasticsearch's aggregations &amp; esctl in action or how i built a cli tool to interact with elasticsearch

Presto anatomy
Presto anatomyPresto anatomy
Presto anatomyDongmin Yu
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기NAVER D2
 
Real life-coffeescript
Real life-coffeescriptReal life-coffeescript
Real life-coffeescriptDavid Furber
 
Groovy Introduction - JAX Germany - 2008
Groovy Introduction - JAX Germany - 2008Groovy Introduction - JAX Germany - 2008
Groovy Introduction - JAX Germany - 2008Guillaume Laforge
 
Groovy Ecosystem - JFokus 2011 - Guillaume Laforge
Groovy Ecosystem - JFokus 2011 - Guillaume LaforgeGroovy Ecosystem - JFokus 2011 - Guillaume Laforge
Groovy Ecosystem - JFokus 2011 - Guillaume LaforgeGuillaume Laforge
 
Our challenge for Bulkload reliability improvement
Our challenge for Bulkload reliability improvementOur challenge for Bulkload reliability improvement
Our challenge for Bulkload reliability improvementSatoshi Akama
 
Kotlin boost yourproductivity
Kotlin boost yourproductivityKotlin boost yourproductivity
Kotlin boost yourproductivitynklmish
 
CouchDB Mobile - From Couch to 5K in 1 Hour
CouchDB Mobile - From Couch to 5K in 1 HourCouchDB Mobile - From Couch to 5K in 1 Hour
CouchDB Mobile - From Couch to 5K in 1 HourPeter Friese
 
Choose'10: Ralf Laemmel - Dealing Confortably with the Confusion of Tongues
Choose'10: Ralf Laemmel - Dealing Confortably with the Confusion of TonguesChoose'10: Ralf Laemmel - Dealing Confortably with the Confusion of Tongues
Choose'10: Ralf Laemmel - Dealing Confortably with the Confusion of TonguesCHOOSE
 
What can be done with Java, but should better be done with Erlang (@pavlobaron)
What can be done with Java, but should better be done with Erlang (@pavlobaron)What can be done with Java, but should better be done with Erlang (@pavlobaron)
What can be done with Java, but should better be done with Erlang (@pavlobaron)Pavlo Baron
 
Functional programming using underscorejs
Functional programming using underscorejsFunctional programming using underscorejs
Functional programming using underscorejs偉格 高
 
Porting Applications From Oracle To PostgreSQL
Porting Applications From Oracle To PostgreSQLPorting Applications From Oracle To PostgreSQL
Porting Applications From Oracle To PostgreSQLPeter Eisentraut
 
Go and Uber’s time series database m3
Go and Uber’s time series database m3Go and Uber’s time series database m3
Go and Uber’s time series database m3Rob Skillington
 
A New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKA New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKShu-Jeng Hsieh
 
Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...
Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...
Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...julien.ponge
 
Practical pairing of generative programming with functional programming.
Practical pairing of generative programming with functional programming.Practical pairing of generative programming with functional programming.
Practical pairing of generative programming with functional programming.Eugene Lazutkin
 

Similar to Elasticsearch's aggregations &amp; esctl in action or how i built a cli tool to interact with elasticsearch (20)

Presto anatomy
Presto anatomyPresto anatomy
Presto anatomy
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기
 
Real life-coffeescript
Real life-coffeescriptReal life-coffeescript
Real life-coffeescript
 
Groovy Introduction - JAX Germany - 2008
Groovy Introduction - JAX Germany - 2008Groovy Introduction - JAX Germany - 2008
Groovy Introduction - JAX Germany - 2008
 
Groovy Ecosystem - JFokus 2011 - Guillaume Laforge
Groovy Ecosystem - JFokus 2011 - Guillaume LaforgeGroovy Ecosystem - JFokus 2011 - Guillaume Laforge
Groovy Ecosystem - JFokus 2011 - Guillaume Laforge
 
Es6 hackathon
Es6 hackathonEs6 hackathon
Es6 hackathon
 
Our challenge for Bulkload reliability improvement
Our challenge for Bulkload reliability improvementOur challenge for Bulkload reliability improvement
Our challenge for Bulkload reliability improvement
 
Kotlin boost yourproductivity
Kotlin boost yourproductivityKotlin boost yourproductivity
Kotlin boost yourproductivity
 
ES6: The Awesome Parts
ES6: The Awesome PartsES6: The Awesome Parts
ES6: The Awesome Parts
 
Lambdas puzzler - Peter Lawrey
Lambdas puzzler - Peter LawreyLambdas puzzler - Peter Lawrey
Lambdas puzzler - Peter Lawrey
 
CouchDB Mobile - From Couch to 5K in 1 Hour
CouchDB Mobile - From Couch to 5K in 1 HourCouchDB Mobile - From Couch to 5K in 1 Hour
CouchDB Mobile - From Couch to 5K in 1 Hour
 
Choose'10: Ralf Laemmel - Dealing Confortably with the Confusion of Tongues
Choose'10: Ralf Laemmel - Dealing Confortably with the Confusion of TonguesChoose'10: Ralf Laemmel - Dealing Confortably with the Confusion of Tongues
Choose'10: Ralf Laemmel - Dealing Confortably with the Confusion of Tongues
 
What can be done with Java, but should better be done with Erlang (@pavlobaron)
What can be done with Java, but should better be done with Erlang (@pavlobaron)What can be done with Java, but should better be done with Erlang (@pavlobaron)
What can be done with Java, but should better be done with Erlang (@pavlobaron)
 
Functional programming using underscorejs
Functional programming using underscorejsFunctional programming using underscorejs
Functional programming using underscorejs
 
Porting Applications From Oracle To PostgreSQL
Porting Applications From Oracle To PostgreSQLPorting Applications From Oracle To PostgreSQL
Porting Applications From Oracle To PostgreSQL
 
Hadoop ecosystem
Hadoop ecosystemHadoop ecosystem
Hadoop ecosystem
 
Go and Uber’s time series database m3
Go and Uber’s time series database m3Go and Uber’s time series database m3
Go and Uber’s time series database m3
 
A New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKA New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDK
 
Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...
Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...
Java 7 Launch Event at LyonJUG, Lyon France. Fork / Join framework and Projec...
 
Practical pairing of generative programming with functional programming.
Practical pairing of generative programming with functional programming.Practical pairing of generative programming with functional programming.
Practical pairing of generative programming with functional programming.
 

More from FaithWestdorp

Using Elastiknn for exact and approximate nearest neighbor search
Using Elastiknn for exact and approximate nearest neighbor searchUsing Elastiknn for exact and approximate nearest neighbor search
Using Elastiknn for exact and approximate nearest neighbor searchFaithWestdorp
 
Observability from the Home
Observability from the HomeObservability from the Home
Observability from the HomeFaithWestdorp
 
Elasticsearch Goes to Congress
Elasticsearch Goes to CongressElasticsearch Goes to Congress
Elasticsearch Goes to CongressFaithWestdorp
 
Eliminate your zombie technology ray myers - 11-5-2020
Eliminate your zombie technology ray myers - 11-5-2020Eliminate your zombie technology ray myers - 11-5-2020
Eliminate your zombie technology ray myers - 11-5-2020FaithWestdorp
 
Mejorando las busquedas en nuestras aplicaciones web con elasticsearch
Mejorando las busquedas en nuestras aplicaciones web con elasticsearchMejorando las busquedas en nuestras aplicaciones web con elasticsearch
Mejorando las busquedas en nuestras aplicaciones web con elasticsearchFaithWestdorp
 
Evolving with Elastic: GetSet Learning
Evolving with Elastic: GetSet LearningEvolving with Elastic: GetSet Learning
Evolving with Elastic: GetSet LearningFaithWestdorp
 
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsEmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsFaithWestdorp
 
Examining OpenData with a Search Index using Elasticsearch
Examining OpenData with a Search Index using ElasticsearchExamining OpenData with a Search Index using Elasticsearch
Examining OpenData with a Search Index using ElasticsearchFaithWestdorp
 
From the trenches: scaling a large log management deployment
From the trenches: scaling a large log management deploymentFrom the trenches: scaling a large log management deployment
From the trenches: scaling a large log management deploymentFaithWestdorp
 
Logstash and Maxmind: not just for GEOIP anymore
Logstash and Maxmind: not just for GEOIP anymoreLogstash and Maxmind: not just for GEOIP anymore
Logstash and Maxmind: not just for GEOIP anymoreFaithWestdorp
 
Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex...
Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex... Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex...
Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex...FaithWestdorp
 
Introduction to machine learning using Elastic
Introduction to machine learning using ElasticIntroduction to machine learning using Elastic
Introduction to machine learning using ElasticFaithWestdorp
 
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...FaithWestdorp
 
Elastic Observability
Elastic Observability Elastic Observability
Elastic Observability FaithWestdorp
 
Threat hunting with Elastic APM
Threat hunting with Elastic APMThreat hunting with Elastic APM
Threat hunting with Elastic APMFaithWestdorp
 
Guide to Data Visualization in Kibana
Guide to Data Visualization in KibanaGuide to Data Visualization in Kibana
Guide to Data Visualization in KibanaFaithWestdorp
 
Elastic's recommendation on keeping services up and running with real-time vi...
Elastic's recommendation on keeping services up and running with real-time vi...Elastic's recommendation on keeping services up and running with real-time vi...
Elastic's recommendation on keeping services up and running with real-time vi...FaithWestdorp
 
Esctl in action elastic user group presentation aug 25 2020
Esctl in action elastic user group presentation aug 25 2020Esctl in action elastic user group presentation aug 25 2020
Esctl in action elastic user group presentation aug 25 2020FaithWestdorp
 

More from FaithWestdorp (18)

Using Elastiknn for exact and approximate nearest neighbor search
Using Elastiknn for exact and approximate nearest neighbor searchUsing Elastiknn for exact and approximate nearest neighbor search
Using Elastiknn for exact and approximate nearest neighbor search
 
Observability from the Home
Observability from the HomeObservability from the Home
Observability from the Home
 
Elasticsearch Goes to Congress
Elasticsearch Goes to CongressElasticsearch Goes to Congress
Elasticsearch Goes to Congress
 
Eliminate your zombie technology ray myers - 11-5-2020
Eliminate your zombie technology ray myers - 11-5-2020Eliminate your zombie technology ray myers - 11-5-2020
Eliminate your zombie technology ray myers - 11-5-2020
 
Mejorando las busquedas en nuestras aplicaciones web con elasticsearch
Mejorando las busquedas en nuestras aplicaciones web con elasticsearchMejorando las busquedas en nuestras aplicaciones web con elasticsearch
Mejorando las busquedas en nuestras aplicaciones web con elasticsearch
 
Evolving with Elastic: GetSet Learning
Evolving with Elastic: GetSet LearningEvolving with Elastic: GetSet Learning
Evolving with Elastic: GetSet Learning
 
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash PluginsEmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
 
Examining OpenData with a Search Index using Elasticsearch
Examining OpenData with a Search Index using ElasticsearchExamining OpenData with a Search Index using Elasticsearch
Examining OpenData with a Search Index using Elasticsearch
 
From the trenches: scaling a large log management deployment
From the trenches: scaling a large log management deploymentFrom the trenches: scaling a large log management deployment
From the trenches: scaling a large log management deployment
 
Logstash and Maxmind: not just for GEOIP anymore
Logstash and Maxmind: not just for GEOIP anymoreLogstash and Maxmind: not just for GEOIP anymore
Logstash and Maxmind: not just for GEOIP anymore
 
Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex...
Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex... Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex...
Searching for NLP: Using Elasticsearch to Create MVPs of NLP-enabled User Ex...
 
Introduction to machine learning using Elastic
Introduction to machine learning using ElasticIntroduction to machine learning using Elastic
Introduction to machine learning using Elastic
 
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
 
Elastic Observability
Elastic Observability Elastic Observability
Elastic Observability
 
Threat hunting with Elastic APM
Threat hunting with Elastic APMThreat hunting with Elastic APM
Threat hunting with Elastic APM
 
Guide to Data Visualization in Kibana
Guide to Data Visualization in KibanaGuide to Data Visualization in Kibana
Guide to Data Visualization in Kibana
 
Elastic's recommendation on keeping services up and running with real-time vi...
Elastic's recommendation on keeping services up and running with real-time vi...Elastic's recommendation on keeping services up and running with real-time vi...
Elastic's recommendation on keeping services up and running with real-time vi...
 
Esctl in action elastic user group presentation aug 25 2020
Esctl in action elastic user group presentation aug 25 2020Esctl in action elastic user group presentation aug 25 2020
Esctl in action elastic user group presentation aug 25 2020
 

Recently uploaded

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Recently uploaded (20)

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Elasticsearch's aggregations &amp; esctl in action or how i built a cli tool to interact with elasticsearch

  • 2. 2 Sum POST /test/_doc {"foo": 1} POST /test/_doc {"foo": 2} POST /test/_doc {"foo": 3} POST /test/_doc {"foo": 4} POST /test/_doc {"foo": 5} POST /test/_refresh POST /test/_search { "size": 0, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } ==== 15 As simple as possible class SumAggregator implements Aggregator { final DocValues vals; double sum; SumAggregator(Context ctx) { vals = ctx.docValues("foo"); } @Override void collect(int docId) { if (false == vals.advanceExact(docId)) continue; sum += vals.nextValue(); } @Override SumResult result() { return new SumResult(sum); } }
  • 3. 3 Sum POST /test/_doc {"foo": 1} POST /test/_doc {"foo": 2} POST /test/_doc {"foo": 3} POST /test/_doc {"foo": 4} POST /test/_doc {"foo": 5} POST /test/_refresh POST /test/_search { "size": 0, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } ==== 15 As simple as possible class SumAggregator implements Aggregator { final DocValues vals; double sum; SumAggregator(Context ctx) { vals = = ctx.docValues("foo"); } @Override void collect(int docId) { if (false == vals.advanceExact(docId) continue; sum += vals.nextValue(); } @Override SumResult result() { return new SumResult(sum); } }
  • 4. 4 Sum POST /test/_doc {"foo": 1} POST /test/_refresh POST /test/_doc {"foo": 2} POST /test/_doc {"foo": 3} POST /test/_refresh POST /test/_doc {"foo": 4} POST /test/_doc {"foo": 5} POST /test/_refresh POST /test/_search { "size": 0, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } ==== 15 Less lying class SumAggregator implements Aggregator { double sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues("foo"); return docId -> { if (false == vals.advanceExact(docId) continue; sum += vals.nextValue(); }; } @Override SumResult result() { return new SumResult(sum); } }
  • 5. 5 Date Histogram POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Buckets! class DateHistoAggregator implements Aggregator { private final Aggregator child; private final LongKeyedBucketOrds ords; @Override LeafCollector leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues("t"); LeafCollector childLeaf = child.leafCollector(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; long rounded = round(vals.nextValue()); long childOrd = ords.find(ord, rounded); childLeaf.collect(childOrd, docId); }; } }
  • 6. 6 Sum POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Minimal lying class SumAggregator implements Aggregator { double[] sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; if (sum.length >= ord) { sum = grow(sum, ord + 1); } sum[ord] += vals.nextValue(); }; } @Override SumResult result(long ord) { return new SumResult(sum[ord]); } }
  • 8. 8 Grow double[] grow(double[] old, int target) { int extra = min(3, target >> 3); int newSize = target + extra; return Arrays.copyOf(old, newSize); } Oversizing to asymptotically remove allocations class SumAggregator implements Aggregator { double[] sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; if (sum.length >= ord) { sum = grow(sum, ord + 1); } sum[ord] += vals.nextValue(); }; } @Override SumResult result(long ord) { return new SumResult(sum[ord]); } }
  • 9. 9 DocValues POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Just one please class SumAggregator implements Aggregator { double[] sum; @Override void leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; if (sum.length >= ord) { sum = grow(sum, ord + 1); } sum[ord] += vals.nextValue(); }; } @Override SumResult result(long ord) { return new SumResult(sum[ord]); } }
  • 10. 10 Check out this hashtable POST /test/_doc {"t":"2020-08-20","foo": 1} POST /test/_doc {"t":"2020-08-20","foo": 2} POST /test/_doc {"t":"2020-08-21","foo": 3} POST /test/_doc {"t":"2020-08-21","foo": 4} POST /test/_doc {"t":"2020-08-21","foo": 5} POST /test/_search { "size": 0, "aggs": { "days": { "date_histogram": { "field": "t", "calendar_interval": "days" }, "aggs": { "sum_foo": { "sum": { "field": "foo" } } } } } } ==== { "2020-08-20": 3, "2020-08-21": 12 } Brains?! class DateHistoAggregator implements Aggregator { private final Aggregator child; private final LongKeyedBucketOrds ords; @Override LeafCollector leafCollector(LeafReaderContext ctx) { DocValues vals = ctx.docValues("t"); LeafCollector childLeaf = child.leafCollector(ctx); return (ord, docId) -> { if (false == vals.advanceExact(docId) continue; long rounded = round(vals.nextValue()); long childOrd = ords.find(ord, rounded); childLeaf.collect(childOrd, docId); }; } }
  • 13. 13 Jeff Moore 08/25/20, Systems Engineer, Bandwidth esctl in Action or How I Built a CLI tool to Interact with Elasticsearch
  • 14. 14 About this presentation It was fairly difficult deciding between catering towards Devs or Ops. In the end, I decided to side with the Ops side of the house. Based on audience request, I will go into the code in depth - or that can be the topic of a later talk. Feel free to stop me at any point* so we can discuss this utility - however, suggestions are encouraged to be held until the end of the slide deck
  • 16. 16 Hopeful Takeaways - An extensible CLI tool that may impact both yourself and your Org - Lessons learned from over a year of becoming a stronger Golang developer
  • 17. 17 Caveats - This is not complete. - Work has been focused on getting good boilerplate - Not all endpoints have been implemented (templates, indices, etc) - This is not intended to replace the SDKs
  • 18. 18 Why esctl? Devs have a lot of SDKs, but Ops doesn’t appear to have anything
  • 19. 1919 We needed an easier way to interact with Elasticsearch as operators of the cluster
  • 20. 20 Intent of esctl 1. Standard endpoints are mocked, with basic config options exposed as flags 2. Extra commands are added based on functions that could be necessary (i.e admin, util)
  • 22. 22
  • 23. 23
  • 24. 24 escli and esctl A brief history of two cli tools
  • 25. 25 escli vs esctl Comparison of metrics Metric escli esctl Language Bash Golang Function implementation Bash functions Subcommands # of commands (Aug 2020) 117 44 New functions Easy to add Tedious Extensibility Difficult Easy Refactorability Difficult Not as difficult Barrier to entry Easy Difficult
  • 26. 26 Getting Started Demo Overview of Demo Environment 1 2 3 4 Overview of local cluster init script Overview of Kubernetes manifests Demo of commands and features
  • 28. 28
  • 29. 29 On Command Structure - Elasticsearch api structure is very different to that of Kubernetes - Format in v0.1.4 is esctl <endpoint/resource> <function> - Format in Kubectl is kubectl <function> <endpoint/resource>
  • 30. 30 Command Structure Comparison pt. 1 kubectl vs. esctl - Similarities CLI Tool Command Function Resource kubectl kubectl get nodes Get Nodes esctl esctl cat nodes Get Nodes
  • 31. 31 Command Structure Comparison pt. 2 kubectl vs. esctl - Differences CLI Tool Command Function Resource kubectl kubectl get ns Get Namespaces esctl esctl index get Get Indices (Yes, I am comparing namespaces to shards. Feel free to discuss offline)
  • 32. 32 Command Structure Comparison pt. 3 kubectl vs. esctl - the Justification The endpoint behind commands like esctl cat nodes is /_cat/nodes. By mocking functions after their API syntax, there is no mental translation tax needed to move to/from esctl and the REST API
  • 33. 33 Proudly Built on go-elasticsearch SDK Elasticsearch SDK, mostly written by Karel Minarik from Elastic Defines api endpoint options as struct fields Allows client initialization Located at https://github.com/elastic/go-elasticsearch
  • 34. 34
  • 35. 35 esctl Extensibility Examples - Showing Inactive Watchers Problem: Watchers not currently active (read: disabled) need to be listed Solution: - Get all watchers (SearchRequest on .watches index) - Filter to desired activity state - Return output (esutil helper function)
  • 36. 36 esctl Extensibility Examples - Getting Search Metrics Problem: User queries need to be validated before a DeleteByQuery is run Solution: • Take a query • Merge a known aggregation definition to that query • Execute that query (SearchRequest) • Return output (esutil helper function)
  • 37. 37 esctl Extensibility Examples - Removing Empty Indices Problem: Empty indices created by ILM policies cause disk utilization inbalances Solution: - Get a list of all indices (IndicesGetRequest) - Filter to indices containing 0 documents - Delete those indices (IndicesDeleteRequest)
  • 38. 3838 Still Not Sold? esctl api <HTTP verb> endpoint
  • 39. 39 Lessons Learned - Writing a CLI tool isn’t easy - Design should come before writing code to avoid a large number of refactors - Reading documentation thoroughly before using imported code is extremely valuable - This CLI tool continues to be a great learning opportunity for me
  • 40. 40 Overall, building this CLI tool was a painful experience; but, if it was painless, I would be a Java dev instead of a Golang dev Me, just now
  • 41. 41 Future Improvements - Add documentation - Discuss command structure - Need a logo - Codegen?
  • 42. 42 What I Need from YOU! - Use it - File bugs and RFEs