The document discusses the implementation of the Elastic Stack to enhance infrastructure agility, flexibility, and efficiency. Key takeaways include the complexities of managing a self-hosted Elasticsearch cluster, the importance of automation in maintenance, and the benefits of centralized logging and monitoring. Additionally, it highlights the successful open-sourcing of their own Helm chart and discusses various cases for improved user experience and cost optimization.

1. 1
Michael Lorant
Principal Systems Engineer
Nine
Embracing the Elastic
stack to solve the
challenges of modern
infrastructure

2. 2

3. 3

4. 4
Our Goals
Agility
Flexibility
Efficiency

5. 5
The Platform

6. 6
The Architecture
Internet
CDN
render-web api-front
api-content
Reader
Journalist
cms-auth

7. 7
What We Needed
Application Search Analytics Centralised Logging

8. 8
What We Built
Application Search Analytics Centralised Logging

9. 9
Centralised Logging

10. 10
The Components

11. 11

12. 12
What Is Interesting
Containerised
Our own Helm chart which we open sourced.
https://github.com/fairfaxmedia/charts/tree/master/stable/elasticsearch

13. 13
What Is Interesting
Optimised
High performance / Cost effective
Densely stacked

14. 14
What Is Interesting
Upstream Compatibility
Upgrading will be time
consuming if you derive too far
from the base image.

15. 15
What Is Interesting
Automation
Upgrading and patching is
important.
If you have to make changes, it will
require significant effort without
automation.

16. 16

17. 17

18. 18

19. 19
What We Learned
Network Intensive

20. 20
What We Learned
Network Intensive

21. 21
What We Learned
Node Maintenance
Understand how to replace data nodes without causing unnecessary
replication.
index.unassigned.node_left.delayed_timeout
/_flush/synced
https://www.elastic.co/guide/en/elasticsearch/reference/current/delayed-allocation.html

22. 22
What We Learned
Challenging
Running your own Elasticsearch
cluster at scale is complex.
Who will own it?
Who will maintain it?
Who will update it?

23. 23

24. 24
What Is Interesting
Single Purpose
Many smaller pipelines.

25. 25
What Is Interesting
Loosely Coupled

26. 26
What We Learned
Resource Intensive

27. 27
What We Learned
Schema Complexity
dots.in.keys (╯°□°）╯︵ ┻━┻

28. 28

29. 29
What Is Interesting
Metricbeat Filebeat APM

30. 30
What We Learned
Architect Similar To Logstash
Adding modules such as AWS Kinesis output is easy.
https://github.com/s12v/awsbeats

31. 31
What We Learned
Easy To Implement
Helm charts well maintained and consistent.
Most of the configuration you use for one beat can be used for all the
others.

32. 32

33. 33
What Is Interesting
Spaces

34. 34
What Is Interesting
Centralised
Monitoring

35. 35
What Is Interesting
Centralised
Monitoring

36. 36
What We Learned
Developers see Kibana as Elasticsearch
=

37. 37

38. 38
Case 1: Troubleshooting
Are we able to identify
requests to pages that don’t
exist on the SMH?

39. 39

40. 40

41. 41

42. 42
Case 2: Cost
Is our CDN optimally
configured for the SMH
and AFR to improve user
experience and keep costs
low?

43. 43

44. 44

45. 45

46. 46

47. 47
Case 3: Visibility
Are we able to spot
problems with SMH or
The Age before they
impact users?

48. 48

49. 49
Case 4: Analytics
Are Canberra Times users
in Sydney or Melbourne
using the site to get
around the paywall?

50. 50

51. 51
Thanks