WARNING: Version 5.6 of Elasticsearch has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Node
editNode
editAny time that you start an instance of Elasticsearch, you are starting a node. A collection of connected nodes is called a cluster. If you are running a single node of Elasticsearch, then you have a cluster of one node.
Every node in the cluster can handle HTTP and
Transport traffic by default. The transport layer
is used exclusively for communication between nodes and the
Java TransportClient; the HTTP layer is
used only by external REST clients.
All nodes know about all the other nodes in the cluster and can forward client requests to the appropriate node. Besides that, each node serves one or more purpose:
- Master-eligible node
-
A node that has
node.masterset totrue(default), which makes it eligible to be elected as the master node, which controls the cluster. - Data node
-
A node that has
node.dataset totrue(default). Data nodes hold data and perform data related operations such as CRUD, search, and aggregations. - Ingest node
-
A node that has
node.ingestset totrue(default). Ingest nodes are able to apply an ingest pipeline to a document in order to transform and enrich the document before indexing. With a heavy ingest load, it makes sense to use dedicated ingest nodes and to mark the master and data nodes asnode.ingest: false. - Tribe node
-
A tribe node, configured via the
tribe.*settings, is a special type of coordinating only node that can connect to multiple clusters and perform search and other operations across all connected clusters.
By default a node is a master-eligible node and a data node, plus it can pre-process documents through ingest pipelines. This is very convenient for small clusters but, as the cluster grows, it becomes important to consider separating dedicated master-eligible nodes from dedicated data nodes.
Requests like search requests or bulk-indexing requests may involve data held on different data nodes. A search request, for example, is executed in two phases which are coordinated by the node which receives the client request — the coordinating node.
In the scatter phase, the coordinating node forwards the request to the data nodes which hold the data. Each data node executes the request locally and returns its results to the coordinating node. In the gather phase, the coordinating node reduces each data node’s results into a single global resultset.
Every node is implicitly a coordinating node. This means that a node that has
all three node.master, node.data and node.ingest set to false will
only act as a coordinating node, which cannot be disabled. As a result, such
a node needs to have enough memory and CPU in order to deal with the gather
phase.
Master Eligible Node
editThe master node is responsible for lightweight cluster-wide actions such as creating or deleting an index, tracking which nodes are part of the cluster, and deciding which shards to allocate to which nodes. It is important for cluster health to have a stable master node.
Any master-eligible node (all nodes by default) may be elected to become the master node by the master election process.
Master nodes must have access to the data/ directory (just like
data nodes) as this is where the cluster state is persisted between node restarts.
Indexing and searching your data is CPU-, memory-, and I/O-intensive work which can put pressure on a node’s resources. To ensure that your master node is stable and not under pressure, it is a good idea in a bigger cluster to split the roles between dedicated master-eligible nodes and dedicated data nodes.
While master nodes can also behave as coordinating nodes and route search and indexing requests from clients to data nodes, it is better not to use dedicated master nodes for this purpose. It is important for the stability of the cluster that master-eligible nodes do as little work as possible.
To create a dedicated master-eligible node, set:
|
The |
|
|
Disable the |
|
|
Disable the |
These settings apply only when X-Pack is not installed. To create a dedicated master-eligible node when X-Pack is installed, see X-Pack node settings.
Avoiding split brain with minimum_master_nodes
editTo prevent data loss, it is vital to configure the
discovery.zen.minimum_master_nodes setting (which defaults to 1) so that
each master-eligible node knows the minimum number of master-eligible nodes
that must be visible in order to form a cluster.
To explain, imagine that you have a cluster consisting of two master-eligible
nodes. A network failure breaks communication between these two nodes. Each
node sees one master-eligible node… itself. With minimum_master_nodes set
to the default of 1, this is sufficient to form a cluster. Each node elects
itself as the new master (thinking that the other master-eligible node has
died) and the result is two clusters, or a split brain. These two nodes
will never rejoin until one node is restarted. Any data that has been written
to the restarted node will be lost.
Now imagine that you have a cluster with three master-eligible nodes, and
minimum_master_nodes set to 2. If a network split separates one node from
the other two nodes, the side with one node cannot see enough master-eligible
nodes and will realise that it cannot elect itself as master. The side with
two nodes will elect a new master (if needed) and continue functioning
correctly. As soon as the network split is resolved, the single node will
rejoin the cluster and start serving requests again.
This setting should be set to a quorum of master-eligible nodes:
(master_eligible_nodes / 2) + 1
In other words, if there are three master-eligible nodes, then minimum master
nodes should be set to (3 / 2) + 1 or 2:
To be able to remain available when one of the master-eligible nodes fails,
clusters should have at least three master-eligible nodes, with
minimum_master_nodes set accordingly. A rolling upgrade,
performed without any downtime, also requires at least three master-eligible
nodes to avoid the possibility of data loss if a network split occurs while the
upgrade is in progress.
This setting can also be changed dynamically on a live cluster with the cluster update settings API:
PUT _cluster/settings
{
"transient": {
"discovery.zen.minimum_master_nodes": 2
}
}
An advantage of splitting the master and data roles between dedicated
nodes is that you can have just three master-eligible nodes and set
minimum_master_nodes to 2. You never have to change this setting, no
matter how many dedicated data nodes you add to the cluster.
Data Node
editData nodes hold the shards that contain the documents you have indexed. Data nodes handle data related operations like CRUD, search, and aggregations. These operations are I/O-, memory-, and CPU-intensive. It is important to monitor these resources and to add more data nodes if they are overloaded.
The main benefit of having dedicated data nodes is the separation of the master and data roles.
To create a dedicated data node, set:
|
Disable the |
|
|
The |
|
|
Disable the |
These settings apply only when X-Pack is not installed. To create a dedicated data node when X-Pack is installed, see X-Pack node settings.
Ingest Node
editIngest nodes can execute pre-processing pipelines, composed of one or more ingest processors. Depending on the type of operations performed by the ingest processors and the required resources, it may make sense to have dedicated ingest nodes, that will only perform this specific task.
To create a dedicated ingest node, set:
|
Disable the |
|
|
Disable the |
|
|
The |
|
|
Disable cross-cluster search (enabled by default). |
These settings apply only when X-Pack is not installed. To create a dedicated ingest node when X-Pack is installed, see X-Pack node settings.
Coordinating only node
editIf you take away the ability to be able to handle master duties, to hold data, and pre-process documents, then you are left with a coordinating node that can only route requests, handle the search reduce phase, and distribute bulk indexing. Essentially, coordinating only nodes behave as smart load balancers.
Coordinating only nodes can benefit large clusters by offloading the coordinating node role from data and master-eligible nodes. They join the cluster and receive the full cluster state, like every other node, and they use the cluster state to route requests directly to the appropriate place(s).
Adding too many coordinating only nodes to a cluster can increase the burden on the entire cluster because the elected master node must await acknowledgement of cluster state updates from every node! The benefit of coordinating only nodes should not be overstated — data nodes can happily serve the same purpose.
To create a dedicated coordinating node, set:
|
Disable the |
|
|
Disable the |
|
|
Disable the |
|
|
Disable cross-cluster search (enabled by default). |
These settings apply only when X-Pack is not installed. To create a dedicated coordinating node when X-Pack is installed, see X-Pack node settings.
Node data path settings
editpath.data
editEvery data and master-eligible node requires access to a data directory where
shards and index and cluster metadata will be stored. The path.data defaults
to $ES_HOME/data but can be configured in the elasticsearch.yml config
file an absolute path or a path relative to $ES_HOME as follows:
path.data: /var/elasticsearch/data
Like all node settings, it can also be specified on the command line as:
./bin/elasticsearch -Epath.data=/var/elasticsearch/data
When using the .zip or .tar.gz distributions, the path.data setting
should be configured to locate the data directory outside the Elasticsearch
home directory, so that the home directory can be deleted without deleting
your data! The RPM and Debian distributions do this for you already.
node.max_local_storage_nodes
editThe data path can be shared by multiple nodes, even by nodes from different clusters. This is very useful for testing failover and different configurations on your development machine. In production, however, it is recommended to run only one node of Elasticsearch per server.
By default, Elasticsearch is configured to prevent more than one node from sharing the same data
path. To allow for more than one node (e.g., on your development machine), use the setting
node.max_local_storage_nodes and set this to a positive integer larger than one.
Never run different node types (i.e. master, data) from the same data directory. This can lead to unexpected data loss.
Other node settings
editMore node settings can be found in Modules. Of particular note are
the cluster.name, the node.name and the
network settings.
If X-Pack is installed, there is an additional node type:
- Machine learning node
-
A node that has
xpack.ml.enabledandnode.mlset totrue, which is the default behavior when X-Pack is installed. If you want to use X-Pack machine learning features, there must be at least one machine learning node in your cluster. For more information about X-Pack machine learning features, see Machine Learning in the Elastic Stack.
Do not set use the node.ml setting unless X-Pack is installed.
Otherwise, the node fails to start.
If X-Pack is installed, nodes are master-eligible, data, ingest, and machine learning nodes by default. As the cluster grows and in particular if you have large machine learning jobs, consider separating dedicated master-eligible nodes from dedicated data nodes and dedicated machine learning nodes.
To create a dedicated master-eligible node when X-Pack is installed, set:
|
The |
|
|
Disable the |
|
|
Disable the |
|
|
Disable the |
|
|
The |
To create a dedicated data node when X-Pack is installed, set:
|
Disable the |
|
|
The |
|
|
Disable the |
|
|
Disable the |
To create a dedicated ingest node when X-Pack is installed, set:
|
Disable the |
|
|
Disable the |
|
|
The |
|
|
Disable cross-cluster search (enabled by default). |
|
|
Disable the |
To create a dedicated coordinating node when X-Pack is installed, set:
|
Disable the |
|
|
Disable the |
|
|
Disable the |
|
|
Disable cross-cluster search (enabled by default). |
|
|
Disable the |
The X-Pack machine learning features provide machine learning nodes, which run jobs and handle machine learning API
requests. If xpack.ml.enabled is set to true and node.ml is set to false,
the node can service API requests but it cannot run jobs.
If you want to use X-Pack machine learning features in your cluster, you must enable machine learning
(set xpack.ml.enabled to true) on all master-eligible nodes. Do not use
these settings if you do not have X-Pack installed.
For more information about these settings, see Machine Learning Settings.
To create a dedicated machine learning node, set:
node.master: false node.data: false node.ingest: false search.remote.connect: false node.ml: true xpack.ml.enabled: true
|
Disable the |
|
|
Disable the |
|
|
Disable the |
|
|
Disable cross-cluster search (enabled by default). |
|
|
The |
|
|
The |