1、基本概念node
1 Node 與 Cluster數據庫
Elastic 本質上是一個分佈式數據庫,容許多臺服務器協同工做,每臺服務器能夠運行多個 Elastic 實例。單個 Elastic 實例稱爲一個節點(node)。一組節點構成一個集羣(cluster)。json
2 Index服務器
Elastic 會索引全部字段,通過處理後寫入一個反向索引(Inverted Index)。查找數據的時候,直接查找該索引。curl
因此,Elastic 數據管理的頂層單位就叫作 Index(索引)。它是單個數據庫的同義詞。每一個 Index (即數據庫)的名字必須是小寫elasticsearch
3 Document分佈式
Index 裏面單條的記錄稱爲 Document(文檔)。許多條 Document 構成了一個 Index。fetch
Document 使用 JSON 格式表示。同一個 Index 裏面的 Document,不要求有相同的結構(scheme),可是最好保持相同,這樣有利於提升搜索效率。ui
4 Typeurl
Document 能夠分組,好比weather這個 Index 裏面,能夠按城市分組(北京和上海),也能夠按氣候分組(晴天和雨天)。這種分組就叫作 Type,它是虛擬的邏輯分組,用來過濾 Document。
不一樣的 Type 應該有類似的結構(schema),舉例來講,id字段不能在這個組是字符串,在另外一個組是數值。這是與關係型數據庫的表的一個區別。性質徹底不一樣的數據(好比products和logs)應該存成兩個 Index,而不是一個 Index 裏面的兩個 Type(雖然能夠作到)。
根據規劃,Elastic 6.x 版只容許每一個 Index 包含一個 Type,7.x 版將會完全移除 Type。
2、操做
1:查看ES版本信息
[elk@es logs]$ curl -GET 'http://localhost:9250' { "name" : "elk01", "cluster_name" : "elk-cluster", "cluster_uuid" : "KW6Nr_pTSVuwT0gR0agtOA", "version" : { "number" : "5.3.1", "build_hash" : "5f9cf58", "build_date" : "2017-04-17T15:52:53.846Z", "build_snapshot" : false, "lucene_version" : "6.4.2" }, "tagline" : "You Know, for Search" } [elk@es logs]$
ES返回一個json文本信息,包括版本、當前節點、集羣等等信息
默認狀況下,Elastic 只容許本機訪問,若是須要遠程訪問,能夠修改 Elastic 安裝目錄的config/elasticsearch.yml文件,去掉network.host的註釋,將它的值改
0.0.0.0,而後從新啓動 Elastic。
上面代碼中,設成0.0.0.0讓任何人均可以訪問。線上服務不要這樣設置,要設成具體的 IP。
2:查看索引列表
[elk@es logs]$ curl -X GET 'http://localhost:9250/_cat/indices?v' health status index uuid pri rep docs.count docs.deleted store.size pri.store.size yellow open textindex r8Mj0h23TBO6uP6tBLGylQ 5 1 0 0 650b 650b [elk@es logs]$
此處返回我剛建立的一個索引(建立步驟下面敘述),具體各個含義值,可使用help查看
[elk@es logs]$ curl -X GET 'http://localhost:9250/_cat/indices?help' health | h | current health status status | s | open/close status index | i,idx | index name uuid | id,uuid | index uuid pri | p,shards.primary,shardsPrimary | number of primary shards rep | r,shards.replica,shardsReplica | number of replica shards docs.count | dc,docsCount | available docs docs.deleted | dd,docsDeleted | deleted docs creation.date | cd | index creation date (millisecond value) creation.date.string | cds | index creation date (as string) store.size | ss,storeSize | store size of primaries & replicas pri.store.size | | store size of primaries completion.size | cs,completionSize | size of completion pri.completion.size | | size of completion fielddata.memory_size | fm,fielddataMemory | used fielddata cache pri.fielddata.memory_size | | used fielddata cache fielddata.evictions | fe,fielddataEvictions | fielddata evictions pri.fielddata.evictions | | fielddata evictions query_cache.memory_size | qcm,queryCacheMemory | used query cache pri.query_cache.memory_size | | used query cache query_cache.evictions | qce,queryCacheEvictions | query cache evictions pri.query_cache.evictions | | query cache evictions request_cache.memory_size | rcm,requestCacheMemory | used request cache pri.request_cache.memory_size | | used request cache request_cache.evictions | rce,requestCacheEvictions | request cache evictions pri.request_cache.evictions | | request cache evictions request_cache.hit_count | rchc,requestCacheHitCount | request cache hit count pri.request_cache.hit_count | | request cache hit count request_cache.miss_count | rcmc,requestCacheMissCount | request cache miss count pri.request_cache.miss_count | | request cache miss count flush.total | ft,flushTotal | number of flushes pri.flush.total | | number of flushes flush.total_time | ftt,flushTotalTime | time spent in flush pri.flush.total_time | | time spent in flush get.current | gc,getCurrent | number of current get ops pri.get.current | | number of current get ops get.time | gti,getTime | time spent in get pri.get.time | | time spent in get get.total | gto,getTotal | number of get ops pri.get.total | | number of get ops get.exists_time | geti,getExistsTime | time spent in successful gets pri.get.exists_time | | time spent in successful gets get.exists_total | geto,getExistsTotal | number of successful gets pri.get.exists_total | | number of successful gets get.missing_time | gmti,getMissingTime | time spent in failed gets pri.get.missing_time | | time spent in failed gets get.missing_total | gmto,getMissingTotal | number of failed gets pri.get.missing_total | | number of failed gets indexing.delete_current | idc,indexingDeleteCurrent | number of current deletions pri.indexing.delete_current | | number of current deletions indexing.delete_time | idti,indexingDeleteTime | time spent in deletions pri.indexing.delete_time | | time spent in deletions indexing.delete_total | idto,indexingDeleteTotal | number of delete ops pri.indexing.delete_total | | number of delete ops indexing.index_current | iic,indexingIndexCurrent | number of current indexing ops pri.indexing.index_current | | number of current indexing ops indexing.index_time | iiti,indexingIndexTime | time spent in indexing pri.indexing.index_time | | time spent in indexing indexing.index_total | iito,indexingIndexTotal | number of indexing ops pri.indexing.index_total | | number of indexing ops indexing.index_failed | iif,indexingIndexFailed | number of failed indexing ops pri.indexing.index_failed | | number of failed indexing ops merges.current | mc,mergesCurrent | number of current merges pri.merges.current | | number of current merges merges.current_docs | mcd,mergesCurrentDocs | number of current merging docs pri.merges.current_docs | | number of current merging docs merges.current_size | mcs,mergesCurrentSize | size of current merges pri.merges.current_size | | size of current merges merges.total | mt,mergesTotal | number of completed merge ops pri.merges.total | | number of completed merge ops merges.total_docs | mtd,mergesTotalDocs | docs merged pri.merges.total_docs | | docs merged merges.total_size | mts,mergesTotalSize | size merged pri.merges.total_size | | size merged merges.total_time | mtt,mergesTotalTime | time spent in merges pri.merges.total_time | | time spent in merges refresh.total | rto,refreshTotal | total refreshes pri.refresh.total | | total refreshes refresh.time | rti,refreshTime | time spent in refreshes pri.refresh.time | | time spent in refreshes refresh.listeners | rli,refreshListeners | number of pending refresh listeners pri.refresh.listeners | | number of pending refresh listeners search.fetch_current | sfc,searchFetchCurrent | current fetch phase ops pri.search.fetch_current | | current fetch phase ops search.fetch_time | sfti,searchFetchTime | time spent in fetch phase pri.search.fetch_time | | time spent in fetch phase search.fetch_total | sfto,searchFetchTotal | total fetch ops pri.search.fetch_total | | total fetch ops search.open_contexts | so,searchOpenContexts | open search contexts pri.search.open_contexts | | open search contexts search.query_current | sqc,searchQueryCurrent | current query phase ops pri.search.query_current | | current query phase ops search.query_time | sqti,searchQueryTime | time spent in query phase pri.search.query_time | | time spent in query phase search.query_total | sqto,searchQueryTotal | total query phase ops pri.search.query_total | | total query phase ops search.scroll_current | scc,searchScrollCurrent | open scroll contexts pri.search.scroll_current | | open scroll contexts search.scroll_time | scti,searchScrollTime | time scroll contexts held open pri.search.scroll_time | | time scroll contexts held open search.scroll_total | scto,searchScrollTotal | completed scroll contexts pri.search.scroll_total | | completed scroll contexts segments.count | sc,segmentsCount | number of segments pri.segments.count | | number of segments segments.memory | sm,segmentsMemory | memory used by segments pri.segments.memory | | memory used by segments segments.index_writer_memory | siwm,segmentsIndexWriterMemory | memory used by index writer pri.segments.index_writer_memory | | memory used by index writer segments.version_map_memory | svmm,segmentsVersionMapMemory | memory used by version map pri.segments.version_map_memory | | memory used by version map segments.fixed_bitset_memory | sfbm,fixedBitsetMemory | memory used by fixed bit sets for nested object field types and type filters for types referred in _parent fields pri.segments.fixed_bitset_memory | | memory used by fixed bit sets for nested object field types and type filters for types referred in _parent fields warmer.current | wc,warmerCurrent | current warmer ops pri.warmer.current | | current warmer ops warmer.total | wto,warmerTotal | total warmer ops pri.warmer.total | | total warmer ops warmer.total_time | wtt,warmerTotalTime | time spent in warmers pri.warmer.total_time | | time spent in warmers suggest.current | suc,suggestCurrent | number of current suggest ops pri.suggest.current | | number of current suggest ops suggest.time | suti,suggestTime | time spend in suggest pri.suggest.time | | time spend in suggest suggest.total | suto,suggestTotal | number of suggest ops pri.suggest.total | | number of suggest ops memory.total | tm,memoryTotal | total used memory pri.memory.total | | total user memory [elk@es logs]$
3:建立索引
[elk@es logs]$ curl -X PUT 'localhost:9250/abctest' {"acknowledged":true,"shards_acknowledged":true} [elk@es logs]$
建立索引名稱,必須是小寫,而且索引名稱一旦建立,則不能夠修改,acknowledged表示執行結果,true或false
4:刪除索引
刪除索引,只須要將PUT替換爲DELETE便可
[elk@es logs]$ curl -X DELETE 'localhost:9250/abctest' {"acknowledged":true} [elk@es logs]$