In depth guide to running Elasticsearch in production

The basics: Clusters, Nodes, Indices and Shards

A more in-depth look at Elasticsearch


node.master: true

How nodes join the cluster

Segments and segment merging

Message routing

So how do I run Elasticsearch in production?





  • Scheduler: cfq and deadline outperform noop. Kyber might be good if you have nvme but I have not tested it
  • QueueDepth: as high as possible
  • Readahead: yes, please
  • Raid chunk size: no impact
  • FS block size: no impact
  • FS type: XFS > ext4

Index layout


  • for write heavy workloads, primary shards = number of nodes
  • for read heavy workloads, primary shards * replication = number of nodes
  • more replicas = higher search performance
node_throughput*(number_of_primary_shards + number_of_replicas)


number_of_indices = (140 * number_of_nodes) / (number_of_primary_shards * replication_factor)
index_size = (number_of_nodes * disk_size) / number_of_indices

Segment merging

Cluster layout


  • number of segments
  • heap usage
  • heap GC time
  • avg. search, index, merge time
  • IOPS
  • disk utilization






