Ingest data with Python on Elastic Cloudedit

This guide tells you how to get started with:

  • Securely connecting to Elasticsearch Service with Python
  • Ingesting data into your deployment from your application
  • Searching and modifying your data on Elasticsearch Service

If you are an Python application programmer who is new to the Elastic Stack, this content can help you get started more easily.

Time required: 45 minutes

Prerequisitesedit

These steps are applicable to your existing application. If you don’t have one, you can use the example included here to create one.

Get the elasticsearch packagesedit

python -m pip install elasticsearch
python -m pip install elasticsearch[async]

Create the setup.py fileedit

# Elasticsearch 7.x
elasticsearch>=7.0.0,<8.0.0

Get Elasticsearch Serviceedit

  1. Get a free trial.
  2. Log into Elastic Cloud.
  3. Click Create deployment.
  4. Select Elastic Stack, leave it at the I/O optimized default, and give your deployment a name.
  5. Click Create deployment and save your Elastic deployment credentials. You will need these credentials later on.
  6. You also need the Cloud ID later on, as it simplifies sending data to Elastic Cloud. Click on the deployment name from the Elastic Cloud portal or the Deployments page and copy down the information under Cloud ID:

    A picture highlighting the Cloud ID information available for the deployment

Prefer not to subscribe to yet another service? You can also get Elasticsearch Service through AWS, Azure, and GCP marketplaces.

Connect securelyedit

If you are using Elastic Cloud, a language client offers an easy way to connect with the cloud_id (Cloud ID) parameter. You must pass the Cloud ID that you can find in the cloud console, and then your authentication details inside the auth option.

To connect and use a language client with Elasticsearch Service, you need to think about authentication. Two authentication mechanisms are supported, API key and basic authentication. Here we’ll show you how to use basic authentication to get started more quickly, but you can also generate API keys as shown later on. API keys are safer and preferred for production environments.

Basic authenticationedit

For basic authentication, use the same deployment credentials (username and password parameters) and Cloud ID you copied down earlier when you created your deployment. (If you did not save the password, you can reset it first.)

You first need to create and edit an example.ini file with your deployment details:

[ELASTIC]
cloud_id = DEPLOYMENT_NAME:CLOUD_ID_DETAILS
user = elastic
password = LONGPASSWORD

Next, you need to use these configs with the Python client:

from elasticsearch import Elasticsearch, helpers
import configparser

config = configparser.ConfigParser()
config.read('example.ini')

es = Elasticsearch(
    cloud_id=config['ELASTIC']['cloud_id'],
    http_auth=(config['ELASTIC']['user'], config['ELASTIC']['password'])
)

You can now confirm that you have connected to the deployment by returning some information about the deployment:

es.info()

Ingest dataedit

After connecting to your deployment, you are ready to index and search data. Let’s create a new index, insert some quotes from our favorite characters, and then refresh the index so that it is ready to be searched. A refresh makes all operations performed on an index since the last refresh available for search.

es.indices.delete(index='lord-of-the-rings')
{'acknowledged': True}
es.index(
 index='lord-of-the-rings',
 body={
  'character': 'Aragon',
  'quote': 'It is not this day.'
 })

es.index(
 index='lord-of-the-rings',
 body={
  'character': 'Gandalf',
  'quote': 'A wizard is never late, nor is he early.'
 })

es.index(
 index='lord-of-the-rings',
 body={
  'character': 'Frodo Baggins',
  'quote': 'You are late'
 })

es.indices.refresh(index='lord-of-the-rings')
{'_shards': {'total': 2, 'successful': 1, 'failed': 0}}

When using the es.index API, the request automatically creates the lord-of-the-rings index, if it doesn’t exist already, as well as document IDs for each indexed document if they are not explicitly specified.

Search and modify dataedit

After creating a new index and ingesting some data, you are now ready to search. Let’s find what different characters have said things about being late:

result = es.search(
 index='lord-of-the-rings',
 body={
  'query': {
    'match': {'quote': 'late'}
  }
 })

result['hits']['hits']
[{'_index': 'lord-of-the-rings',
  '_type': '_doc',
  '_id': '2EkAzngB_pyHD3p65UMt',
  '_score': 0.5820575,
  '_source': {'character': 'Frodo Baggins', 'quote': 'You are late'}},
 {'_index': 'lord-of-the-rings',
  '_type': '_doc',
  '_id': '10kAzngB_pyHD3p65EPR',
  '_score': 0.37883914,
  '_source': {'character': 'Gandalf',
   'quote': 'A wizard is never late, nor is he early.'}}]

The search request returns content of documents containing late in the quote field, including document IDs that were automatically generated.

You can make updates to specific documents using document IDs. Let’s add a birthplace for our character:

es.update(
 index='lord-of-the-rings',
 id='2EkAzngB_pyHD3p65UMt',
 body={
  'doc': {'birthplace': 'The Shire'}
 })

es.get(index='lord-of-the-rings', id='2EkAzngB_pyHD3p65UMt')
{'_index': 'lord-of-the-rings',
 '_type': '_doc',
 '_id': '2EkAzngB_pyHD3p65UMt',
 '_version': 2,
 '_seq_no': 3,
 '_primary_term': 1,
 'found': True,
 '_source': {'character': 'Frodo Baggins',
  'quote': 'You are late',
  'birthplace': 'The Shire'}}

For frequently used API calls with the Python client, see Examples.

Switch to API key authenticationedit

To get started, authentication to Elasticsearch used the elastic superuser and password, but an API key is much safer and a best practice for production.

In the example that follows, an API key is created with the cluster monitor privilege which gives read-only access for determining the cluster state. Some additional privileges also allow create_index, write, read, and manage operations for the specified index. The index manage privilege is added to enable index refreshes.

The easiest way to create this key is in the API console for your deployment. Select the deployment name and go to Elasticsearch > API console:

POST /_security/api_key
{
  "name": "python_example",
  "role_descriptors": {
    "python_read_write": {
      "cluster": ["monitor"],
      "index": [
        {
          "names": ["test-index"],
          "privileges": ["create_index", "write", "read", "manage"]
        }
      ]
    }
  }
}

The output is:

{
  "id" : "API_KEY_ID",
  "name" : "python_example",
  "api_key" : "API_KEY_DETAILS"
}

Edit the example.ini file you created earlier and add the id and api_key you just created. You should also remove the lines for user and password you added earlier after you have tested the api_key, and consider changing the elastic password using the Elasticsearch Service Console.

[DEFAULT]
cloud_id = DEPLOYMENT_NAME:CLOUD_ID_DETAILS
apikey_id = API_KEY_ID
apikey_key = API_KEY_DETAILS

You can now use the API key in place of a username and password. The client connection becomes:

es = Elasticsearch(
    cloud_id=config['DEFAULT']['cloud_id'],
    api_key=(config['DEFAULT']['apikey_id'], config['DEFAULT']['apikey_key']),
)

See Create API key API to learn more about API Keys and Security privileges to understand which privileges are needed. If you are not sure what the right combination of privileges for your custom application is, you can enable audit logging on Elasticsearch to find out what privileges are being used. To learn more about how logging works on Elastic Cloud, see Monitoring Elastic Cloud deployment logs and metrics.

For more information on refreshing an index, searching, updating, and deleting, see the elasticsearch-py examples.

Best practicesedit

Security

When connecting to Elastic Cloud, the client automatically enables both request and response compression by default, since it yields significant throughput improvements. Moreover, the client also sets the SSL option secureProtocol to TLSv1_2_method unless specified otherwise. You can still override this option by configuring it.

Do not enable sniffing when using Elastic Cloud, since the nodes are behind a load balancer. Elastic Cloud takes care of everything for you. Take a look at Elasticsearch sniffing best practices: What, when, why, how if you want to know more.

Schema
When the above example code was run an index mapping was created automatically. The field types were selected by Elasticsearch based on the content seen when the first record was ingested, and updated as new fields appeared in the data. It would be more efficient to specify the fields and field types in advance to optimize performance. See the Elastic Common Schema documentation and Field Type documentation when you are designing the schema for your production use cases.
Ingest
For more advanced scenarios, Bulk helpers gives examples for the bulk API that makes it possible to perform multiple operations in a single call. If you have a lot of documents to index, using bulk to batch document operations is significantly faster than submitting requests individually.