WARNING: The 2.x versions of Elasticsearch have passed their EOL dates. If you are running a 2.x version, we strongly advise you to upgrade.
This documentation is no longer maintained and may be removed. For the latest information, see the current Elasticsearch documentation.
Before moving on, we are going to take a detour and talk about how search is executed in a distributed environment. It is a bit more complicated than the basic create-read-update-delete (CRUD) requests that we discussed in Distributed Document Store.
A CRUD operation deals with a single document that has a unique combination of
routing values (which defaults to the
_id). This means that we know exactly which shard in the cluster
holds that document.
Search requires a more complicated execution model because we don’t know which documents will match the query: they could be on any shard in the cluster. A search request has to consult a copy of every shard in the index or indices we’re interested in to see if they have any matching documents.
But finding all matching documents is only half the story. Results from
multiple shards must be combined into a single sorted list before the
API can return a “page” of results. For this reason, search is executed in a
two-phase process called query then fetch.