How 360’s Private Cloud Powers Elasticsearch: Architecture, Security, and Scaling
This article explains how 360’s Hulk private cloud platform deploys Elasticsearch with a dedicated master architecture, load‑balancing, per‑business isolated clusters, SearchGuard security, dynamic tokenization, self‑service user features, and advanced monitoring to achieve high‑performance, scalable search services.
Elasticsearch Overview
Elasticsearch is an open‑source, distributed, scalable, near‑real‑time document store and search engine built on the Apache Lucene framework. Since version 5.x it has gained significant improvements in standards compliance, functionality, and performance.
360 Hulk Private Cloud Integration
360 Hulk, a leading private‑cloud platform, offers Elasticsearch as a search service and ELK for log analysis. It runs internally on massive workloads (over 200 TB of data and more than 1 trillion daily requests).
Service Architecture
Dedicated Master Nodes : Three independent master nodes manage cluster metadata (indices, sharding, etc.). This isolation ensures stable master functions and reduces split‑brain risk by setting discovery.zen.minimum_master_nodes: 2.
Load Balancing : Data nodes handle traffic while an LVS load balancer distributes requests evenly and automatically excludes failed nodes.
Business‑Dedicated Clusters : Each business line can request its own isolated cluster, minimizing cross‑impact and improving fault tolerance.
User Authentication & Permission Isolation : Integrated SearchGuard provides fine‑grained access control, isolating sub‑business applications.
Tokenizer Support : The cluster includes the IK analyzer (compiled manually due to the removal of Site Plugins after 5.x) and supports dynamic updates of custom dictionaries and stop‑word lists.
User‑Facing Features
Self‑service capabilities on the Hulk platform include:
Cluster provisioning
Status monitoring
Performance dashboards
Indices browsing
Permission requests
Pre‑configured Kibana instances are provided for immediate use.
Administrator Functions
Admins can manage cluster configuration, initialization, node start/stop, and resource reclamation. Monitoring is powered by Zabbix with custom metrics from the FromDual framework, offering real‑time alerts and automatic recovery (e.g., auto‑restart on node failure).
WebAdmin extensions add further management capabilities.
Since Elasticsearch 5.x discontinued Site Plugins, the original Kopf plugin was reimplemented as Cerebro (built with Scala, Play Framework, AngularJS, and Bootstrap), delivering a decoupled UI with support for newer Elasticsearch versions.
Conclusion
The 360 private‑cloud implementation of Elasticsearch demonstrates a robust, secure, and scalable search solution, combining dedicated master nodes, load balancing, per‑business isolation, fine‑grained security, and comprehensive monitoring.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
360 Zhihui Cloud Developer
360 Zhihui Cloud is an enterprise open service platform that aims to "aggregate data value and empower an intelligent future," leveraging 360's extensive product and technology resources to deliver platform services to customers.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.