Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A New Elasticsearch Scripting Language: Secure,...

A New Elasticsearch Scripting Language: Secure, Fast, and Painless

Gather 'round and hear the story of Painless!

Back in the pre-5.0 dark ages, Elasticsearch lacked a secure scripting language. And the people were sad! But our hero Painless came in 5.0, the shining new default, careful, quick, and kind. Ever watchful of its whitelist and loop counters, Painless protects Elasticsearch from malign mandate, inadvertent or iniquitous.

Gather and hear of Painless' guiding principles, see the features they represent, and, time permitting, discuss Painless' future.

Nik Everett l Software Engineer l Elastic

Avatar for Elastic Co

Elastic Co

March 07, 2017
Tweet

More Decks by Elastic Co

Other Decks in Technology

Transcript

  1. It’s written in Java and you clone it from GitHub….

    2 1 2 3 4 https://github.com/ elastic/ elasticsearch fork, clone, branch Make awesome changes, run tests Push, create pull request Discuss! 5 An “elastic member” will merge it
  2. Actions, their parts, and how to find them. 3 Title

    Here Title Here Title Here Action Request Response TransportAction RequestBuilder RestAction transport means go start here open this file not this one
  3. Two ways to serialize! 5 java.io. Serializable XContent StreamOutput/ StreamInput

    • Not used • JVM mismatch • Backwards compatibility • HTTP communication • JSON/YAML/Smile/CBOR • Implement ToXContent • Internode communication • getVersion! • Implement Writeable or Streamable
  4. More ways to test than you can shake a stick

    at! 6 Unit tests “Integration” tests REST tests • Targeted and fast • Mocks ok here • Start a cluster in process • Can reach in and hack it • Highly overused • Use a shared cluster • Very limited syntax • Shared with clients
  5. ‹#› Please attribute Elastic with a link to elastic.co Except

    where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nd/4.0/ Creative Commons and the double C in a circle are registered trademarks of Creative Commons in the United States and other countries. Third party marks and brands are the property of their respective holders. 7