Add networking guide docs

[mhl-b]

A high level overview of networking for the distributed architecture guide. ES-7886

[elasticsearchmachine]

Pinging @elastic/es-distributed-coordination (Team:Distributed Coordination)

[DaveCTurner]

I left a few factual nits, nothing major. It needs some editorial polishing too - can we use any of our fancy new AI tools to help with that?

[DaveCTurner]

Maybe mention that in these cases we also support the same API with a different verb, normally POST, for clients who cannot send a GET-with-body.

[DaveCTurner]

cannot be parsed incrementally (like JSON)

Mmm sorta depends what you mean by "incrementally" but I'd say that the SAX-style parsing we do is in fact working incrementally. It doesn't really make sense to start parsing before we've received the whole body, but that's different from saying "cannot".

[DaveCTurner]

Might be worth pointing out here that (if security is enabled then) authentication happens before the REST handler but authorization happens after (when entering the transport layer).

[DaveCTurner]

never

except for reindex-from-remote :)

[DaveCTurner]

resilience

I don't think we are particularly resilient to frequent reconnects. At least, not without being more specific. ES never behaves incorrectly (e.g. loses data) in the face of network outages but it may become unavailable unless the network is stable.

[DaveCTurner]

Although the Apache client we use may have originally come from Tomcat, it's not called that any more and this'll confuse folks that don't know the history. Let's just call it the Apache client.

[mhl-b]

Apache indeed, no idea why I wrote Tomcat.

[DaveCTurner]

A pause of "seconds" is still pretty disastrous

Suggested change

	computations (seconds), otherwise fork.
	computations (millseconds), otherwise fork.

[DaveCTurner]

Might be worth saying a bit more about how this looks in a heap dump - there's a pool of 1MiB byte[] objects which Netty slices into 16kiB pages, not all of which may be in use, so you have to account for this when investigating memory usage.

[DaveCTurner]

Also Netty technically reads the bytes into a direct buffer and then CopyBytesSocketChannel copies them into the pooled buffer.

[DaveCTurner]

Netty needs a capital N (here and in several other places)

[ywangd]

I have some minor comments. Will leave the approval to David. Thanks!

[ywangd]

I would not say "Security is not enabled by default" but instead just say "security features are achieved with separate x-pack modules". We had dedicated effort to ensure security is on by default and basic security including authc/authz/TLS is in the free tier. It is rather disheartening to say the opposite.

[ywangd]

I wonder whether we should align the wording here with the code where Conneciton is a higher level abstraction that encapsulates a pool of Channels. Similarly, ConnectionProfile is at higher level while transport profile is for each channel. The most prominent Connection implementation is NodeChannels (note the plura form). It took a while to get my head around them when I first read the code.

[mhl-b]

Agree with aligning terminology. "Connection is a pool of Channels" might need another explanation that Channel is a non-blocking TCP connection based on Java NIO definition.

[ywangd]

There are other features such as SAML/JWT metadata reloading, watcher http action, reindex and probably ML related features such as inference that also use HTTP clients. I wonder whether we should mention them here. Or do you see snapshots being the most relevant one for the team?

[mhl-b]

It would be nice to mention all networking interactions and high level overview. To display big picture of ins and outs. I will add ones you mentioned, but will leave details for next round of docs improvement.

[mhl-b]

@DaveCTurner, @ywangd

I addressed all comments in new revision.b691644

[github-actions]

🔍 Preview links for changed docs

• docs/internal/DistributedArchitectureGuide.md

[github-actions]

ℹ️ Important: Docs version tagging

👋 Thanks for updating the docs! Just a friendly reminder that our docs are now cumulative. This means all 9.x versions are documented on the same page and published off of the main branch, instead of creating separate pages for each minor version.

We use applies_to tags to mark version-specific features and changes.

Expand for a quick overview

When to use applies_to tags:

✅ At the page level to indicate which products/deployments the content applies to (mandatory)
✅ When features change state (e.g. preview, ga) in a specific version
✅ When availability differs across deployments and environments

What NOT to do:

❌ Don't remove or replace information that applies to an older version
❌ Don't add new information that applies to a specific version without an applies_to tag
❌ Don't forget that applies_to tags can be used at the page, section, and inline level

🤔 Need help?

• Check out the cumulative docs guidelines
• Reach out in the #docs Slack channel

[DaveCTurner]

Looks good, just a few nits.

[DaveCTurner]

We typically use the word "transport" to mean the node-to-node protocol, to distinguish it from the HTTP network interface. So yes although "HTTP Transport" is kinda correct, it is confusing in this context. Could we avoid using "transport" here?

[DaveCTurner]

Maybe mention the relevant setting here?

[DaveCTurner]

Suggested change

	Incremental bulk indexing includes a back-pressure feature.When memory pressure
	Incremental bulk indexing includes a back-pressure feature. When memory pressure

[DaveCTurner]

Could we link to the org.elasticsearch.index.IndexingPressure here?

[DaveCTurner]

We can also handle other content-types, it's just that these are the best-supported ones.

[DaveCTurner]

Suggested change

	indicate path variables. RestBulkAction specifies a list of routes
	indicate path variables. `RestBulkAction` specifies a list of routes

[DaveCTurner]

Suggested change

	threads for a long time.Fork any blocking operation or heavy computation to
	threads for a long time. Fork any blocking operation or heavy computation to

[burqen]

I left some suggestions for improvement as I found them while reading.

In the GeneralArchitectureGuide there is a section about # REST and Transport Layers and there is a bit of overlap between that section and what you add here. I think it would be a good idea to combine them into one thing but I also realize that it would be quite a bit of additional work to do so. I leave it as a suggestion to be dealt with either now or in the Glorious Future™.

[burqen]

Suggested change

	do not fit for incremental parsing (e.g., JSON). Aggregation has drawbacks, it
	are not fit for incremental parsing (e.g., JSON). Aggregation has drawbacks, it

[burqen]

Suggested change

	Security features, including basic security (authc/authz/TLS) in the free tier,
	Security features, including basic security (authentication/authorization/Transport Layer Security) in the free tier,

For someone that is not used to working with networking and security (me) it's not obvious what authc/authz/TLS means without googling. If target audience is newcomers and open source community I think it's worth spelling those out.

[burqen]

Suggested change

	Large delimited content, such as bulk indexing, which is processed in byte
	chunks. It's more complicated for application code, but provides better control
	over memory usage.
	Large delimited content, such as bulk indexing, which is processed in byte
	chunks, provides better control over memory usage but is more complicated
	for application code.

[burqen]

Suggested change

	module. Security module injects SSL and headers validator.
	module. Security module injects SSL (Secure Sockets Layer)
	and headers validator.

Not obvious abbreviation for me.

[DaveCTurner]

Let's call it TLS rather than SSL - SSL has been deprecated for over a decade at this point

[mhl-b]

Thanks for the feedback!

In the GeneralArchitectureGuide there is a section about # REST and Transport Layers and there is a bit of overlap between that section and what you add here.

I think overlap is ok, as long it's consistent. It also overlaps with public docs https://www.elastic.co/docs/reference/elasticsearch/configuration-reference/networking-settings. I will add this to the doc too.

For someone that is not used to working with networking and security

Sometimes I wonder if my life would be better had I never learned computer networks.

[mhl-b]

@DaveCTurner, @burqen. Addressed feedback in 08991aa

[ywangd]

LGTM

I have only optional editorial level comments.

[ywangd]

Nit

Suggested change

	cross-cluster communication). Management,ingestion, search, and all other
	cross-cluster communication). Management, ingestion, search, and all other

[ywangd]

Nit

Suggested change

	ES supports multiple `Content-Types` for the payload. These are
	ES supports multiple `Content-Type`s for the payload. These are

?

[ywangd]

Nit

Suggested change

	implementations of `MediaType` interface. A common ones internally called
	`XContentType`: CBOR, JSON, SMILE, YAML, and their versioned types. X-pack
	implementations of `MediaType` interface. A common implementation is called
	`XContentType`, including CBOR, JSON, SMILE, YAML, and their versioned types. X-pack

[ywangd]

Nit

Suggested change

	`ToXContent...` can be serialized and sent over HTTP.
	`ToXContent` and friends can be serialized and sent over HTTP.

[ywangd]

Suggested change

	module. Security module injects TLS and headers validator.
	module. The `x-pack/security` module injects TLS and headers validator.

[ywangd]

Not sure if there is a convention here. I personally prefer Connections over Connections since literal string seems to indicate corresponding java concept, e.g. class.

[ywangd]

I think it's enabled by default for tests? If so, maybe worth to mention.

[burqen]

Things are looking good, approving 😄

[mhl-b]

@DaveCTurner, are you ok with current version?