From Elasticsearch to Dashboards with Dremio and Apache Iceberg

Moving data from source systems like Elasticsearch to a dashboard traditionally involves a multi-step process: transferring data to a data lake, moving it into a data warehouse, and then building BI extracts and cubes for acceleration. This process can be tedious and costly. However, this entire workflow is simplified with Dremio, the Data Lakehouse Platform. Dremio enables direct serving of BI dashboards from Elasticsearch or leveraging Apache Iceberg tables in your data lake. This post will explore how Dremio's data lakehouse platform simplifies your data delivery for business intelligence by doing a prototype version that can run on your laptop.

Setting Up Our Environment

To run this exercise on your laptop, you will need Docker Desktop to run Docker Compose files to spin up our environment. In an empty folder, create a docker-compose.yml file with the following:

version: "3"

services:
  # Nessie Catalog Server Using In-Memory Store
  nessie:
    image: projectnessie/nessie:latest
    container_name: nessie
    networks:
      dremio-es-superset:
    ports:
      - 19120:19120
  # Minio Storage Server
  minio:
    image: minio/minio:latest
    container_name: minio
    environment:
      - MINIO_ROOT_USER=admin
      - MINIO_ROOT_PASSWORD=password
      - MINIO_DOMAIN=storage
      - MINIO_REGION_NAME=us-east-1
      - MINIO_REGION=us-east-1
    networks:
      dremio-es-superset:
    ports:
      - 9001:9001
      - 9000:9000
    command: ["server", "/data", "--console-address", ":9001"]
  # Dremio
  dremio:
    platform: linux/x86_64
    image: dremio/dremio-oss:latest
    ports:
      - 9047:9047
      - 31010:31010
      - 32010:32010
    container_name: dremio    environment:
      - DREMIO_JAVA_SERVER_EXTRA_OPTS=-Dpaths.dist=file:///opt/dremio/data/dist

    networks:
      dremio-es-superset:
  # Elasticsearch
  elasticsearch:
    image: elasticsearch:7.17.21
    container_name: elasticsearch
    environment:
      - discovery.type=single-node
      - xpack.security.enabled=false
    ports:
      - "9200:9200"
    networks:
      dremio-es-superset:
  # Superset
  superset:
    image: alexmerced/dremio-superset
    container_name: superset
    networks:
      dremio-es-superset:
    ports:
      - 8080:8088
networks:
  dremio-es-superset:

This Docker Compose file sets up a development environment for integrating Elasticsearch with a BI dashboard through Dremio and Apache Iceberg, leveraging additional tools like Nessie and MinIO. The services are configured to work together within a custom network named dremio-es-superset.

This Docker Compose file sets up a development environment for integrating Elasticsearch with a BI dashboard through Dremio and Apache Iceberg, leveraging additional tools like Nessie and MinIO. Here's what each service in the file represents:

• Nessie: Acts as a catalog server using an in-memory store, helping to manage and version data in the data lake. It runs on port 19120 and is part of the dremio-es-superset network, facilitating integration with Dremio and Elasticsearch for table cataloging and version control.
  
• MinIO: Serves as a storage server, mimicking a cloud storage environment locally. It's configured with essential security and region settings and exposes ports 9000 for API access and 9001 for the console. MinIO provides the storage layer for the data lake, where data from Elasticsearch can be stored and managed before processing with Dremio.
  
• Dremio: This is the core component of the data lakehouse platform, providing the ability to directly query and manage data across different sources like Elasticsearch and the data stored in MinIO. It exposes several ports for different purposes, such as the Dremio UI (9047), and data communication (31010 and 32010).
  
• Elasticsearch: Serves as the source search engine, configured as a single-node cluster to facilitate straightforward setup and demonstration. It exposes container port 9200, mapped directly to the same port on localhost, ensuring easy accessibility for efficient data querying and aggregation for other services in the environment, especially Dremio. With Elasticsearch's powerful full-text search capabilities and analytic functionalities, it provides a rich data source for business intelligence purposes within the Dremio-based data lakehouse environment.
  
• Superset: A business intelligence tool configured to connect with Dremio, allowing users to create and view dashboards and reports. It runs on port 8088 but is mapped to 8080 on the host machine for easy access.

The networks section defines a custom network named dremio-es-superset, ensuring these services can communicate seamlessly within this isolated network environment.

In the context of our blog, this Docker Compose setup illustrates how to create a local development environment that mirrors the process of moving data from Elasticsearch to a BI dashboard using Dremio and Apache Iceberg, with Nessie for table cataloging and MinIO for simulating a cloud storage environment.

Populating Data in Our Elasticsearch

After setting up your Docker Compose file, you'll need to populate Elasticsearch with data to simulate operational databases. First, ensure Elasticsearch is running by executing:

docker-compose up -d elasticsearch

Next, open another terminal window or tab and run the following commands to insert data into Elasticsearch. We will use the Elasticsearch API to create an index and populate it with sample sales data:

# Create the index with a simple mapping
curl -X PUT "localhost:9200/sales_data" -H 'Content-Type: application/json' -d'
{
  "mappings": {
    "properties": {
      "sale_id": { "type": "integer" },
      "sale_date": { "type": "date" },
      "product_id": { "type": "integer" },
      "quantity": { "type": "integer" },
      "total_amount": { "type": "float" }
    }
  }
}'

# Insert sample data into the index
curl -X POST "localhost:9200/sales_data/_doc" -H 'Content-Type: application/json' -d'
{
  "sale_id": 1,
  "sale_date": "2023-01-01",
  "product_id": 101,
  "quantity": 3,
  "total_amount": 450.00
}'

curl -X POST "localhost:9200/sales_data/_doc" -H 'Content-Type: application/json' -d'
{
  "sale_id": 2,
  "sale_date": "2023-01-02",
  "product_id": 102,
  "quantity": 2,
  "total_amount": 300.00
}'

curl -X POST "localhost:9200/sales_data/_doc" -H 'Content-Type: application/json' -d'
{
  "sale_id": 3,
  "sale_date": "2023-01-03",
  "product_id": 103,
  "quantity": 1,
  "total_amount": 150.00
}'

Connecting Elasticsearch, Nessie, and Minio to Dremio

The next step is to spin up the Dremio environment and connect our data lake (MinIO as storage + Nessie as catalog) and Elasticsearch data sources.

docker compose up -d dremio nessie minio

Open MinIO in the browser at localhost:9000 and log in with username “admin” and password “password”. Once you log in, create a new bucket called “warehouse”. Remember that Nessie is always running in the background and is accessed by a REST API, which is how the Dremio connector communicates with the catalog.

Now, head over to localhost:9047 in your browser to set up your Dremio admin account. Once that is set up, click “add a Source” and select a “Nessie” as the source. Enter in the following settings:

• General settings tab
  • Source Name: nessie
  • Nessie Endpoint URL: http://nessie:19120/api/v2
  • Auth Type: None
• Storage settings tab
  • AWS Root Path: warehouse
  • AWS Access Key: admin
  • AWS Secret Key: password
  • Uncheck “Encrypt Connection” Box (since we aren’t using SSL)
  • Connection Properties
    • Key: fs.s3a.path.style.access | Value: true
    • Key: fs.s3a.endpoint | Value: minio:9000
    • Key: dremio.s3.compat | Value: true

Click on “Save,” and the source will be added to Dremio. You can then run full DDL and DML SQL against it. Dremio turns your data lake into a data warehouse—a data lakehouse!

Now let’s add an Elasticsearch source with the following settings:

• Name: elasticsearch
• Host: elasticsearch
• Port: 9200
• Authentication: none

Once you save the source, you can see both sources on the Dremio dashboard and begin working with them.

Moving Our Elasticsearch Data to Our Data Lake

Historically, moving data from our databases into our data lake as Apache Iceberg tables would require spinning up an Apache Spark cluster and writing complex jobs in Python, Java, or Scala. But with Dremio, we can move our data to our data lake with some simple SQL.

Head over to the SQL Runner in the Dremio UI and run the following query to ingest the table in Elasticsearch as an Apache Iceberg table in our Nessie source:

CREATE TABLE nessie.sales_data AS SELECT * FROM elasticsearch."sales_data"."_doc";

This is a great way to initially move the table to your data lake. To update the table, you can use the INSERT INTO SELECT statement, adding all records with a higher ID value to the highest ID value in the destination. This will ensure only new records are added to the table.

INSERT INTO nessie.sales_data
SELECT *
FROM elasticsearch."sales_data"."_doc"
WHERE sale_id > (SELECT COALESCE(MAX(sale_id), 0) FROM nessie.sales_data);

Now we have the data in our data lakehouse. While we could choose not to move the data and operate with the data directly from Elasticsearch, we could run into competition for resources as the growing number of analytical queries compete with existing operational queries being sent to our Elasticsearch database. To avoid this, we can either create a data reflection, which creates a Dremio-managed materialization on your data lake that Dremio substitutes when the table is queried, or ingest the data into our data lakehouse as we did above. Either option allows analytical queries to fully utilize Dremio’s infinite horizontal and vertical scaling capabilities.

Connecting Superset to Dremio

Dremio can be used with most existing BI tools, with one-click integrations in the user interface for tools like Tableau and Power BI. We will use an open-source option in Superset for this exercise, but any BI tool would have a similar experience. To get started with Superset, let’s open another terminal and spin up the Superset container.

docker compose up -d superset

We then need to initialize Superset, so open another terminal and run this command:

docker exec -it superset superset init

This may take a few minutes to finish initializing, but once it is done, you can head over to localhost:8080 and log in to Superset with the username “admin” and password “admin”. Once you are in, click on “Settings” and select “Database Connections”.

• Add a New Database
• Select “Other”
• Use the following connection string (make sure to include Dremio username and password in URL): dremio+flight://USERNAME:PASSWORD@dremio:32010/?UseEncryption=false
• Test connection
• Save connection

The next step is to add a dataset by clicking on the + icon in the upper right corner and selecting “create dataset”. From here, select the table you want to add to Superset, which is, in this case, our sales_data table.

We can then click the + to add charts based on the datasets we’ve added. Once we create the charts we want, we can add them to a dashboard, and that’s it! You’ve now taken data from an operational database, ingested it into your data lake, and served a BI dashboard using the data.

Consider deploying Dremio into production to make delivering data for analytics easier for your data engineering team.