Graylog-datanode opensearch.yml

Graylog Central (peer support)
1

I’m trying to snapshot graylog-datanode for backup purposes.
Unfortunately, all changes I make to opensearch.yml are erased once the service is started.

OS Information: Raspberry Pi 5 8GB | Graylog 6.1.4+7528370

Error when trying to create a snapshot:
{"error":{"root_cause":[{"type":"repository_exception","reason":"[snapshot] location [/opensearch_backup] doesn't match any of the locations specified by path.repo because this setting is empty"}],"type":"repository_exception","reason":"[snapshot] failed to create repository","caused_by":{"type":"repository_exception","reason":"[snapshot] location [/opensearch_backup] doesn't match any of the locations specified by path.repo because this setting is empty"}},"status":500

Searched the GUI, search Graylog server.conf file, search datanode.conf file, there isn’t an option that overrides this behavior.

Is there a way to accomplish this ?
I mean, with Elasticsearch and Opensearch, I was able to do this pretty easily.
But now, with graylog-datanode, is that even possible ?

Thanks.

2

Hey @mcury

Im not sure all what you configured but here is my 2 cents.

Repo:
Create a directory called:

/mnt/opensearch_backup

In the Opensearch YAML file add configuration.

path.repo /mnt/opensearch_backup

restart Opensearch service to take affect,.

systemctl restart opensearch

The execute curl command:

PUT /opensearch_backup
{
  "type": "fs",
  "settings": {
    "location": "/mnt/opensearch-backup"
  }
}

see if that will work.

3

I’m not sure, I don’t work with Graylog Datanode, it might have a issue.

4

Yeap, found out that you can’t do that with graylog-datanode, unfortunately.

I think that, not long from now, they are going to drop support for standalone opensearch and force users to migrate to graylog-datanode.

I’m saying this due to their business model.
“Archiving” is a paid feature.

What bothers me is that nothing was mentioned about this, they advertised this as an easier and more compatible approach to Graylog than opensearch manual installation…

Hope I’m wrong about this.

1 Like
5

Hi @mcury ,
with data node, the opensearch.yml is auto-generated by data node on startup.

If you want to set path_repo, please include it in datanode.conf.

Hope this helps,
Matthias

1 Like
6

Really thanks Matthias, it is working perfectly with your suggestion.
That path_repo in datanode.conf did the trick.

Edit.

After digging for a while, found the possible options to configure datanode.conf @ https://go2docs.graylog.org/current/setting_up_graylog/data_node_configuration_file.htm

It seems that it is not possible to include plugins.security.authcz.admin_dn: values in graylog-datanode.conf file.

This is causing OpenSearch Security not initialized. error while trying CURL -XDELETE .
securityadmin.sh also fails to launch because of that, it tries to use user “null”.

Anything I could have missed ?
Or, if it is not supported, do you know if this will be possible in a future version ?

Thanks

7

Right now, we pass through opensearch properties from environment variables prefixed with opensearch. to OpenSearch. In your case, this would be opensearch.plugins.security.authcz.admin_dn.
This is not documented as it may be subject to change in following versions and replaced by another mechanism. Please be aware of this if you intend to use it.

1 Like
8

Thanks once again Matthias, you have been extremely helpful.
I’ll keep watching for the release notes before updating.

As a note, I’m not sure if graylog-datanode is the best option for me.
I’m thinking in about going back to opensearch manual installation since there is more documentation about it all over the internet.

Anyway, really thanks for all your time and efforts in helping me, much appreciated :+1: :+1:

Edit: I tried to include that option opensearch.plugins.security.authcz.admin_dn in datanode.conf, but no joy.
opensearch.yml keeps not showing that setting when graylog-datanode.service starts.