Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question. Don’t forget to select tags to help index your topic!
1. Describe your incident:
Looking to migrate to OpenSearch as recommended
2. Describe your environment:
OS Information:
Ubuntu 18.04.6 LTS
Package Version:
Graylog 4.2.9
Service logs, configurations, and environment variables:
4. How can the community help?
Greetings!
I would like to ask since I am running Graylog 4.2.9, I would like to upgrade to 4.3.0 and keep my ElasticSearch install but am a bit confused with this warning:
We caution you not to install or upgrade Elasticsearch to 7.11 and later! It is not supported. If you do so, it will break your instance!
When I run curl -X GET "localhost:9200/?pretty" I show that my ElasticSearch version is 7.17.2 so that means I should not upgrade?
1.Graylog supports Elasticsearch-7.10.x not recommended to go beyond that version
2.OpenSearch for Graylog only supports 1.2,1.3 which is equal to Elasticsearch 7.10.x
3.Since your above 7.10 not sure but I don’t think its going to be good.
4.Last, Graylog 4.3 has a PRE-FLIGHT CHECKS "When Graylog starts up, it now performs connectivity and version checks for MongoDB and Elasticsearch/OpenSearch. " Thats probably why you see those errors when upgrading to 4.3.
Depending on this environment you could down grade ES BUT there will be data loss.
If you install OpenSearch as instructed it will be either version 1.2 or 1.3 which equals ES 7.10. So that statement is incorrect you will be down grading not upgrading
If you install OpenSearch as instructed it will be either version 1.2 or 1.3 which equals ES 7.10. So that statement is incorrect you will be down grading not upgrading
Sorry for reviving this but not sure I fully understand. What version of OpenSearch should I install/recommended?
I just tried following the migration guide today but ran across some issues as the documentation doesn’t appear to be complete. I am running Ubuntu 18.04 and not sure if I should be installing the docker, docker-compose or tar method.
Just looking for the most reliable and easiest way.
I agree the documentation is behind a little. You can use YUM/RPM now to install OpenSearch but not with APT yet.
Please take a look at this link.
To be honest, I would wait to upgrade, one reason is that you have Elasticsearch version that’s is beyond what is supported by Graylog and/or OpenSearch