Update Graylog Docker Stack from 5.2 to 6.0.1, incl. change from Elasticsearch to Opensearch and upgrade mongodb

Dear community,

during the last couple of days, I was trying to upgrade my Docker Graylog Stack. I ran into several issues and finally managed to solve them all.
I thought it worth while to document, so that others can benefit from my learning curve. :slight_smile:


steps taken to upgrade

  • stop the old Graylog 5.2, Elasticsearch and mongodb container
  • go to the CLI of the server:
    sudo su
  • create backup of the persistant folders (./Docker/Graylog/):
    cp -a /home/uadmin/Docker/Graylog/ /home/uadmin/Docker/Graylog_Backup/
  • remove the old containers and delete the unused images
  • create the opensearch folders:
    mkdir /home/uadmin/Docker/Graylog/opensearch-data
    mkdir /home/uadmin/Docker/Graylog/opensearch-data/nodes
  • simply copy the content of the nodes-folder from Elasticsearch into the new folder from Opensearch:
    cp -a /home/uadmin/Docker/Graylog/es_data/nodes/* /home/uadmin/Docker/Graylog/opensearch-data/nodes/
  • Opensearch needs user 1000 to be able to access these folders:
    chown -R 1000:1000 /home/uadmin/Docker/Graylog/opensearch-data/
    chmod -R 770 /home/uadmin/Docker/Graylog/opensearch-data/
  • delete all old graylog data, except the config-folder:
    find /home/uadmin/Docker/Graylog/graylog_data/ -mindepth 1 -maxdepth 1 ! -name "config" -exec rm -rf {} \;
  • check again, if the access rights are as needed: Graylog needs user 1100, Opensearch needs user 1000.
  • start Graylog Docker Stack with the new compose.yaml. → check logs
  • I stopped Graylog and Opensearch, before I upgraded the mongodb to the new version:
    docker exec mongodb mongosh --eval 'db.adminCommand( { setFeatureCompatibilityVersion: "6.0" } )'
  • start Opensearch and let it work through the indices → check logs
  • start Graylog → check logs

My new version of Graylog in the version 6.0.1 seems to be running stable for an our now. :wink:

I am far away from being a pro, so any feedback is very much welcome.

  • Did I do it correctly? Anything to improve for next time?
  • especially: is setting the compatibilityVersion to 6.0 for the mongodb enough or do I need to do some more steps?