I am looking at upgrading my 7.17 cluster to version 8, first stop the depreciation logs!
I notice that there is both a deprecation.log and a deprecation.json and they have different data.
deprecation.log:
[2020-11-16T19:25:42,963][WARN ][o.e.d.l.XPackLicenseState] [secmonprd08] Automatically enabling security because [xpack.security.transport.ssl.enabled] is true. This behaviour will be removed in a future version of Elasticsearch. Please set [xpack.security.enabled] to true
[2020-11-17T08:28:53,361][WARN ][o.e.d.x.c.s.SSLService ] [secmonprd08] SSL configuration [xpack.security.http.ssl.] relies upon fallback to another configuration for [key configuration, trust configuration], which is deprecated.
[2020-11-17T08:28:53,385][WARN ][o.e.d.x.c.s.SSLService ] [secmonprd08] SSL configuration [xpack.http.ssl] relies upon fallback to another configuration for [key configuration, trust configuration], which is deprecated.
[2020-11-17T08:28:53,385][WARN ][o.e.d.x.c.s.SSLService ] [secmonprd08] SSL configuration [xpack.security.transport.ssl.] relies upon fallback to another configuration for [key configuration, trust configuration], which is deprecated.
repeated every 5 minutes or so ?
in configuration file I have:
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.key: /etc/elasticsearch/ssl/privkey.pem
xpack.security.http.ssl.certificate: /etc/elasticsearch/ssl/fullchain.pem
xpack.security.transport.ssl.key: /etc/elasticsearch/ssl/privkey.pem
xpack.security.transport.ssl.certificate: /etc/elasticsearch/ssl/fullchain.pem
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.enabled is explicitly set ???
Very confused!
Also these messages do not appear in the deprecation.json file ??
other messages relating to zen.discovery appear in both logs.
I just remembered the upgrade assistant! It lists only the errors relating to the discovery and recovery options as critical. I have fixed these on my test cluster without issues.. It makes no mention of the xpack security issues. I assume this means that, assuming the issues are real they are not going to break anything when I move to 8.
It also lists one critical kibana issue Setting "logging.dest" is deprecated -- this option is no in the kibana.yml file?
Lastly there are a bunch of depreciation issues related to "system" indexes -- as far as I can see these are all kibana related indexes -- again confusing