Hi,
I'm trying to find the root cause of an issue in my elasticsearch cluster. Recently my Elasticsearch went Red and from that day onwards I see that there are around 100M records missing from the index. I don't find any specific logs regarding this in the logs. Just that one of the node was removed from the cluster.
Any help to find the cause would be really helpful.
What is the size and configuration of the cluster? Do you have any indices that are red or yellow? Is there anything in the logs?
There are 8 nodes in the cluster with 370M documents on each node. Each index has 5 shards.
Yes, the cluster was in red state for some time, also the logs show that one of the node was not reachable, that's it.
Also, one more thing, the refresh interval was -1 and the replicas were 0. This could mean if one of the nodes is lost any new data that going to come in will be lost, but the missing data is from last month, the current data is intact.
Let me know if you want any specific configurations?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.