I'm starting to think about the correct procedure to apply security patches on the ES nodes (OS: CentOS).
I have several clusters with different purpose but I focused on the most important; this cluster is composed in this way:
- 3 Master nodes
- 10 Data nodes
- 2 Coordinating-only nodes
generally, OS's security patches do not require server reboot but:
- should I set a specific parameter before to start the procedure?
- should I consider something particular to avoid any overload?
I suppose I will patch servers using this schema:
day1: 1 master and 2 data
day2: 1 master and 2 data
day3: 1 master and 2 data
day4: 1 coord and 2 data
day5: 1 coord and 2 data