ES 5.0 upgrade woes


#1

Hello, all.

I'm in the process of upgrading ES from version 2.4 to 5.0 on Ubuntu 16.04.1 LTS . I've followed the upgrade documentation to the letter, but at the point where I restart ES, it won't. Here's output from the restart:

Nov 07 11:17:00 elk01 systemd[1]: Starting Elasticsearch...
Nov 07 11:17:00 elk01 systemd[1]: Started Elasticsearch.
Nov 07 11:17:00 elk01 elasticsearch[29993]: Error: encountered environment variables that are no longer supported
Nov 07 11:17:00 elk01 systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Nov 07 11:17:00 elk01 systemd[1]: elasticsearch.service: Unit entered failed state.
Nov 07 11:17:00 elk01 systemd[1]: elasticsearch.service: Failed with result 'exit-code'.

Help tracking down and fixing the issue greatly appreciated.


(Alexander Reelsen) #2

Hey,

some environment variables are not supported anymore, see the breaking changes packaging documentation.

--Alex


(Mike Simos) #3

ES_HEAP_SIZE is no longer supported. This maybe the most likely culprit.

[msimos@msi-gs60 elasticsearch-5.0.0]$ export ES_HEAP_SIZE=1g
[msimos@msi-gs60 elasticsearch-5.0.0]$ bin/elasticsearch
Error: encountered environment variables that are no longer supported
Use jvm.options or ES_JAVA_OPTS to configure the JVM
ES_HEAP_SIZE=1g: set -Xms1g and -Xmx1g in jvm.options or add "-Xms1g -Xmx1g" to ES_JAVA_OPTS

If this is the case use the file jvm.options to set the heap.


#4

Thank you both. In fact, there were a few things I had to bird-dog to get things working, including removing logging.yml.

Now, I have elasticsearch and kibana upgraded to version 5.0, while leaving (for the time being) logstash at version 2.2.4, and beats at the current version. What I'm finding now is that new logs have stopped being pulled in for the past two hours. Most things I try to do return this:

"type":"security_exception","reason":"missing authentication token for REST request"

How do I fix that?

With thanks.


(Mike Simos) #5

Hi,

Were you using Shield before? I don't believe the Shield directory gets migrated/copied. You can either manually copy the files over to the xpack directory. Or you can migrate the users to the native realm:

https://www.elastic.co/guide/en/x-pack/5.0/security-migration.html#migrate-tool


#6

I've never used shield before. I did install X-pack, and the basic license.


(Mike Simos) #7

You need to specify a username and password. The defaults can be found here:

https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html

You can also allow unauthenticated access to enabling anonymous access:

https://www.elastic.co/guide/en/x-pack/current/anonymous-access.html


#8

Thanks so much for all of the responses. During my upgrade odyssey, I've had to track down, and tweak, a fair handful of stuff. I did set the ES and Kibana usernames and passwords. Additionally, I had left off the "acknowledge=true" parameter when installing the X-pack license, so it was never installed. Once I go that square, I added "xpack.security.enabled : false" to elasticsearch.yml, and was thus able to log into kibana. I'm not 100% sure, but I think doing that also allowed the log captures to be up-to-date. That's to name a couple of things.


(system) #9

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.