Hello,
We have a cluster running elasticsearch 7.17.7, we recently decided to work on upgrading the cluster to 8.x and everything was going well, I was working on creating a snapshot when I noticed that the system indices especially the .security-6 index have been reindex and named .security-6-reindexed-to-8 so after digging around i found out that my college used the update assistant feature that reindex system indices to be compatible with ES8 before giving me a chance to use the snapshot feature.
I just would like to know if there’s anyway to revert that or am I overthinking it, We don’t have a .security-7 index so I guess the .security-6 was the active index on our ES7 index due to it being recently updated and having content.
If i take the snapshot now and had to downgrade from ES8 back to 7 in case of emergency will the index work as expected.
After he did the .security reindex I can see that everything is still working on our current setup users still can login without any issues.
Any changes made by the migration assistant will work on the current version and also set it up to work on version 8. As Elasticsearch does not support downgrades there is no point in snapshotting the index in version 6 format, so I would recommend snapshotting the current cluster as everything is working well.
I know it’s a bit off topic but i always had an issue in understanding how the snapshot feature actually work, like if I faced an issue after upgrading to 8.x and the cluster failed to start how would I proceed in restoring the snapshot to get my cluster back up and running.
Once you upgrade indices get modifies and converted to version 8 and you can at that point not downgrade back to Elasticsearch 7.17 with the data in the cluster. If something went wrong and you wanted to go back you would need to install 7.17 and clear the cluster before restoring all data from the snapshot you took prior to the upgrade.
That’s interesting last question I promise, so if we decided to create a snapshot that only includes system indices (to avoid having to create a 40tb snapshot) and after upgrading the cluster something fails and we decided to revert back to 7.17 and run the snapshot restore function things might not work because my data streams (the 40tb data indices) are still in their ES8 state. or since they are only data indices they will work on 7.17.7
Thank you so much Christian for the help, this was really insightful.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.