Trying to restore snapshot

fribse · January 4, 2022, 1:42pm

So I've been running my Elasticsearch in docker-compose.
Now I have by accident lost all my data , it's not so much the data itself as that is only historic, but rather all the kibana work made.
I'm now trying to restore a snapshot I had.
If I send a 'GET _snapshot' I get an empty list {}.
But if I look inside the container in opt/Elasticsearch/backup I see the snapshot which is store in the hostfilesystem.
So I'm hoping I can get Elasticsearch to discover the snapshot and do a restore, and that the snapshot is new enough for the 7.16.2 to understand it.
Anybody that has some help for me on this?

leandrojmp · January 4, 2022, 2:04pm

What version are you running? In which version was the snapshot created?

Since you had a filesystem snapshot, you should have a path.repo line in your elasticsearch.yml pointing to that same path, please share your elastiscearch.yml.

You can try to register this path as a snapshot and check if Elasticsearch can read that, follow the documentation on how to register a filesystem repository.

fribse · January 4, 2022, 2:50pm

The whole operation was to get it to 7.16.2 (log4j), so that is what the cluster is running now.
The backup was done on a 6.5.11 (if I recall correctly), it was moved to 6.8.22 but no snapshot was done there.

The settings for the Elasticsearch looks like this:

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.16.2
    container_name: es01
    environment:
      - node.name=es01
      - cluster.name=docker-cluster
      - discovery.seed_hosts=elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=es01,es02,es03
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms28g -Xmx28g"
      - 'path.repo=/opt/elasticsearch/backup'
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.key=$CERTS_DIR/es01/es01.key
      - xpack.security.http.ssl.certificate_authorities=$CERTS_DIR/ca/ca.crt
      - xpack.security.http.ssl.certificate=$CERTS_DIR/es01/es01.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=$CERTS_DIR/ca/ca.crt
      - xpack.security.transport.ssl.certificate=$CERTS_DIR/es01/es01.crt
      - xpack.security.transport.ssl.key=$CERTS_DIR/es01/es01.key
# DO NOT GO ABOVE 31 GB, as that will move it to 64 bits, which is not recommended"
    ulimits:
      nproc: 65535
      memlock:
        soft: -1
        hard: -1
    cap_add:
      - ALL
    privileged: true
    volumes:
      - esdata1:/usr/share/elasticsearch/data
      - /docker/elastic-backup1:/opt/elasticsearch/backup
      - certs:$CERTS_DIR
    ports:
      - 9201:9200
      - 9300:9300
    restart: always

So currently no path.repo is set up here. I will try to set up the path through requests.

fribse · January 4, 2022, 3:14pm

Ok, so I did a PUT /_snapshot/backup with


{
  "type": "fs",
  "settings": {
    "location": "/opt/elasticsearch/backup",
    "compress": true
  }
}

And after doing that I did a GET _snapshot and I got

{"backup":{"type":"fs","settings":{"compress":"true","location":"/opt/Elasticsearch/backup"}}}

So that looks good, now I just need to find out if I can restore it...

leandrojmp · January 4, 2022, 3:42pm

You should use cat snapshots to see if Elasticsearch will detect any snapshots in that path.

Try: GET _cat/snapshots/backup or GET _cat/snapshots

fribse · January 5, 2022, 8:10am

Hi Leandro
Thankyou very very much for helping me out here.

Darned, either of them returns an empty string.
Odd thing is, I tried doing the 'PUT /_snapshot/backup' while only having copied files back for the first node, and then it complained that the backup was incomplete, after copying data back for all nodes it didn't complain.
Is that because the snapshot is too old for 7.16.2?

fribse · January 5, 2022, 8:27am

I tried starting the cluster up with 6.8.22, and do a
PUT /_snapshot/backup

{
  "type": "fs",
  "settings": {
    "location": "/opt/elasticsearch/backup",
    "compress": true
  }
}

Like before, I did that on all three nodes.
If I do a GET /_cat/snapshots
I get this message:

{
  "error": {
    "root_cause": [{
      "type": "action_request_validation_exception",
      "reason": "Validation Failed: 1: repository is missing;"
    }],
    "type": "action_request_validation_exception",
    "reason": "Validation Failed: 1: repository is missing;"
  },
  "status": 400
}

leandrojmp · January 5, 2022, 2:57pm

A snapshot made in version 6 is compatible with a version 7 cluster, so, if you have a snapshot in that path, a cluster in version 7 would be able to read it.

Also, since you are use a filesystem repository, the path.repo should be in every node and the mount point should be the same for every node.

You need to do the following steps to check if there is a repository in that path.

Add the path.repo in all the nodes and mount the same mount point on them.
Register the snapshot
Use GET _cat/snapshots/backup, supposing that backup was the name you used for the snapshot while registering.

If the GET request returns nothing, them Elasticsearch didn't find any snapshot in that path.

fribse · January 6, 2022, 1:09am

I there a way I can see the name of it in the files?

system · February 3, 2022, 1:09am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.