So I've been running my Elasticsearch in docker-compose.
Now I have by accident lost all my data , it's not so much the data itself as that is only historic, but rather all the kibana work made.
I'm now trying to restore a snapshot I had.
If I send a 'GET _snapshot' I get an empty list {}.
But if I look inside the container in opt/Elasticsearch/backup I see the snapshot which is store in the hostfilesystem.
So I'm hoping I can get Elasticsearch to discover the snapshot and do a restore, and that the snapshot is new enough for the 7.16.2 to understand it.
Anybody that has some help for me on this?
What version are you running? In which version was the snapshot created?
Since you had a filesystem snapshot, you should have a path.repo
line in your elasticsearch.yml
pointing to that same path, please share your elastiscearch.yml
.
You can try to register this path as a snapshot and check if Elasticsearch can read that, follow the documentation on how to register a filesystem repository.
The whole operation was to get it to 7.16.2 (log4j), so that is what the cluster is running now.
The backup was done on a 6.5.11 (if I recall correctly), it was moved to 6.8.22 but no snapshot was done there.
The settings for the Elasticsearch looks like this:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.16.2
container_name: es01
environment:
- node.name=es01
- cluster.name=docker-cluster
- discovery.seed_hosts=elasticsearch2,elasticsearch3
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms28g -Xmx28g"
- 'path.repo=/opt/elasticsearch/backup'
- xpack.security.enabled=true
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=$CERTS_DIR/es01/es01.key
- xpack.security.http.ssl.certificate_authorities=$CERTS_DIR/ca/ca.crt
- xpack.security.http.ssl.certificate=$CERTS_DIR/es01/es01.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.certificate_authorities=$CERTS_DIR/ca/ca.crt
- xpack.security.transport.ssl.certificate=$CERTS_DIR/es01/es01.crt
- xpack.security.transport.ssl.key=$CERTS_DIR/es01/es01.key
# DO NOT GO ABOVE 31 GB, as that will move it to 64 bits, which is not recommended"
ulimits:
nproc: 65535
memlock:
soft: -1
hard: -1
cap_add:
- ALL
privileged: true
volumes:
- esdata1:/usr/share/elasticsearch/data
- /docker/elastic-backup1:/opt/elasticsearch/backup
- certs:$CERTS_DIR
ports:
- 9201:9200
- 9300:9300
restart: always
So currently no path.repo is set up here. I will try to set up the path through requests.
Ok, so I did a PUT /_snapshot/backup with
{
"type": "fs",
"settings": {
"location": "/opt/elasticsearch/backup",
"compress": true
}
}
And after doing that I did a GET _snapshot and I got
{"backup":{"type":"fs","settings":{"compress":"true","location":"/opt/Elasticsearch/backup"}}}
So that looks good, now I just need to find out if I can restore it...
You should use cat snapshots to see if Elasticsearch will detect any snapshots in that path.
Try: GET _cat/snapshots/backup
or GET _cat/snapshots
Hi Leandro
Thankyou very very much for helping me out here.
Darned, either of them returns an empty string.
Odd thing is, I tried doing the 'PUT /_snapshot/backup' while only having copied files back for the first node, and then it complained that the backup was incomplete, after copying data back for all nodes it didn't complain.
Is that because the snapshot is too old for 7.16.2?
I tried starting the cluster up with 6.8.22, and do a
PUT /_snapshot/backup
{
"type": "fs",
"settings": {
"location": "/opt/elasticsearch/backup",
"compress": true
}
}
Like before, I did that on all three nodes.
If I do a GET /_cat/snapshots
I get this message:
{
"error": {
"root_cause": [{
"type": "action_request_validation_exception",
"reason": "Validation Failed: 1: repository is missing;"
}],
"type": "action_request_validation_exception",
"reason": "Validation Failed: 1: repository is missing;"
},
"status": 400
}
A snapshot made in version 6 is compatible with a version 7 cluster, so, if you have a snapshot in that path, a cluster in version 7 would be able to read it.
Also, since you are use a filesystem repository, the path.repo
should be in every node and the mount point should be the same for every node.
You need to do the following steps to check if there is a repository in that path.
- Add the
path.repo
in all the nodes and mount the same mount point on them. - Register the snapshot
- Use
GET _cat/snapshots/backup
, supposing that backup was the name you used for the snapshot while registering.
If the GET request returns nothing, them Elasticsearch didn't find any snapshot in that path.
I there a way I can see the name of it in the files?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.