Upgrade the cluster from 7.7 to 7.15 version guidance

Elastic Stack Elasticsearch
1

Hi Experts,

I have an ELK setup of 7.7 version with 3 nodes of Elasticsearch, 2 kibana and 2 logstash on a windows server 64 bit.

A. Below is the existing cluster information:-

Configuration of Elasticsearch servers:
16 GB Ram, 500 GB disk space, 8 core

I have a daily data ingestion of 5 beats i.e., Packetbeat, Metricbeat, Filebeat, Winlogbeat and Heartbeat from different servers.
The daily average volume of data is around 17Gb with 7 days of retention period.
The Elasticsearch index policy is 3 primary with 1 replica, so each index and shards has a very less volume of data in it.

B. Below is the new cluster plan :-

  1. Rollover at 30 GB with 7 days of retention period.
  2. I will create 1 index for every beats.
  3. I will reduce the number of shards to 1 with 1 replica because the daily average data for 5 beats is 17 GB it means each shards will have data of around 3.2 GB with 7 days retention period.
  4. Upgrade the existing environment to 7.15 version

Is this approach correct? Or should I upgrade the existing cluster to 7.15 version and later do the changes?
Or should I first do the changes in existing cluster later upgrade it?

Please help me in this what plan should I have to follow.

Regards,
Tahseen

2

That all looks pretty good!

3

Hi @warkolm

Thank you for your response.
May I know which approach should I follow first?

  1. Upgrading the existing environment and later do the changes.
    Or
  2. Do the changes in existing environment and later upgrade it?

If you could just give me an opinion will be helpful for me.

Regards,
Tahseen

4

It doesn't really matter there, just go with what makes you the most comfortable.

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.