The following installation guide has been written as an example of an in-place full-cluster restart upgrade from Elasticsearch 7.10.2 to OpenSearch 2.0.1 on RHEL OS. It is meant to be used as a supplemental guide to the official OpenSearch installation guides. For a full set of installation instructions for OpenSearch software, see the OpenSearch documentation.
Installation Prerequisites
- Confirm the minimum software requirements are met.
- Determine average daily and hourly volume ingest by Graylog node(s).
- Confirm Graylog journal(s) are configured appropriately, e.g. review capacity, configurations, and test high-utilization of journal(s).
- Register a snapshot repository within the Elasticsearch cluster, unless one already exists.
- Create a full-cluster snapshot of the Elasticsearch cluster.
- Pause Message Processing on Graylog node(s). (Go to the web interface of each node, then navigate to System > Nodes. Click on the More Actions dropdown next to each node, and then select Pause Message Processing.)
- Disable shard replication in your Elasticsearch cluster:
curl -X PUT "http://hostame-of-an-OpenSearch-node:9200/_cluster/settings" -H 'Content-Type: application/json' -d'{
"transient" : {
"cluster.routing.allocation.enable" : "primaries"
}
}
'
- Shut down the Elasticsearch cluster (and confirm it is down before proceeding to installation).
OpenSearch Installation Method
For RHEL, you will be able to choose from a manual method of installation (RPM) or installing via YUM.
RPM
- Download the RPM package directly from the OpenSearch site for v2.0. The RPM package is available for both x64 and arm64.
- Import the public GPG key. This key verifies that your OpenSearch instance is signed:
sudo rpm --import https://artifacts.opensearch.org/publickeys/opensearch.pgp
- On your host, use
sudo yum install
orsudo rpm -ivh
to install the package:
sudo yum install opensearch-2.0.1-linux-x64.rpm
sudo rpm -ivh opensearch-2.0.1-linux-x64.rpm
YUM
- Create a repository file for OpenSearch:
sudo curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch/1.x/opensearch-1.x.repo -o /etc/yum.repos.d/opensearch-1.x.repo
Then verify the repos: sudo yum repolist
.
- Clean your YUM cache:
sudo yum clean all
- OpenSearch is available for download and installation:
sudo yum install opensearch-2.0.1
- Verify that the fingerprint matches the following:
Fingerprint: c5b7 4989 65ef d1c2 924b a9d5 39d3 1987 9310 d3fc
If correct, enter yes
or y
. The OpenSearch installation continues.
Complete Installation
- Take note of the PATH assigned to parameter path.data in the elasticsearch.yml file of your Elasticsearch nodes.
- Copy the contents of the elasticsearch.yml path.data PATH to the opensearch.yml path.data:
sudo rsync -avP /var/lib/elasticsearch/* /var/lib/opensearch/
- Update the ownership of the
/var/lib/opensearch
directory toopensearch:opensearch
so OpenSearch can read the Elasticsearch data:
sudo chown -R opensearch:opensearch /var/lib/opensearch
- Edit opensearch.yml file on all Elasticsearch nodes. If you have Elasticsearch nodes with defined roles such as data, leader, etc., then these roles should be defined differently in OpenSearch. For example:
Data node
a. elasticsearch.yml:
node.data: true
node.master: false
b. opensearch.yml:
node.roles: ['data']
Dedicated leader node
a. elasticsearch.yml:
node.data: false
node.master: true
b. opensearch.yml:
node.roles: ['master']
The opensearch.yml configuration file(s) will then look something like this at a minimum:
action.auto_create_index: false
cluster.name: test-cluster1
discovery.seed_hosts: node2,node3
cluster.initial_master_nodes: node1,node2,node3
node.name: node1
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
plugins.security.disabled: true
- Start OpenSearch on all OpenSearch (formerly Elasticsearch) nodes.
- Wait for the OpenSearch cluster to start. Check the
_nodes
summary to verify that all nodes are available and running the expected version:
curl -XGET 'http://hostame-of-an-OpenSearch-node:9200/_nodes/_all?pretty=true'
- Next, check to confirm all indices are shown. Then, continue to refresh and monitor this output until all indices are green:
curl -XGET 'http://hostame-of-an-OpenSearch-node:9200/_cat/indices?v'
- After the cluster is green and all nodes are using the new version, re-enable shard allocation:
curl -X PUT "http://hostame-of-an-OpenSearch-node:9200/_cluster/settings" -H 'Content-Type: application/json' -d'
{
"transient" : {
"cluster.routing.allocation.enable" : "all"
}
}
'
- Restart all Graylog node(s).