elk升级文档

Posted 行知笔记

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了elk升级文档相关的知识,希望对你有一定的参考价值。

1.kibana等都统一版本了,5.4版本的kibana要5.4版本的elasticsearch
2.现有架构:
logstash
logstash读取日志--------》内网redis做队列------------------》写入elasticsearch集群--------》kibana读取集群数据
3.升级版本要求:
Upgrade From Upgrade To Supported Upgrade Type
1.x 5.x Reindex to upgrade
2.x 2.y Rolling upgrade (where y > x)
2.x 5.x Full cluster restart
5.0.0 pre GA 5.x Full cluster restart
5.x 5.y Rolling upgrade (where y > x)
不同主版本之间需要全部关停升级,同一个主版本可以短时间不同小版本es之间运行,高版本的es不会像低版本的同步shards
4.升级注意事项
/etc/sysctl.conf
vm.max_map_count = 262144
 
/etc/security/limits.conf
* soft nofile 655350
* hard nofile 655360
还有应用到的参数,很多改变了,需要提前修改
 
升级步骤:
1.配置项变更
2.禁用自动分片 disabled shard allocation
curl -XPUT ‘localhost:9200/_cluster/settings?pretty‘ -H ‘Content-Type: application/json‘ -d‘
{
"persistent": {
"cluster.routing.allocation.enable": "none"
}
}
 
3.将内存数据同步到磁盘
curl -XPOST ‘localhost:9200/_flush/synced?pretty‘
A synced flush request is a “best effort” operation. It will fail if there are any pending indexing operations, but it is safe to reissue the request multiple times if necessary.
 
4.关闭节点,执行升级
升级详细步骤:
tips:这里是源码包升级
(1)解压到安装目录,不要覆盖原程序目录
(2)从老程序复制config下面的文件到新程序中
  • Either copy the files in the  directory from your old installation to your new installation, or set the environment variable  to the location of the  file and use the  option on the command line to point to an external config directory.
(3)复制老程序/data目录下的数据到新目录到新的数据目录或者改改路径到老目录
  • Either copy the files in the  directory from your old installation to your new installation, or configure the location of the data directory in the  file, with the  setting.
(4)更新所有插件
Elasticsearch plugins must be upgraded when upgrading a node. Use the  script to install the correct version of any plugins that you need.
5.启用节点,开始自动分片(会先变为yellow状态,最后变绿),查看是否加入集群
Start the now upgraded node and confirm that it joins the cluster by checking the log file or by checking the output of this request:
curl -XGET ‘localhost:9200/_cat/nodes?pretty‘
 
6.重新开始分片Reenable shard allocation
Once the node has joined the cluster, reenable shard allocation to start using the node:
curl -XPUT ‘localhost:9200/_cluster/settings?pretty‘ -H ‘Content-Type: application/json‘ -d‘
{
"transient": {
"cluster.routing.allocation.enable": "all"
}
}
7.等集群恢复 Wait for the node to recover
ou should wait for the cluster to finish shard allocation before upgrading the next node. You can check on progress with the  request。
snapshot and restore官方有提供一个升级兼容性检测工具: https://github.com/elastic/elasticsearch-migration/。 这个工具可以发现不兼容的集群配置项,这些配置项需要在部署5.x的时候按照建议做相应的修改。另外如果集群里有1.x创建的索引,这个工具也会指出来,并且可以直接在界面上点点按钮做reindex。
 
not_analyzed字段升级后依然是string / not_analyzed,并不会自动改成keyword,但是5.x可以兼容这个字段类型,数据写入没问题。
 
迁移帮助工具(elasticsearch-migration)
 
 
参考文档:
 
 

以上是关于elk升级文档的主要内容,如果未能解决你的问题,请参考以下文章

ELK- esticsearch 讲解,安装,插件head,bigdesk ,kopf,cerebro(kopf升级版)安装

ELK+filebeat inside docker LTS 长期维护文档

ELK安装文档 + 索引可视化

ELK 安装部署文档-实战

ELK-“线上标准文档”——测试

Elk部署文档