You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/en/install-upgrade/upgrading-stack.asciidoc
+271Lines changed: 271 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -131,9 +131,280 @@ IMPORTANT: You cannot downgrade {es} nodes after upgrading. If you cannot comple
131
131
+
132
132
. If you use a separate {ref}/monitoring-production.html[monitoring cluster], you should upgrade the monitoring cluster before the production cluster. In general, the monitoring cluster and the clusters being monitored should be running the same version of the stack. A monitoring cluster cannot monitor production clusters running newer versions of the stack. If necessary, the monitoring cluster can monitor production clusters running the latest release of the previous major version.
133
133
134
+
[discrete]
135
+
[[anomaly-detection-results-migration]]
136
+
=== Anomaly detection results migration
137
+
138
+
The {anomaly-detect} result indices `.ml-anomalies-*` created in {es} 7.x must be either reindexed, marked read-only, or deleted before upgrading to 9.x.
139
+
140
+
**Reindexing**: While {anomaly-detect} results are being reindexed, jobs continue to run and process new data. However, you cannot completely delete an {anomaly-job} that stores results in this index until the reindexing is complete.
141
+
142
+
**Marking indices as read-only**: This is useful for large indexes that contain the results of only one or a few {anomaly-jobs}. If you delete these jobs later, you will not be able to create a new job with the same name.
143
+
144
+
**Deleting**: Delete jobs that are no longer needed in the {ml-app} app in {kib}. The result index is deleted when all jobs that store results in it have been deleted.
145
+
146
+
.Which indices require attention?
147
+
[%collapsible]
148
+
====
149
+
To identify indices that require action, use the https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-migration-deprecations-1[Deprecation info API]:
150
+
151
+
[source,console]
152
+
----
153
+
GET /.ml-anomalies-*/_migration/deprecations
154
+
----
155
+
156
+
The response contains the list of critical deprecation warnings in the `index_settings` section:
157
+
158
+
[source,console]
159
+
----
160
+
"index_settings": {
161
+
".ml-anomalies-shared": [
162
+
{
163
+
"level": "critical",
164
+
"message": "Index created before 8.0",
165
+
"url": "https://ela.st/es-deprecation-8-reindex",
166
+
"details": "This index was created with version 7.8.23 and is not compatible with 9.0. Reindex or remove the index before upgrading.",
167
+
"resolve_during_rolling_upgrade": false
168
+
}
169
+
]
170
+
}
171
+
----
172
+
====
173
+
174
+
.Reindexing anomaly result indices
175
+
[%collapsible]
176
+
====
177
+
For an index with less than 10GB that contains results from multiple jobs that are still required, we recommend reindexing into a new format using UI. You can use the https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-indices-1[Get index information API] to obtain the size of an index:
134
178
179
+
[source,console]
180
+
----
181
+
GET _cat/indices/.ml-anomalies-custom-example?v&h=index,store.size
182
+
----
135
183
184
+
The reindexing can be initiated in the {kib} Upgrade Assistant.
136
185
186
+
If an index size is greater than 10 GB, it is recommended to use the Reindex API. Reindexing consists of the following steps:
187
+
188
+
. Set the original index to read-only.
189
+
+
190
+
[source,console]
191
+
----
192
+
PUT .ml-anomalies-custom-example/_block/read_only
193
+
----
194
+
195
+
. Create a new index from the legacy index.
196
+
+
197
+
[source,console]
198
+
----
199
+
POST _create_from/.ml-anomalies-custom-example/.reindexed-v9-ml-anomalies-custom-example
200
+
----
201
+
202
+
. Reindex documents. To accelerate the reindexing process, it is recommended that the number of replicas be set to `0` before the reindexing and then set back to the original number once it is completed.
203
+
204
+
.. Get the number of replicas.
205
+
+
206
+
[source,console]
207
+
----
208
+
GET /.reindexed-v9-ml-anomalies-custom-example/_settings
209
+
----
210
+
+
211
+
Note the number of replicas in the response. For example:
212
+
+
213
+
[source,console]
214
+
----
215
+
{
216
+
".reindexed-v9-ml-anomalies-custom-example": {
217
+
"settings": {
218
+
"index": {
219
+
"number_of_replicas": "1",
220
+
"number_of_shards": "1"
221
+
}
222
+
}
223
+
}
224
+
}
225
+
----
226
+
227
+
.. Set the number of replicas to `0.`
228
+
+
229
+
[source,console]
230
+
----
231
+
PUT /.reindexed-v9-ml-anomalies-custom-example/_settings
232
+
{
233
+
"index": {
234
+
"number_of_replicas": 0
235
+
}
236
+
}
237
+
----
238
+
239
+
.. Start the reindexing process in asynchronous mode.
. Get the aliases the original index is pointing to.
274
+
+
275
+
[source,console]
276
+
----
277
+
GET .ml-anomalies-custom-example/_alias
278
+
----
279
+
+
280
+
The response may contain multiple aliases if the results of multiple jobs are stored in the same index.
281
+
+
282
+
[source,console]
283
+
----
284
+
{
285
+
".ml-anomalies-custom-example": {
286
+
"aliases": {
287
+
".ml-anomalies-example1": {
288
+
"filter": {
289
+
"term": {
290
+
"job_id": {
291
+
"value": "example1"
292
+
}
293
+
}
294
+
},
295
+
"is_hidden": true
296
+
},
297
+
".ml-anomalies-example2": {
298
+
"filter": {
299
+
"term": {
300
+
"job_id": {
301
+
"value": "example2"
302
+
}
303
+
}
304
+
},
305
+
"is_hidden": true
306
+
}
307
+
}
308
+
}
309
+
}
310
+
----
311
+
312
+
. Now you can reassign the aliases to the new index and delete the original index in one step. Note that when adding the new index to the aliases, you must use the same `filter` and `is_hidden` parameters as for the original index.
Legacy indices created in {es} 7.x can be made read-only and supported in {es} 9.x. Making an index with a large amount of historical results read-only allows for a quick migration to the next major release, since you don't have to wait for the data to be reindexed into the new format. However, it has the limitation that even after deleting an {anomaly-job}, the historical results associated with this job are not completely deleted. Therefore, the system will prevent you from creating a new job with the same name.
374
+
375
+
To set the index as read-only, add the write block to the index:
376
+
377
+
[source,console]
378
+
----
379
+
PUT .ml-anomalies-custom-example/_block/write
380
+
----
381
+
382
+
Indices created in {es} 7.x that have a write block will not raise a critical deprecation warning.
383
+
====
384
+
385
+
.Deleting anomaly result indices
386
+
[%collapsible]
387
+
====
388
+
If an index contains results of the jobs that are no longer required. To list all jobs that stored results in an index, use the terms aggregation:
389
+
390
+
[source,console]
391
+
----
392
+
GET .ml-anomalies-custom-example/_search
393
+
{
394
+
"size": 0,
395
+
"aggs": {
396
+
"job_ids": {
397
+
"terms": {
398
+
"field": "job_id",
399
+
"size": 100
400
+
}
401
+
}
402
+
}
403
+
}
404
+
----
405
+
406
+
The jobs can be deleted in the UI. After the last job is deleted, the index will be deleted as well.
407
+
====
137
408
138
409
////
139
410
Before you upgrade to {version}, it's important to take some preparation steps.
0 commit comments