From 56c81885e3cac96856672c6173c013aada91cecb Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 17:29:14 +0530 Subject: [PATCH 01/16] update elasticsearch version on public.yml on staging --- environments/staging/public.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/environments/staging/public.yml b/environments/staging/public.yml index d074b75579..cc3a21628c 100644 --- a/environments/staging/public.yml +++ b/environments/staging/public.yml @@ -3,8 +3,8 @@ monitor_celery_heartbeat: False elasticsearch_endpoint: '{{ groups.elasticsearch.0 }}' elasticsearch_cluster_name: 'staginges' -elasticsearch_version: 5.6.16 -elasticsearch_download_sha256: 6b035a59337d571ab70cea72cc55225c027ad142fbb07fd8984e54261657c77f. +elasticsearch_version: 6.8.23 +elasticsearch_download_sha256: 73258b400cd194768058105a74ca0e811962ccf81bed8c4d3a824d4e5b97a8178a31150e60602fa1e04c6764b139980eb45ae6f246864702120653b45120b597. elasticsearch_delete_old_logs: True kafka_version: 3.2.3 From 60153343a1256ad809db0c2ff9b96dcbea4266f7 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 17:32:25 +0530 Subject: [PATCH 02/16] add task to download es 6 --- .../ansible/roles/elasticsearch/tasks/main.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml index 2816e3a088..ffa49de274 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml @@ -32,6 +32,15 @@ dest: "/home/{{ cchq_user }}/downloads/elasticsearch-{{ elasticsearch_version }}.tar.gz" when: elasticsearch_version == "5.6.16" +- name: Download Elasticsearch 6 + become: yes + get_url: + url: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{ elasticsearch_version }}.tar.gz + dest: "/home/{{ cchq_user }}/downloads/elasticsearch-{{ elasticsearch_version }}.tar.gz" + sha256sum: "{{ elasticsearch_download_sha256 }}" + when: elasticsearch_version is version('6.0.0', '>=') and elasticsearch_version is version('7.0.0', '<') + + - name: Download Elasticsearch 7 become: yes get_url: From 8d371ff19f9be5358609cc6b4f06707250e16bcc Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 17:34:41 +0530 Subject: [PATCH 03/16] create misc settings for es6 --- .../roles/elasticsearch/tasks/misc_v6.yml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml new file mode 100644 index 0000000000..341f101216 --- /dev/null +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml @@ -0,0 +1,35 @@ +- name: Copy Elasticsearch logging config + become: yes + copy: + src: log4j2.properties + dest: "{{ elasticsearch_conf_dir }}/log4j2.properties" + owner: elasticsearch + group: elasticsearch + register: copy_elasticsearch_logging_result + tags: + - es_conf + +- name: Copy Elasticsearch JVM Options + become: yes + template: + src: config/jvm.options.j2 + dest: "{{ elasticsearch_conf_dir }}/jvm.options" + owner: elasticsearch + group: elasticsearch + register: copy_elasticsearch_logging_result + tags: + - es_conf + +- name: Install elasticsearch python client + become: yes + pip: + name: elasticsearch>=6.0.0,<7.0.0 + +- name: Check for installed plugins + shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin list" + register: installed_plugins + +- name: Install elasticsearch phonetic plugin + become: yes + shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin install analysis-phonetic" + when: (installed_plugins.stdout is defined) and ('analysis-phonetic' not in installed_plugins.stdout) and es_plugins_phonetic_enabled From f493e31bfee984d3ea3ee63db00ae35ced89543e Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 17:37:01 +0530 Subject: [PATCH 04/16] include es5 related changes in main task --- src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml index ffa49de274..ac66ccc533 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml @@ -87,6 +87,10 @@ - include_tasks: misc_v5.yml when: elasticsearch_version == '5.6.16' +- include_tasks: misc_v6.yml + when: elasticsearch_version is version('6.0.0', '>=') and elasticsearch_version is version('7.0.0', '<') + + - include_tasks: misc_v7.yml when: elasticsearch_version is version('7.0.0', '>=') From 05a2c0d9f00cbcc7cd007c483b5b8e9ead8df91f Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 17:38:59 +0530 Subject: [PATCH 05/16] update es config file and service file --- .../elasticsearch/templates/config/elasticsearch.yml.j2 | 8 ++++++-- .../templates/systemd/elasticsearch.service.j2 | 4 +++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 index 4e1ea78bf4..9bdc6374b1 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 @@ -26,15 +26,18 @@ http.max_content_length: 200mb path.data: {{ elasticsearch_data_dir }}/data path.logs: {{ elasticsearch_data_dir }}/logs -{% if elasticsearch_version is version('5.6.16', '<=') %} +{% if elasticsearch_version is version('7.0.0', '<') %} # discovery.zen.minimum_master_nodes is the minimum number of # MASTER ELIGIBLE nodes that must be reachable before a master may be elected # Best practice is to set it to M/2 + 1 where M is the number of master-eligible nodes, # but (todo) we DO NOT follow best practice. discovery.zen.minimum_master_nodes: {{ [2, groups.elasticsearch|map('extract', hostvars, 'elasticsearch_master_value')|select()|list | length] | min }} + +{% if elasticsearch_version is version('5.6.16', '<') %} discovery.zen.fd.ping_timeout: 90s discovery.zen.fd.ping_interval: 10s discovery.zen.fd.ping_retries: 20 +{% endif %} {% if elasticsearch_version == '5.6.16' %} discovery.zen.ping_timeout: 90s @@ -87,8 +90,9 @@ cloud: {% endif %} # Only auto create elastic search internal indices +{% if elasticsearch_version is version('5.6.16', '<=') %} action.auto_create_index: .watches,.triggered_watches,.watcher-history-* - +{% endif %} {% if es_local_repo and not backup_es_s3%} path.repo: ["{{ elasticsearch_data_dir }}/snapshot"] diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 index 5cf8a359e5..3ec8e644e7 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 @@ -7,8 +7,10 @@ After=network-online.target [Service] Type=simple Environment=ES_HOME={{ elasticsearch_home }} -Environment=CONF_DIR={{ elasticsearch_conf_dir}} Environment=ES_PATH_CONF={{ elasticsearch_conf_dir}} +{% if elasticsearch_version <= '5.6.16'%} +Environment=CONF_DIR={{ elasticsearch_conf_dir}} +{% endif %} {% if elasticsearch_version == '5.6.16'%} Environment=ES_JVM_OPTIONS={{ elasticsearch_conf_dir}}/jvm.options {% endif %} From 88141e92e8bd521cf4e00b21f82f5328b88e0847 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 17:43:55 +0530 Subject: [PATCH 06/16] update elasticsearch_major_version to get right es client on staging --- environments/staging/public.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/environments/staging/public.yml b/environments/staging/public.yml index cc3a21628c..4785267852 100644 --- a/environments/staging/public.yml +++ b/environments/staging/public.yml @@ -135,7 +135,7 @@ localsettings: COUCH_PASSWORD: "{{ COUCH_PASSWORD }}" COUCH_USERNAME: "{{ COUCH_USERNAME }}" DEPLOY_MACHINE_NAME: "{{ ansible_hostname }}" - ELASTICSEARCH_MAJOR_VERSION: 5 + ELASTICSEARCH_MAJOR_VERSION: 6 EMAIL_SMTP_HOST: email-smtp.us-east-1.amazonaws.com EMAIL_SMTP_PORT: 587 EMAIL_USE_TLS: yes From a491b1ba1e6edaef5c19e188825d9f07659d7e5a Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Mon, 21 Oct 2024 18:36:03 +0530 Subject: [PATCH 07/16] update config file based on docs zen settings - https://www.elastic.co/guide/en/elasticsearch/reference/6.8/modules-discovery-zen.html Node settings - https://www.elastic.co/guide/en/elasticsearch/reference/6.8/modules-node.html --- .../elasticsearch/templates/config/elasticsearch.yml.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 index 9bdc6374b1..e18a9463d6 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 @@ -39,12 +39,12 @@ discovery.zen.fd.ping_interval: 10s discovery.zen.fd.ping_retries: 20 {% endif %} -{% if elasticsearch_version == '5.6.16' %} +{% if elasticsearch_version is version('6.0.0', '>=') %} discovery.zen.ping_timeout: 90s {% endif %} {% endif %} -{% if elasticsearch_version is version('5.6.16', '<=') %} +{% if elasticsearch_version is version('7.0.0', '<') %} discovery.zen.ping.unicast.hosts: [ {% endif %} {% if elasticsearch_version is version('7.0.0', '>=') %} @@ -114,7 +114,7 @@ cluster.initial_master_nodes: {% endif %} -{% if elasticsearch_version is version('5.6.16', '<=') %} +{% if elasticsearch_version is version('7.0.0', '<') %} # see also discovery.zen.minimum_master_nodes above for how a master gets elected {# only include master eligibility if it is set on at least one node in the cluster #} {% if groups.elasticsearch|map('extract', hostvars, 'elasticsearch_master_value')|select()|list %} From eb11aa55358c1040002fa38cddb3ba4de598ed53 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Tue, 22 Oct 2024 10:54:40 +0530 Subject: [PATCH 08/16] fix jvm options thats were misconfigured --- .../roles/elasticsearch/templates/config/jvm.options.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/jvm.options.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/jvm.options.j2 index 36761736bf..bb1b9107d1 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/jvm.options.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/jvm.options.j2 @@ -54,7 +54,7 @@ 14-:-XX:InitiatingHeapOccupancyPercent=30 ## JVM temporary directory --Djava.io.tmpdir=${ES_TMPDIR} +-Djava.io.tmpdir={{ elasticsearch_data_dir }}/tmp ## heap dumps @@ -67,7 +67,7 @@ -XX:HeapDumpPath={{ elasticsearch_data_dir }}/logs/heapdump.hprof # specify an alternative path for JVM fatal error logs --XX:ErrorFile={{ elasticsearch_data_dir }}logs/hs_err_pid%p.log +-XX:ErrorFile={{ elasticsearch_data_dir }}/logs/hs_err_pid%p.log ## JDK 8 GC logging 8:-XX:+PrintGCDetails From fda8d7fa5a8b7fc03d7bf70652f70c7655b8c1ef Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Tue, 22 Oct 2024 11:37:32 +0530 Subject: [PATCH 09/16] DRY up es version based config --- .../roles/elasticsearch/tasks/main.yml | 38 ++++++++++++++++--- .../roles/elasticsearch/tasks/misc_v5.yml | 35 ----------------- .../roles/elasticsearch/tasks/misc_v6.yml | 35 ----------------- .../roles/elasticsearch/tasks/misc_v7.yml | 31 --------------- 4 files changed, 32 insertions(+), 107 deletions(-) delete mode 100644 src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v5.yml delete mode 100644 src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml delete mode 100644 src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v7.yml diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml index ac66ccc533..1378049ff7 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml @@ -84,15 +84,41 @@ tags: - es_conf -- include_tasks: misc_v5.yml - when: elasticsearch_version == '5.6.16' +- name: Copy Elasticsearch logging config + become: yes + copy: + src: log4j2.properties + dest: "{{ elasticsearch_conf_dir }}/log4j2.properties" + owner: elasticsearch + group: elasticsearch + register: copy_elasticsearch_logging_result + tags: + - es_conf -- include_tasks: misc_v6.yml - when: elasticsearch_version is version('6.0.0', '>=') and elasticsearch_version is version('7.0.0', '<') +- name: Copy Elasticsearch JVM Options + become: yes + template: + src: config/jvm.options.j2 + dest: "{{ elasticsearch_conf_dir }}/jvm.options" + owner: elasticsearch + group: elasticsearch + register: copy_elasticsearch_logging_result + tags: + - es_conf +- name: Install elasticsearch python client + become: yes + pip: + name: "elasticsearch>={{ elasticsearch_version.split('.')[0] }}.0.0,<{{ elasticsearch_version.split('.')[0] | int + 1 }}.0.0" -- include_tasks: misc_v7.yml - when: elasticsearch_version is version('7.0.0', '>=') +- name: Check for installed plugins + shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin list" + register: installed_plugins + +- name: Install elasticsearch phonetic plugin + become: yes + shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin install analysis-phonetic" + when: (installed_plugins.stdout is defined) and ('analysis-phonetic' not in installed_plugins.stdout) and es_plugins_phonetic_enabled - name: Copy Elasticsearch Systemd Conf become: yes diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v5.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v5.yml deleted file mode 100644 index 36ebf9beab..0000000000 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v5.yml +++ /dev/null @@ -1,35 +0,0 @@ -- name: Copy Elasticsearch logging config - become: yes - copy: - src: log4j2.properties - dest: "{{ elasticsearch_conf_dir }}/log4j2.properties" - owner: elasticsearch - group: elasticsearch - register: copy_elasticsearch_logging_result - tags: - - es_conf - -- name: Copy Elasticsearch JVM Options - become: yes - template: - src: config/jvm.options.j2 - dest: "{{ elasticsearch_conf_dir }}/jvm.options" - owner: elasticsearch - group: elasticsearch - register: copy_elasticsearch_logging_result - tags: - - es_conf - -- name: Install elasticsearch python client - become: yes - pip: - name: elasticsearch>=5.0.0,<6.0.0 - -- name: Check for installed plugins - shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin list" - register: installed_plugins - -- name: Install elasticsearch phonetic plugin - become: yes - shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin install analysis-phonetic" - when: (installed_plugins.stdout is defined) and ('analysis-phonetic' not in installed_plugins.stdout) and es_plugins_phonetic_enabled diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml deleted file mode 100644 index 341f101216..0000000000 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v6.yml +++ /dev/null @@ -1,35 +0,0 @@ -- name: Copy Elasticsearch logging config - become: yes - copy: - src: log4j2.properties - dest: "{{ elasticsearch_conf_dir }}/log4j2.properties" - owner: elasticsearch - group: elasticsearch - register: copy_elasticsearch_logging_result - tags: - - es_conf - -- name: Copy Elasticsearch JVM Options - become: yes - template: - src: config/jvm.options.j2 - dest: "{{ elasticsearch_conf_dir }}/jvm.options" - owner: elasticsearch - group: elasticsearch - register: copy_elasticsearch_logging_result - tags: - - es_conf - -- name: Install elasticsearch python client - become: yes - pip: - name: elasticsearch>=6.0.0,<7.0.0 - -- name: Check for installed plugins - shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin list" - register: installed_plugins - -- name: Install elasticsearch phonetic plugin - become: yes - shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin install analysis-phonetic" - when: (installed_plugins.stdout is defined) and ('analysis-phonetic' not in installed_plugins.stdout) and es_plugins_phonetic_enabled diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v7.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v7.yml deleted file mode 100644 index c156a2c675..0000000000 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/misc_v7.yml +++ /dev/null @@ -1,31 +0,0 @@ - -- name: Copy Elasticsearch logging config - become: yes - copy: - src: log4j2.properties - dest: "{{ elasticsearch_conf_dir }}/log4j2.properties" - owner: elasticsearch - group: elasticsearch - register: copy_elasticsearch_logging_result - tags: - - es_conf - -- name: Copy Elasticsearch JVM Options - become: yes - template: - src: config/jvm.options.j2 - dest: "{{ elasticsearch_conf_dir }}/jvm.options" - owner: elasticsearch - group: elasticsearch - register: copy_elasticsearch_logging_result - tags: - - es_conf - -- name: Install elasticsearch python client - become: yes - pip: - name: elasticsearch>=7.0.0,<8.0.0 - -- name: Check for installed plugins - shell: "{{ elasticsearch_home }}/bin/elasticsearch-plugin list" - register: installed_plugins From 086eba47d387e7a14cd0b99195814e54cd8a3f95 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Tue, 22 Oct 2024 11:39:32 +0530 Subject: [PATCH 10/16] fix typo --- .../roles/elasticsearch/templates/config/elasticsearch.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 index e18a9463d6..02d8988550 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 @@ -39,7 +39,7 @@ discovery.zen.fd.ping_interval: 10s discovery.zen.fd.ping_retries: 20 {% endif %} -{% if elasticsearch_version is version('6.0.0', '>=') %} +{% if elasticsearch_version is version('5.0.0', '>=') %} discovery.zen.ping_timeout: 90s {% endif %} {% endif %} From 56def3d7f08b55e9e0b38910955e71fed8e4a03a Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Tue, 22 Oct 2024 11:42:22 +0530 Subject: [PATCH 11/16] cleanup es 2 related settings --- .../ansible/roles/elasticsearch/defaults/main.yml | 1 - .../templates/config/elasticsearch.yml.j2 | 13 ------------- 2 files changed, 14 deletions(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/defaults/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/defaults/main.yml index ec802266eb..4b5d4a430f 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/defaults/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/defaults/main.yml @@ -12,7 +12,6 @@ elasticsearch_http_port: 9200 #es_snapshot_bucket: "dimagi-{{ deploy_env }}-es-snapshots" es_repository_name: "{{ deploy_env }}_es_snapshot" backup_es_swift: no -elasticsearch_enable_inline_groovy_scripts: True elasticsearch_service_name: elasticsearch elasticsearch_node_name: "{{ hostname }}" elasticsearch_delete_old_logs: False diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 index 02d8988550..c3ab060451 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/config/elasticsearch.yml.j2 @@ -33,12 +33,6 @@ path.logs: {{ elasticsearch_data_dir }}/logs # but (todo) we DO NOT follow best practice. discovery.zen.minimum_master_nodes: {{ [2, groups.elasticsearch|map('extract', hostvars, 'elasticsearch_master_value')|select()|list | length] | min }} -{% if elasticsearch_version is version('5.6.16', '<') %} -discovery.zen.fd.ping_timeout: 90s -discovery.zen.fd.ping_interval: 10s -discovery.zen.fd.ping_retries: 20 -{% endif %} - {% if elasticsearch_version is version('5.0.0', '>=') %} discovery.zen.ping_timeout: 90s {% endif %} @@ -69,13 +63,6 @@ network.host: "{{ lookup('dig', inventory_hostname, wantlist=True)[0] }}" indices.fielddata.cache.size: {{ elasticsearch_fielddata_cache_size }} {% endif %} -{% if elasticsearch_enable_inline_groovy_scripts %} -{% if elasticsearch_version is version('5.6.16', '<=') %} -# somewhat of a security risk but required by pact custom reports -script.engine.groovy.inline.aggs: true -script.engine.groovy.inline.search: true -{% endif %} -{% endif %} {% if backup_es_s3 and AMAZON_S3_ACCESS_KEY %} cloud: From a9392171c537b1c628e47a439d482122bb028db7 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Thu, 24 Oct 2024 15:34:31 +0530 Subject: [PATCH 12/16] fix download hash for es es website give sha512 for the zip, updated it to use sha256 --- environments/staging/public.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/environments/staging/public.yml b/environments/staging/public.yml index 4785267852..17ce2527ab 100644 --- a/environments/staging/public.yml +++ b/environments/staging/public.yml @@ -4,7 +4,7 @@ monitor_celery_heartbeat: False elasticsearch_endpoint: '{{ groups.elasticsearch.0 }}' elasticsearch_cluster_name: 'staginges' elasticsearch_version: 6.8.23 -elasticsearch_download_sha256: 73258b400cd194768058105a74ca0e811962ccf81bed8c4d3a824d4e5b97a8178a31150e60602fa1e04c6764b139980eb45ae6f246864702120653b45120b597. +elasticsearch_download_sha256: 424af91f838f9e5f13e0292f97cbd6333535450291a621d761bd479dfc2dff78. elasticsearch_delete_old_logs: True kafka_version: 3.2.3 From 6acafad404bf14823923954ff684d3c7f1c1d694 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Thu, 24 Oct 2024 15:36:56 +0530 Subject: [PATCH 13/16] don't use deprecated syntax to check checksum --- src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml index 1378049ff7..d0dcf8b14e 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml @@ -37,7 +37,7 @@ get_url: url: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{ elasticsearch_version }}.tar.gz dest: "/home/{{ cchq_user }}/downloads/elasticsearch-{{ elasticsearch_version }}.tar.gz" - sha256sum: "{{ elasticsearch_download_sha256 }}" + checksum: "sha256:{{ elasticsearch_download_sha256 }}" when: elasticsearch_version is version('6.0.0', '>=') and elasticsearch_version is version('7.0.0', '<') @@ -46,7 +46,7 @@ get_url: url: "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{ elasticsearch_version }}-linux-x86_64.tar.gz" dest: "/home/{{ cchq_user }}/downloads/elasticsearch-{{ elasticsearch_version }}.tar.gz" - sha256sum: "{{ elasticsearch_download_sha256 }}" + checksum: "sha256:{{ elasticsearch_download_sha256 }}" when: elasticsearch_version is version('7.0.0', '>=') - name: Unarchive Elasticsearch From 962134587279d6e2042942d2bd589c6e9646b57c Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Thu, 24 Oct 2024 16:01:28 +0530 Subject: [PATCH 14/16] remove path.conf from setting https://www.elastic.co/guide/en/elasticsearch/reference/6.8/breaking-changes-6.0.html\#_literal_path_conf_literal_is_no_longer_a_configurable_setting --- .../elasticsearch/templates/systemd/elasticsearch.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 b/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 index 3ec8e644e7..a23bb4ef63 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 +++ b/src/commcare_cloud/ansible/roles/elasticsearch/templates/systemd/elasticsearch.service.j2 @@ -19,7 +19,7 @@ WorkingDirectory={{ elasticsearch_home }} User=elasticsearch Group=elasticsearch -ExecStart={{ elasticsearch_home }}/bin/elasticsearch -Epath.conf=${CONF_DIR} +ExecStart={{ elasticsearch_home }}/bin/elasticsearch {% if elasticsearch_version == '5.6.16'%} -Epath.conf=${CONF_DIR} {% endif %} Restart=always RestartSec=10 From f9a79f7f6ff8fd6ea79938e540ca968cc5c17703 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Thu, 24 Oct 2024 16:01:46 +0530 Subject: [PATCH 15/16] also create tmp dir --- src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml index d0dcf8b14e..79e5319de9 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml @@ -154,6 +154,7 @@ - "{{ elasticsearch_data_dir }}" - "{{ elasticsearch_data_dir }}/data" - "{{ elasticsearch_data_dir }}/logs" + - "{{ elasticsearch_data_dir }}/tmp" - name: Start Elasticsearch become: yes From 98c2f9ddcd506b0af40dcce8f5998c82f4391df3 Mon Sep 17 00:00:00 2001 From: Amit Phulera Date: Thu, 24 Oct 2024 17:15:28 +0530 Subject: [PATCH 16/16] check if es directories exist and then create the one which are not present --- .../roles/elasticsearch/tasks/main.yml | 21 ++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml index 79e5319de9..d4eb7bdae4 100644 --- a/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml +++ b/src/commcare_cloud/ansible/roles/elasticsearch/tasks/main.yml @@ -142,20 +142,27 @@ - debug: msg="If you're just updating the ES conf then you sill need to restart the cluster. Use the 'es_rolling_restart' playbook." when: copy_elasticsearch_conf_result.changed -- name: Create Elasticsearch data directories - become: yes - file: +- name: Check if Elasticsearch data directories exist + stat: path: "{{ item }}" - state: directory - owner: elasticsearch - group: elasticsearch - mode: 0755 + register: dir_stat with_items: - "{{ elasticsearch_data_dir }}" - "{{ elasticsearch_data_dir }}/data" - "{{ elasticsearch_data_dir }}/logs" - "{{ elasticsearch_data_dir }}/tmp" +- name: Create Elasticsearch data directories if they do not exist + become: yes + file: + path: "{{ item.item }}" + state: directory + owner: elasticsearch + group: elasticsearch + mode: 0755 + when: not item.stat.exists + with_items: "{{ dir_stat.results }}" + - name: Start Elasticsearch become: yes service: name=elasticsearch state=started enabled=yes