Differences

This shows you the differences between two versions of the page.

--- elasticsearch [2018/01/18 16:29]
k2patel created
+++ elasticsearch [2021/01/25 23:41] (current)
k2patel [Quick Commands]
@@ Line 1: / Line 1: @@
 ====== Elasticsearch ======
+==== Quick Commands ====
+== Check Cluster Health ==
+<code bash>
+curl -XGET 'http://localhost:9200/_cluster/health?pretty=true'
+</code>
+== List all Indexes ==
+<code bash>
+curl http://localhost:9200/_cat/indices?v
+</code>
+== List all shards ==
+<code bash>
+curl -XGET 'http://localhost:9200/_cat/shards'
+</code>
+== Unassigned shard | timeout ==
+**Try restarting**
+<code bash>
+curl -XPOST -k https://admin:<password>@<hostname>:9200/_cluster/reroute?retry_failed=true --CApath /etc/elasticsearch/root-ca-key.pem
+</code>
+**List indexes not assigned**
+<code bash>
+curl -k --CApath /etc/elasticsearch/root-ca-key.pem -XGET https://admin:<password>@<hostname>:9200/_cat/shards?h=index,shard,prirep,state,unassigned.reason | grep -i UNASSIGNED
+</code>
+**Detailed information on issue**
+<code bash>
+curl -k --CApath /etc/elasticsearch/root-ca-key.pem -XGET https://admin:<password>@<hostname>:9200/_cluster/allocation/explain?pretty
+</code>
+== Detailed Shard Information ==
+<code bash>
+curl -XGET 'http://localhost:9200/_cat/shards/filebeat?pretty=true'
+</code>
+== Delete indexes ==
+<code bash>
+curl -XDELETE 'http://localhost:9200/*.reindex'
+</code>
+== Disk usage issue ==
+When free disk space fall cluster fails.
+<code bash>
+curl -H 'Content-Type: application/json' -X PUT -d '{
+  "transient": {
+    "cluster.routing.allocation.disk.watermark.low": "89%",
+    "cluster.routing.allocation.disk.watermark.high": "94%",
+   "cluster.info.update.interval": "1m"
+  }
+}' http://localhost:9200/_cluster/settings
+</code>
+==== Templates ====
+=== Filebeat Template apache2 module ===
+<code json>
+{
+   "template": "filebeat-*",
+   "version": 50001,
+   "settings": {
+      "index.refresh_interval": "5s",
+      "number_of_replicas": 0
+   },
+   "mappings": {
+      "_default_": {
+         "dynamic_templates": [
+            {
+               "message_field": {
+                  "path_match": "message",
+                  "match_mapping_type": "string",
+                  "mapping": {
+                     "type": "text",
+                     "norms": false
+                  }
+               }
+            },
+            {
+               "string_fields": {
+                  "match": "*",
+                  "match_mapping_type": "string",
+                  "mapping": {
+                     "type": "text",
+                     "norms": false,
+                     "fields": {
+                        "keyword": {
+                           "type": "keyword",
+                           "ignore_above": 256
+                        }
+                     }
+                  }
+               }
+            }
+         ],
+         "properties": {
+            "@timestamp": {
+               "type": "date"
+            },
+            "@version": {
+               "type": "keyword"
+            },
+            "beat.hostname": {
+               "type": "string",
+               "index": "not_analyzed",
+               "ignore_above": 1024
+            },
+            "geoip": {
+               "dynamic": true,
+               "properties": {
+                  "ip": {
+                     "type": "ip"
+                  },
+                  "location": {
+                     "type": "geo_point"
+                  },
+                  "latitude": {
+                     "type": "half_float"
+                  },
+                  "longitude": {
+                     "type": "half_float"
+                  }
+               }
+            }
+         }
+      }
+   }
+}
+</code>
+==== Errors ====
+== Error on content type header ==
+<code json>
+{"error":"Content-Type header [application/x-www-form-urlencoded] is not supported","status":406}
+</code>
+In order to fix issue specify header with your curl XPUT.
+[[https://www.elastic.co/blog/strict-content-type-checking-for-elasticsearch-rest-requests|Original Post]]
+<code bash | exmple>
+curl -XPUT 'localhost:9200/_settings' -H 'Content-Type: application/json' -d '
+{
+    "index" : {
+        "number_of_replicas" : 0
+    }
+}'
+</code>
+==== Rolling Upgrade ====
+:!: This should work on elastic.co but my steps are mainly taken from the Opendistro.
+=== Set the cluster in upgrade mode ===
+<code bash>
+curl -k -XPOST https://admin:<password>@<hostname>:9200/_ml/set_upgrade_mode?enabled=true
+</code>
+=== Disable sharding ===
+<code bash>
+curl -k -H 'Content-Type: application/json' -XPUT -d '{
+"persistent": {
+    "cluster.routing.allocation.enable": "primaries"
+  }
+}' https://admin:<password>@<hostname>:9200/_cluster/settings --CApath /etc/elasticsearch/root-ca-key.pem
+</code>
+=== Flush / Sync data on all host in cluster ===
+<code bash>
+curl -k -XPOST https://admin:<password>@<hostname>:9200/_flush/synced --CApath /etc/elasticsearch/root-ca-key.pem
+</code>
+=== Stop / Upgrade / start Services ===
+<code bash>
+systemctl stop kibana.service
+systemctl stop elasticsearch.service
+dnf install opendistroforelasticsearch-1.12.0 -y
+dnf install opendistroforelasticsearch-kibana-1.12.0 -y
+systemctl start elasticsearch.service
+systemctl start kibana.service
+</code>
+=== Enable Sharding ===
+<code bash>
+curl -k -H 'Content-Type: application/json' -XPUT -d '{
+"persistent": {
+    "cluster.routing.allocation.enable": "all"
+  }
+}' https://admin:<password>@<hostname>:9200/_cluster/settings --CApath /etc/elasticsearch/root-ca-key.pem
+</code>
+==== Node Information ====
+=== List all nodes and important information ===
+:!:[[https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-nodes.html | Document Ref.]]
+<code bash>
+curl -XGET -k https://admin:<password>@<hostname>:9200/_cat/nodes?v=true\&h=id,ip,port,v,m,hp,l,r,j,fdc,fdm
+</code>

Daily *Nix

User Tools

Site Tools

Differences

Page Tools