Elasticsearch breaking changesedit
This list summarizes the most important breaking changes in Elasticsearch 7.9.3. For the complete list, go to Elasticsearch breaking changes.
Indices changesedit
Elasticsearch includes built-in index templates for logs-*-* and metrics-*-*.
Details
In 7.9, Elasticsearch added built-in index templates for the metrics-*-* and
logs-*-* index patterns, each with a priority of 100.
Elastic Agent uses these templates to
create data streams.
Impact
If you use Elastic Agent, assign your index templates a priority
lower than 100 to avoid overriding the built-in templates.
Otherwise, to avoid accidentally applying the built-in templates, use a
non-overlapping index pattern or assign templates with an overlapping pattern a
priority higher than 100.
For example, if you don’t use Elastic Agent and want to use a template for the
logs-* index pattern, assign your template a priority of 200. This ensures
your template is applied instead of the built-in template for logs-*-*.
To disable all built-in index and component templates, set
stack.templates.enabled
to false in elasticsearch.yml
before start up. If the templates already exist, this setting ensures Elasticsearch does
not recreate the built-in templates after deletion.
Security changesedit
The xpack.security.transport.ssl.enabled setting will be required to configure xpack.security.transport.ssl settings.
Details
Configuring any SSL settings for
xpack.security.transport.ssl without also configuring
xpack.security.transport.ssl.enabled generates warnings in the deprecation
log. In 8.0, this configuration will result in errors.
Impact
To avoid deprecation warnings, either:
-
Explicitly set
xpack.security.transport.ssl.enabledasfalse -
Discontinue use of other
xpack.security.transport.sslsettings
If you want to enable SSL, follow the instructions to
encrypt communications between nodes. As part of this configuration, explicitly set
xpack.security.transport.ssl.enabled as true.
For example:
The xpack.security.http.ssl.enabled setting will be required to configure xpack.security.http.ssl settings.
Details
Configuring any SSL settings for xpack.security.http.ssl without also
configuring xpack.security.http.ssl.enabled generates warnings in the
deprecation log. In 8.0, this configuration will result in errors.
Impact
To avoid deprecation warnings, either:
-
Explicitly set
xpack.security.http.ssl.enabledasfalse -
Discontinue use of other
xpack.security.http.sslsettings
If you want to enable SSL, follow the instructions to
encrypt HTTP client communications for Elasticsearch. As part
of this configuration, explicitly set xpack.security.http.ssl.enabled
as true.
For example:
A xpack.security.transport.ssl certificate and key will be required to enable SSL for the transport interface.
Details
Enabling SSL for the transport interface without also configuring a certificate
and key through use of the xpack.security.transport.ssl.keystore.path
setting or the xpack.security.transport.ssl.certificate and
xpack.security.transport.ssl.key settings generates warnings in the
deprecation log. In 8.0, this configuration will result in errors.
Impact
If xpack.security.transport.ssl.enabled is set to true, provide a
certificate and key using the xpack.security.transport.ssl.keystore.path
setting or the xpack.security.transport.ssl.certificate and
xpack.security.transport.ssl.key settings. If a certificate and key is not
provided, Elasticsearch will generate warnings in the deprecation log.
A xpack.security.http.ssl certificate and key will be required to enable SSL for the HTTP layer.
Details
Enabling SSL for the HTTP layer without also configuring a certificate and key
through use of the xpack.security.http.ssl.keystore.path setting or
the xpack.security.http.ssl.certificate and xpack.security.http.ssl.key
settings generates warnings in the deprecation log. In 8.0, this configuration
will result in errors.
Impact
If xpack.security.http.ssl.enabled is set to true, provide a
certificate and key using the xpack.security.http.ssl.keystore.path
setting or the xpack.security.http.ssl.certificate and
xpack.security.http.ssl.key settings. If a certificate and key is not
provided, Elasticsearch will generate warnings in the deprecation log.
Script cache changesedit
The script.cache.max_size setting is deprecated.
Details
The script.cache.max_size setting is deprecated. In Elasticsearch 8.0.0, this is
set per-context.
Impact
To avoid deprecation warnings, discontinue use of the script.cache.max_size
setting. You may use script.context.$CONTEXT.cache_max_size for the particular context.
For example, for the ingest context, use script.context.ingest.cache_max_size.
The script.cache.expire setting is deprecated.
Details
The script.cache.expire setting is deprecated. In Elasticsearch 8.0.0, this is
set per-context.
Impact
To avoid deprecation warnings, discontinue use of the script.cache.expire
setting. You may use script.context.$CONTEXT.cache_expire for the particular context.
For example, for the update context, use script.context.update.cache_expire.
The script.max_compilations_rate setting is deprecated.
Details
The script.max_compilations_rate setting is deprecated. In Elasticsearch 8.0.0, this is
set per-context.
Impact
To avoid deprecation warnings, discontinue use of the script.max_compilations_rate
setting. You may use script.context.$CONTEXT.max_compilations_rate for the particular
context. For example, for the processor_conditional context, use
script.context.processor_conditional.max_compilations_rate.
Mapping actions have been deprecated for the create_doc, create, index and write privileges.
Details
In Elasticsearch 8.0.0, the following privileges will no longer allow users to
explicitly update the mapping of an index:
-
create_doc -
create -
index -
write
Additionally, in Elasticsearch 8.0.0, the following privileges will no longer allow users to dynamically update the mapping of an index during indexing or ingest:
-
create_doc -
create -
index
These privileges will continue to allow mapping actions on indices (but not on data streams) until Elasticsearch 8.0.0. However, deprecation warnings will be returned.
Impact
To allow users to explicitly update the mapping of an index,
grant the manage privilege.
To dynamically update the mapping of an index during indexing or
ingest, grant the auto_configure privilege and use index templates. This lets
you dynamically update the index mapping based on the template’s mapping configuration.
Settings changesedit
Automatically importing dangling indices is disabled by default.
Details
Automatically importing
dangling indices into the cluster
is unsafe and is now disabled by default. This feature will be removed entirely
in Elasticsearch 8.0.0.
Impact
Use the dangling indices API to list,
delete or import any dangling indices manually.
Alternatively you can enable automatic imports of dangling indices, recovering
the unsafe behaviour of earlier versions, by setting
gateway.auto_import_dangling_indices to true. This setting is deprecated
and will be removed in Elasticsearch 8.0.0. We do not recommend using this setting.
Several node role settings are deprecated.
Details
The following node role settings are now deprecated:
-
node.data -
node.ingest -
node.master -
node.ml -
node.remote_cluster_client -
node.transform -
node.voting_only
Use the node.roles setting instead.
Impact
To avoid deprecation warnings, discontinue use of the deprecated settings.