[DONE] Store configuration in index

sscarduzio · 2017-02-19 11:22:19 UTC

Configuration in index

I’ve been thinking that people operating a cluster might have some issues guaranteeing the ES config file must be copied over to all the nodes + restart every time they add a user or change some ROR conf.

Example

Have an ES cluster using ROR
Need to change a password / add a user / modify anything

Now:

Got to edit the elasticsearch.yml
Got to scp it over to all nodes
Got to restart every node (downtime and shit)

How about:

Download the current conf (a YML file coming down from a new endpoint in ES)
Send a POST containing the modified YML conf
DONE.

NB: Configuration GET/POST can be authenticated
Plus in the future this can easily be a web tool.

Let’s do this?

1
2
3
4
5

0 voters

Show results

undefine · 2017-02-19 13:06:10 UTC

I’m do that by chef and automatic configuration of all nodes. Much more useful would be using external source of users - ldap/AD etc

sscarduzio · 2017-02-20 11:08:55 UTC

Makes sense. Thanks @undefine

danielmotaleite · 2017-02-20 17:11:47 UTC

I do it with salt, but the restart part is a pain, as i have to restart one node at time and wait for the system to sync the replicas, so i can reboot the next one. This way i do not have any downtime, but is slow (and annoying when i forgot some permission and have to restart the cluster again!)
The config as a index would be perfect!

sscarduzio · 2017-02-21 10:31:16 UTC

@danielmotaleite I know you’re a good tinkerer and would have appreciated this one. The goal with this is:

Lower the tweak & test loop
Avoid downtime
Avoid mismatching configuration files across nodes
Remove unencrypted creds and configuration info leaks
Nicer UX.

The common understanding though is that this is more of a good to have, than a fundamental feature. Maybe a good candidate for a ReadonlyREST “PRO” version in the future.

ld57 · 2017-02-22 14:21:35 UTC

Also, chef master server cannot be installed on windows environnment.

here an opportunity to create an “OS” independant solution ?

also, I just read ( because I am fighting with logstash like a fool) that it is possible to reload logstash config without restarting everything.
https://www.elastic.co/guide/en/logstash/current/reloading-config.html

also for elasticsearch
https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html

danielmotaleite · 2017-02-28 19:52:07 UTC

@ld57 Logstash can be reloaded, but elasticsearch, AFAIK, do not.

ld57 · 2017-03-01 22:03:02 UTC

yeah, I had in mind they would extend the capabilities of cluster api module, especially the dynamic module; but still very limited, and concern only node by node…

Shimon · 2017-03-27 10:40:19 UTC

I thought maybe the configuration could be loaded from the index during the first request, and to add a listener to the RestHandler so that every time a configuration is added to the index it would send a modified cluster state so rest of the nodes will know to update the configuration