Your Guide for Patching Elastic Search!

What is Patching?

A patch is a set of updates to a server or its supporting data designed to update, fix and improve, including fixing security vulnerabilities and other bugs. They may be applied to program files on a storage device or in computer memory. Patches may be permanent or temporary. 
In a brief overview, you need to perform the following tasks for patch management: 
 1. Create a patch catalog.
 2. Analyze the target to determine the patches that need to deploy.
 3. Deploy the required patches to targets requiring remediation.
 4. Analyze the targets again to ensure each server has the correct patch.

Why Patching and its frequency?

Unpatched servers are pliant to cyber-attacks and vulnerabilities. Written patches improve the functionality, usability, or performance of a server or program. A patch aims to add new functionality and remove current bugs. Until recently, Google’s namesake Android app, with more than a billion installs to date, had a vulnerability that could have allowed an attacker to steal personal data from a victim’s device. Since the Google app relies on code that is not bundled with the app but relies on code libraries installed on Android phones. This bug, if not fixed, could have taken access to a User’s Google accounts’ search history, email, text messages, contacts, and call history as it was able to trigger the microphone and camera and access the user’s location. It could have been a similar but inadvertent Facebook data breach. On part of the performance, a patch can improve uptime, error rates, system-level performance metrics, and security-related metrics.

The frequency at which patching needs to be performed is subjective to requirements. New updates can be made available every day after constant testing through the various environments. If the patch is related to security vulnerabilities, then that needs immediate action. But if it’s just another update, it can wait for the right time to deploy after going through various testing environments. A golden thumb rule is to apply patches within 30 days of vendors making them available.

What is Elastic Search?
Elasticsearch is a search engine based on the Lucene library. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. We can use it to search for all kinds of documents. It provides scalable search, has near real-time search, and supports multitenancy. Elasticsearch is distributed, which means that indices can be divided into shards, and each shard can have zero or more replicas. Each node hosts one or more shards and acts as a coordinator to delegate operations to the correct shard. To do rebalancing and routing automatically. Related data is often stored in the same index, which consists of one or more primary shards and zero or more replica shards. Elasticsearch is developed alongside a data collection and log-parsing engine called Logstash, an analytics and visualization platform called Kibana, and Beats, a collection of lightweight data shippers. The four products are designed for use as an integrated solution, referred to as the “Elastic Stack” (formerly the “ELK stack”).

Steps to do Elasticsearch Cluster server patching : 

  1. When we install a distribution it includes a certain version of the Linux kernel. To show the current version installed on our system we can do:

2. Then we have to go to the repositories location and have to remove the extra repos from there:

3. Then we have run the yum update command by excluding the packages like (In this case we are patching a Elasticsearch cluster so have are excluding it):

4. Then we use the following command to see the number of kernels in our system:

5. To make the newly-installed version the default boot option, you will have to modify the GRUB configuration as follows:

Open and edit the file /etc/default/grub and set GRUB_DEFAULT=0. This means that the first kernel in the GRUB initial screen will be used as default:

Next, run the following command to recreate the kernel configuration:

6. Put cluster allocation off for rebooting a server by using the following command:

7. Then by using the following command we can check the status of the elastic search service:

8. Then we will reboot the machine. After the reboot, when the server comes up we have to check the elastic search status it should automatically up:

9. Then using the following command we have to do the cluster allocation on:

10. Then we have to monitor the cluster status. It should be green. Then by using the following command we can check the cluster status:

11. Finally by using the following command we can check the latest kernel version:

Conclusion-
Keeping your servers updated and patched is vital to the overall health of your business needs and service delivery. The right and regular patches in place improve the functionality and performance of your servers and related infrastructure. It would keep your service running steadily from any unforeseen trouble that you can avoid.

Blog Pundit: Kapendra Singh and Sanjeev Pandey

Opstree is an End to End DevOps solution provider

Connect Us

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s