Elasticsearch breaking changes

Details
In 7.9, Elasticsearch added built-in index templates for the metrics-*-* and logs-*-* index patterns, each with a priority of 100. Elastic Agent uses these templates to create data streams.

Impact
If you use Elastic Agent, assign your index templates a priority lower than 100 to avoid overriding the built-in templates.

Otherwise, to avoid accidentally applying the built-in templates, use a non-overlapping index pattern or assign templates with an overlapping pattern a priority higher than 100.

For example, if you don’t use Elastic Agent and want to use a template for the logs-* index pattern, assign your template a priority of 200. This ensures your template is applied instead of the built-in template for logs-*-*.

To disable all built-in index and component templates, set stack.templates.enabled to false in elasticsearch.yml before start up. If the templates already exist, this setting ensures Elasticsearch does not recreate the built-in templates after deletion.

Details
Configuring any SSL settings for xpack.security.transport.ssl without also configuring xpack.security.transport.ssl.enabled generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
To avoid deprecation warnings, either:

If you want to enable SSL, follow the instructions to encrypt communications between nodes. As part of this configuration, explicitly set xpack.security.transport.ssl.enabled as true.

For example:

xpack.security.transport.ssl.enabled: true 
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

Details
Configuring any SSL settings for xpack.security.http.ssl without also configuring xpack.security.http.ssl.enabled generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
To avoid deprecation warnings, either:

If you want to enable SSL, follow the instructions to encrypt HTTP client communications for Elasticsearch. As part of this configuration, explicitly set xpack.security.http.ssl.enabled as true.

For example:

xpack.security.http.ssl.enabled: true 
xpack.security.http.ssl.certificate: elasticsearch.crt
xpack.security.http.ssl.key: elasticsearch.key
xpack.security.http.ssl.certificate_authorities: [ "corporate-ca.crt" ]

Details
Enabling SSL for the transport interface without also configuring a certificate and key through use of the xpack.security.transport.ssl.keystore.path setting or the xpack.security.transport.ssl.certificate and xpack.security.transport.ssl.key settings generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
If xpack.security.transport.ssl.enabled is set to true, provide a certificate and key using the xpack.security.transport.ssl.keystore.path setting or the xpack.security.transport.ssl.certificate and xpack.security.transport.ssl.key settings. If a certificate and key is not provided, Elasticsearch will generate warnings in the deprecation log.

Details
Enabling SSL for the HTTP layer without also configuring a certificate and key through use of the xpack.security.http.ssl.keystore.path setting or the xpack.security.http.ssl.certificate and xpack.security.http.ssl.key settings generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
If xpack.security.http.ssl.enabled is set to true, provide a certificate and key using the xpack.security.http.ssl.keystore.path setting or the xpack.security.http.ssl.certificate and xpack.security.http.ssl.key settings. If a certificate and key is not provided, Elasticsearch will generate warnings in the deprecation log.

Details
The script.cache.max_size setting is deprecated. In Elasticsearch 8.0.0, this is set per-context.

Impact
To avoid deprecation warnings, discontinue use of the script.cache.max_size setting. You may use script.context.$CONTEXT.cache_max_size for the particular context. For example, for the ingest context, use script.context.ingest.cache_max_size.

Details
The script.cache.expire setting is deprecated. In Elasticsearch 8.0.0, this is set per-context.

Impact
To avoid deprecation warnings, discontinue use of the script.cache.expire setting. You may use script.context.$CONTEXT.cache_expire for the particular context. For example, for the update context, use script.context.update.cache_expire.

Details
The script.max_compilations_rate setting is deprecated. In Elasticsearch 8.0.0, this is set per-context.

Impact
To avoid deprecation warnings, discontinue use of the script.max_compilations_rate setting. You may use script.context.$CONTEXT.max_compilations_rate for the particular context. For example, for the processor_conditional context, use script.context.processor_conditional.max_compilations_rate.

Details
In Elasticsearch 8.0.0, the following privileges will no longer allow users to explicitly update the mapping of an index:

Additionally, in Elasticsearch 8.0.0, the following privileges will no longer allow users to dynamically update the mapping of an index during indexing or ingest:

These privileges will continue to allow mapping actions on indices (but not on data streams) until Elasticsearch 8.0.0. However, deprecation warnings will be returned.

Impact
To allow users to explicitly update the mapping of an index, grant the manage privilege.

To dynamically update the mapping of an index during indexing or ingest, grant the auto_configure privilege and use index templates. This lets you dynamically update the index mapping based on the template’s mapping configuration.

Details
Automatically importing dangling indices into the cluster is unsafe and is now disabled by default. This feature will be removed entirely in Elasticsearch 8.0.0.

Impact
Use the dangling indices API to list, delete or import any dangling indices manually.

Alternatively you can enable automatic imports of dangling indices, recovering the unsafe behaviour of earlier versions, by setting gateway.auto_import_dangling_indices to true. This setting is deprecated and will be removed in Elasticsearch 8.0.0. We do not recommend using this setting.

Details
The following node role settings are now deprecated:

Use the node.roles setting instead.

Impact
To avoid deprecation warnings, discontinue use of the deprecated settings.