Migrating to 7.10

edit

This section discusses the changes that you need to be aware of when migrating your application to Elasticsearch 7.10.

See also What’s new in 7.10 and Release notes.

Breaking changes

edit

The following changes in Elasticsearch 7.10 might affect your applications and prevent them from operating normally. Before upgrading to 7.10, review these changes and take the described steps to mitigate the impact.

Breaking changes introduced in minor versions are normally limited to security and bug fixes. Significant changes in behavior are deprecated in a minor release and the old behavior is supported until the next major release. To find out if you are using any deprecated functionality, enable deprecation logging.

Authentication changes

edit
API keys now require a name property.

Details
The name property is now required to create or grant an API key.

{
    "...": "...",
    "api_key": {
      "name": "key-1"
    }
}

Impact
To avoid errors, specify the name property when creating or granting API keys.

Java changes

edit
The MappedFieldType#fielddataBuilder method now accepts a Supplier<SearchLookup> argument.

Details
To support future feature development, the existing MappedFieldType#fielddataBuilder method now accepts a new Supplier<SearchLookup> argument.

Impact
If you develop or maintain a mapper plugin, update your implementation of the MappedFieldType#fielddataBuilder method to accommodate the new signature.

Networking changes

edit
The *.tcp.keep_idle and *.tcp.keep_interval settings are now limited to 300 seconds.

Details
The {network,transport,http}.tcp.keep_idle and {network,transport,http}.tcp.keep_interval settings now have a maximum value of 300 seconds, equivalent to 5 minutes.

Impact
If specified, ensure the {network,transport,http}.tcp.keep_idle and {network,transport,http}.tcp.keep_interval settings do not exceed 300 seconds. Setting {network,transport,http}.tcp.keep_idle or {network,transport,http}.tcp.keep_interval to a value greater than 300 seconds in elasticsearch.yml will result in an error on startup.

Search changes

edit
The index.max_docvalue_fields_search setting now limits doc value fields returned by inner_hits or the top_hits aggregation.

Details
The index.max_docvalue_fields_search setting limits the number of doc value fields retrieved by a search. Previously, this setting applied only to doc value fields returned by the docvalue_fields parameter in a top-level search. The setting now also applies to doc value fields returned by an inner_hits section or top_hits aggregation.

Impact
If you use inner_hits or the top_hits aggregation, ensure index.max_docvalue_fields_search is configured correctly for your use case.

Deprecations

edit

The following functionality has been deprecated in Elasticsearch 7.10 and will be removed in 8.0 While this won’t have an immediate impact on your applications, we strongly encourage you take the described steps to update your code after upgrading to 7.10.

Significant changes in behavior are deprecated in a minor release and the old behavior is supported until the next major release. To find out if you are using any deprecated functionality, enable deprecation logging.

Security changes

edit
The xpack.security.transport.ssl.enabled setting will be required to configure xpack.security.transport.ssl settings.

Details
Configuring any SSL settings for xpack.security.transport.ssl without also configuring xpack.security.transport.ssl.enabled generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
To avoid deprecation warnings, either:

  • Explicitly set xpack.security.transport.ssl.enabled as false
  • Discontinue use of other xpack.security.transport.ssl settings

If you want to enable SSL, follow the instructions to encrypt communications between nodes. As part of this configuration, explicitly set xpack.security.transport.ssl.enabled as true.

For example:

xpack.security.transport.ssl.enabled: true 
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

or false.

The xpack.security.http.ssl.enabled setting will be required to configure xpack.security.http.ssl settings.

Details
Configuring any SSL settings for xpack.security.http.ssl without also configuring xpack.security.http.ssl.enabled generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
To avoid deprecation warnings, either:

  • Explicitly set xpack.security.http.ssl.enabled as false
  • Discontinue use of other xpack.security.http.ssl settings

If you want to enable SSL, follow the instructions to encrypt HTTP client communications for Elasticsearch. As part of this configuration, explicitly set xpack.security.http.ssl.enabled as true.

For example:

xpack.security.http.ssl.enabled: true 
xpack.security.http.ssl.certificate: elasticsearch.crt
xpack.security.http.ssl.key: elasticsearch.key
xpack.security.http.ssl.certificate_authorities: [ "corporate-ca.crt" ]

or false.

A xpack.security.transport.ssl certificate and key will be required to enable SSL for the transport interface.

Details
Enabling SSL for the transport interface without also configuring a certificate and key through use of the xpack.security.transport.ssl.keystore.path setting or the xpack.security.transport.ssl.certificate and xpack.security.transport.ssl.key settings generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
If xpack.security.transport.ssl.enabled is set to true, provide a certificate and key using the xpack.security.transport.ssl.keystore.path setting or the xpack.security.transport.ssl.certificate and xpack.security.transport.ssl.key settings. If a certificate and key is not provided, Elasticsearch will generate warnings in the deprecation log.

A xpack.security.http.ssl certificate and key will be required to enable SSL for the HTTP layer.

Details
Enabling SSL for the HTTP layer without also configuring a certificate and key through use of the xpack.security.http.ssl.keystore.path setting or the xpack.security.http.ssl.certificate and xpack.security.http.ssl.key settings generates warnings in the deprecation log. In 8.0, this configuration will result in errors.

Impact
If xpack.security.http.ssl.enabled is set to true, provide a certificate and key using the xpack.security.http.ssl.keystore.path setting or the xpack.security.http.ssl.certificate and xpack.security.http.ssl.key settings. If a certificate and key is not provided, Elasticsearch will generate warnings in the deprecation log.

Cluster deprecations

edit
The cluster.join.timeout setting is deprecated.

Details
The cluster.join.timeout node setting is deprecated and will be removed in 8.0. In 7.x clusters, join attempts no longer time out.

Impact
To avoid deprecation warnings, discontinue use of the setting.

Indices deprecations

edit
REST API access to system indices is deprecated.

Details
We are deprecating REST API access to system indices. Most REST API requests that attempt to access system indices will return the following deprecation warning:

this request accesses system indices: [.system_index_name], but in a future
major version, direct access to system indices will be prevented by default

The following REST API endpoints access system indices as part of their implementation and will not return the deprecation warning:

  • GET _cluster/health
  • GET {index}/_recovery
  • GET _cluster/allocation/explain
  • GET _cluster/state
  • POST _cluster/reroute
  • GET {index}/_stats
  • GET {index}/_segments
  • GET {index}/_shard_stores
  • GET _cat/[indices,aliases,health,recovery,shards,segments]

Impact
To avoid deprecation warnings, do not use unsupported REST APIs to access system indices.

Machine learning deprecations

edit
The allow_no_jobs and allow_no_datafeeds API parameters are deprecated.

Details
The allow_no_jobs and allow_no_datafeeds parameters in machine learning APIs are deprecated in favor of allow_no_match. The old parameters are still accepted by the APIs but a deprecation warning is emitted when the old parameter name is used in the request body or as a request parameter. High-level REST client classes now send the new allow_no_match parameter.

Impact
To avoid deprecation warnings, use the allow_no_match parameter.

Mapping deprecations

edit
The boost parameter on field mappings has been deprecated.

Details
Index-time boosts have been deprecated since the 5.x line, but it is still possible to declare field-specific boosts in the mappings. This is now deprecated as well, and will be removed entirely in 8.0.0. Mappings containing field boosts will continue to work in 7.x but will emit a deprecation warning.

Impact
The boost setting should be removed from templates and mappings. Use boosts directly on queries instead.

Snapshot and restore deprecations

edit
The repository stats API has been deprecated.

Details
The repository stats API was introduced as an experimental API in 7.8.0. The repositories metering APIs now replace the repository stats API. The repository stats API has been deprecated and will be removed in 8.0.0.

Impact
Use the repositories metering APIs. Discontinue use of the repository stats API.