Version: 7.x-46.0.0
Community

Migrating configuration files

If you upgrade from Search Guard 6 to Search Guard 7, you can automatically migrate your existing configuration files to the new syntax.

Offline migration

sgadmin can migrate existing files offline, for example after you run a configuration backup on an Elasticsearch 6.x cluster. After the files have been migrated, you can upload them to an Elasticsearch 7.x cluster.

./sgadmin.sh \
    --migrate-offline /path/to/configdirectory/  \
    -cacert /path/to/root-ca.pem \
    -cert /path/to/admin-certificate.pem \
    -key /path/to/admin-certificate-key.pem    

Example:

./sgadmin.sh \
    -mo ../sgconfig/  \
    -cacert ../../../root-ca.pem \
    -cert ../../../kirk.pem \
    -key ../../../kirk.key.pem    
Name Description
-mo/–migrate-offline Migrate configuration files in from version 6 to version 7.

Online migration

When upgrading from Search Guard 6 to Search Guard 7, you can use sgadmin to fully automate the migration process. Search Guard for Elasticsearch 7 is able to read both v6 and v7 configuration format, however, it is strongly recommended to migrate the configuration files after you upgraded your cluster. This command will:

  • Connect to your running Elasticsearch 7 cluster
  • Download the legacy v6 Search Guard configuration
  • Perform an offline migration
  • Upload the migrated v7 configuration
./sgadmin.sh \
    --migrate-offline /path/to/configdirectory/  \
    -cacert /path/to/root-ca.pem \
    -cert /path/to/admin-certificate.pem \
    -key /path/to/admin-certificate-key.pem    
Name Description
-migrate Perform configuration migration from version 6 to version 7.


Not what you were looking for? Try the search.