Elasticsearch: ILM policy with empty "warm" phase still enforces read only indices

Created on 7 Sep 2018  路  7Comments  路  Source: elastic/elasticsearch

Consider the following policy:

PUT /_ilm/delete-only-policy
{
  "policy": {
    "phases": {
      "delete": {
        "after": "30d",
        "actions": {
          "delete": {}
        }
      }
    }
  }
}

Where the intent is to delete the index after 30 days. Because of the injected "read-only" step in the warm phase with an after time of 0 seconds, the index is immediately marked as read only. So this returns the following:

PUT /_cluster/settings
{
  "transient": {
    "indices.lifecycle.poll_interval": "10s"
  }
}

PUT /bar
{
  "settings": {
    "index.number_of_shards": 1,
    "index.number_of_replicas": 0,
    "index.lifecycle.name": "delete-only-policy"
  }
}

POST /bar/1
{
  "baz": "eggplant"
}

{
  "error" : {
    "root_cause" : [
      {
        "type" : "cluster_block_exception",
        "reason" : "blocked by: [FORBIDDEN/8/index write (api)];"
      }
    ],
    "type" : "cluster_block_exception",
    "reason" : "blocked by: [FORBIDDEN/8/index write (api)];"
  },
  "status" : 403
}
:CorFeatureILM+SLM >bug
Source
picture dakrone

All 7 comments

Pinging @elastic/es-core-infra

elasticmachine picture elasticmachine on 7 Sep 2018

In my opinion, marking an index read-only should be optionally opt-in and user configurable in the warm or cold phases, instead of hardcoded to occur at the start of the warm phase.

dakrone picture dakrone on 7 Sep 2018
👍1

Although this will prevent optimal behavior of some actions, I think having this be explicit is good. As this bug demonstrates, by implicitly executing this, a user can be comparatively hurt by not knowing it is there.

I believe this is also an issue for empty policies

talevy picture talevy on 7 Sep 2018

We discussed this and decided with the following solution:

Inject a read-only step as the first step in the warm phase iff the phase contains a force merge or a shrink action. Otherwise the read-only step will not be added.

dakrone picture dakrone on 7 Sep 2018

Boaz and I discussed this and we are leaning towards adding read only step to the force merge and shrink actions rather than having an infrastructure change that tries to add it a read only step as the first step in the warm phase IF the warm phase contains forcemerge or shrink.

We should discuss this further on Friday

colings86 picture colings86 on 11 Sep 2018
👍1

That change sounds good to me if you want to start moving forward with it.

jasontedor picture jasontedor on 11 Sep 2018

Fixed by #33907

gwbrown picture gwbrown on 25 Sep 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

abtpst picture abtpst  路  3Comments
ttaranov picture ttaranov  路  3Comments
brwe picture brwe  路  3Comments
rjernst picture rjernst  路  3Comments
jpountz picture jpountz  路  3Comments