Script to automatically reallocate unassigned shards in Elasticsearch
Installation and Administration
The ZoneFox System Status, which can be viewed in detail on the ADMINISTRATION - System Status page, will show when there is a problem with the underlying Elasticsearch database. For example when there is an unassigned shard:
Note that this can be a temporary status, while Elasticsearch performs housekeeping tasks and shards are moved between nodes. However, if the problem does not resolve itself any unassigned shards can be reallocated to a database node.
While this can be done manually using an Elasticsearch plugin, the attached script can be used to either reallocate a specific shard to a specific node, or the script can be run as a cron job to look for unassigned shards and automatically reassign them.
Note that this Python script should be placed on a Linux server alongside Elasticsearch. If you have multiple Elasticsearch nodes, this script only needs to be placed on one of them.
The script has been written for Python 2.7, so ensure that is installed on the server:
sudo apt-get install python
The Elasticsearch Python module is also required. This is also detailed at the top of the script:
# ELASTICSEARCH must be installed locally to work
# to install elasticsearch lib do (https://www.elastic.co/guide/en/elasticsearch/client/python-api/current/index.html)
# sudo apt-get install python-pip
# pip install elasticsearch
Usage:
# Find if any shards need allocating
# USAGE: python ESAllocateShards.py IPAddress/dns
# USAGE: python ESAllocateShards.py db.zonefox.example.com
# Provide Index,shard and node for reallocation
# USAGE: python ESAllocateShards.py IPAddress/dns Index ShardNumber NodeName
# USAGE: python ESAllocateShards.py db.demo.zonefox.com events.sys.2017.08.12 0 ZoneFox_Node_10.20.30.40
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.