Cluster Upgrade 8.0 > 8.2: KVStore Migration to Wi...

anirbandasdeb · ‎07-27-2021

We are planning upgrade our clustered deployment from 8.0.5 to 8.2.1

In case we plan to migrate the KVStore engine to WiredTiger, do we have to mandatorily go through the v8.1 step as mentioned in https://docs.splunk.com/Documentation/Splunk/8.2.1/Admin/MigrateKVstore ?

Per my understanding, the steps for this method stands like this

Upgrade cluster from 8.0.5 to 8.1.5
Migrate the KV store after an upgrade to Splunk Enterprise 8.1 in a clustered deployment
Upgrade cluster from 8.1.5 to 8.2.1

In case we decide not to use WiredTiger for now and complete the upgrade to 8.2.1, can we migrate the KV Store to WiredTiger at a later point of time?
To elaborate, will the following work:

Upgrade cluster from 8.0.5 to 8.2.1
At a leter time, if WiredTiger is needed, migrate the KV Store as instructed in Migrate the KV store after an upgrade to Splunk Enterprise 8.1 in a clustered deployment

We do not use KV Store at all now, apart from whatever internal functions that Splunk Enterprise uses it for (no ITSI or ES as well), but want to plan ahead in case we use it in the future.

Thanks in advance!

AMB · ‎12-23-2021

I didn't have any issues following the process for a clustered deployment here. I upgraded kvstore engine from mmap to WiredTiger on two clusters. We are running 8.2.3 at the time of this posting. I would recommend taking a backup of your kvstore then run through the migration process if that hasn't been performed yet.

Cluster Upgrade 8.0 > 8.2: KVStore Migration to WiredTiger

indexer clustering

Linux

search head clustering

unix

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases