Elastic
Loading

Upgrade

⚠️ This page is a work in progress. ⚠️

Upgrading to the latest version provides you access to Elastic latest features, enhancements, performance improvements, and bug fixes, many of which enable you to save your organization money, respond faster to potential threats, and improve the tools you use to investigate and analyze your data. As new versions are released, older versions reach their end of life at a regular cadence, so it’s important to ensure that your deployment is fully maintained and supported. For more information, refer to Elastic’s Product End of Life Dates.

Note

Upgrading from a release candidate build, such as 9.0.0-rc1 or 9.0.0-rc2, is not supported. Pre-releases should only be used for testing in a temporary environment.

There are a number of things you need to plan for before performing the actual upgrade, so create a test plan. Consider the following recommendations:

  • Plan for an appropriate amount of time to complete the upgrade. Depending on your configuration and the size of your cluster, the process can take up to a few weeks or more to complete.
  • Consider opening a support case with Elastic to alert our Elastic Support team of your system change. If you need additional assistance, Elastic Consulting Services provides the technical expertise and step-by-step approach for upgrading your Elastic deployment.
  • Schedule a system maintenance window within your organization.

Check system requirements

Ensure the version you’re upgrading to for Elasticsearch, Kibana, and any ingest components supports your current operating system. Refer to the Product and Operating System support matrix.

OpenJDK compatibility and FIPS compliance

By default, Elasticsearch is built using Java and includes a bundled version of OpenJDK within each distribution. While we strongly recommend using the bundled Java Virtual Machine (JVM) in all installations of Elasticsearch, if you choose to use your own JVM, ensure it’s compatible by reviewing the Product and JVM support matrix. Elasticsearch 9.0 requires Java 21 and supports Java 24.

If you’re running Elasticsearch in FIPS 140-2 mode, Elasticsearch 9.0 has been tested with Bouncy Castle's FIPS implementation and is the recommended Java security provider when running Elasticsearch.

Conduct a component inventory

It is very important to map all the components that are being used on the Elastic Stack. When you upgrade your deployment, you also may need to upgrade all the other components. You should record if each component is used, and if it is, also record the current version. While not comprehensive, here’s a list of components you should check:

  • Elasticsearch
  • Elasticsearch Hadoop
  • Elasticsearch plugins
  • Elasticsearch clients
  • Kibana
  • Logstash
  • Logstash plugins
  • Beats
  • Beats modules
  • APM agent
  • APM server
  • Elastic Agent
  • Fleet
  • Security
  • Browsers
  • External services (Kafka, etc.)
Tip

When you do your inventory, you can enable audit logging to evaluate resources accessing your deployment.

Test your development environment

We highly recommend testing and upgrading in your development environment before your production environment. Therefore, it is crucial to ensure that both your development and production environments have the same settings. Consider checking the following components beforehand:

  • Enrichment information
  • Plugins
  • Mapping
  • Index lifecycle management (ILM)
  • Snapshot lifecycle management (SLM)
  • Index templates
  • Machine learning jobs
  • Inbound sample data
  • Live data
  • Performance
  • Outbound integrations
  • Dashboards
  • Alerts
  • Authentication

The procedures you follow to upgrade depend on your infrastructure and deployment method. You’ve installed Elastic components using either Elastic-managed infrastructure or self-managed infrastructure.

Elastic-managed infrastructure includes Elastic Cloud – the umbrella term for Elastic Cloud Hosted (ECH) and Elastic Cloud Serverless. Elastic Cloud Serverless (“Serverless”) is a fully managed cloud offering with three products: Elasticsearch Serverless, Elastic Observability Serverless, and Elastic Security Serverless. All serverless products are built on top of the Search AI Lake. Customers on serverless receive the latest features automatically when updates are published and do not need to choose an upgrade path.

Elastic Cloud Hosted is Elastic’s cloud offering for managing Elastic Stack deployments, built on top of Elasticsearch. A single click in the Elastic Cloud console can upgrade a deployment to a newer version.

Self-managed infrastructure – either on-prem or on public cloud, includes:

  • Elastic Stack
  • Elastic Cloud Enterprise (ECE)
  • Elastic Cloud on Kubernetes (ECK)

For ECE and ECK, you must ensure the operator is running a compatible version with the Elastic Stack version you’re upgrading to. If not, you need to upgrade that before you can upgrade your cluster.

If you’re running the Elastic Stack on your own self-managed infrastructure, you must upgrade each component individually.