Skip to main content
โšก Calmops
๐Ÿค– AI ๐Ÿ—๏ธ Architecture ๐ŸŒ Web ๐Ÿ—ƒ๏ธ Database โš™๏ธ DevOps ๐ŸŒ Network ๐Ÿ’ป Programming ๐Ÿงฎ Algorithms ๐Ÿ“ Software Eng. โ˜๏ธ Cloud ๐Ÿ”’ Security ๐Ÿ“ˆ Finance More โ†’

OpenSearch Operations: Backup, Scaling, and Cluster Management

Created: March 5, 2026 CalmOps 2 min read

Introduction

Running OpenSearch in production requires careful cluster management, backup strategies, and performance tuning. This guide covers essential operations for maintaining healthy OpenSearch clusters.

Index Management

Index Lifecycle

# Create index with settings
PUT /logs
{
  "settings": {
    "number_of_shards": 5,
    "number_of_replicas": 1,
    "refresh_interval": "1s"
  }
}

# Update index settings
PUT /logs/_settings
{
  "number_of_replicas": 2
}

# Rollover index
POST /logs/_rollover
{
  "conditions": {
    "max_age": "7d",
    "max_size": "50gb"
  }
}

Index Templates

PUT /_index_template/logs-template
{
  "index_patterns": ["logs-*"],
  "template": {
    "settings": {
      "number_of_shards": 3
    },
    "mappings": {
      "properties": {
        "timestamp": { "type": "date" },
        "level": { "type": "keyword" },
        "message": { "type": "text" }
      }
    }
  }
}

Backup and Restore

Snapshot Repository

# Register S3 repository
PUT /_snapshot/my-s3-repo
{
  "type": "s3",
  "settings": {
    "bucket": "my-backup-bucket",
    "region": "us-east-1"
  }
}

# Create snapshot
PUT /_snapshot/my-s3-repo/snapshot-1
{
  "indices": "logs-2026.*",
  "include_global_state": false
}

# Restore snapshot
POST /_snapshot/my-s3-repo/snapshot-1/_restore
{
  "indices": "logs-2026.01",
  "rename_pattern": "logs-2026.01",
  "rename_replacement": "restored-logs"
}

Index Backup

# Reindex to backup
POST /_reindex
{
  "source": { "index": "logs" },
  "dest": { "index": "logs-backup" }
}

Cluster Scaling

Adding Nodes

# opensearch.yml on new node
cluster.name: my-cluster
node.name: node-4
network.host: 0.0.0.0
discovery.seed_hosts: ["10.0.0.1", "10.0.0.2"]

Shard Allocation

# Move shards
POST /_cluster/reroute
{
  "commands": [
    {
      "move": {
        "index": "logs",
        "shard": 0,
        "from_node": "node-1",
        "to_node": "node-2"
      }
    }
  ]
}

# Exclude node from allocation
PUT /_cluster/settings
{
  "transient": {
    "cluster.routing.allocation.exclude._name": "node-1"
  }
}

Performance Tuning

JVM Settings

# jvm.options
-Xms4g
-Xmx4g
-XX:+UseG1GC
-XX:MaxGCPauseMillis=200

Thread Pools

PUT /_cluster/settings
{
  "persistent": {
    "thread_pool.write.queue_size": 1000,
    "thread_pool.search.queue_size": 1000
  }
}

Monitoring

Cluster Health

GET /_cluster/health

GET /_cluster/health/my-index

GET /_cat/shards?v

Node Stats

GET /_nodes/stats

GET /_cat/nodes?v

GET /_cat/indices?v

Security

User Management

# Create user
curl -X PUT "https://localhost:9200/_opendistro/_security/api/internalusers/admin" \
  -H 'Content-Type: application/json' \
  -d '{"password": "admin", "roles": ["admin"]}'

Role-Based Access

PUT /_opendistro/_security/api/roles/custom-role
{
  "cluster_permissions": ["cluster_composite_ops"],
  "index_permissions": [{
    "index_patterns": ["logs-*"],
    "allowed_actions": ["read", "write"]
  }]
}

Conclusion

OpenSearch operations require careful attention to backups, scaling, and monitoring. With proper cluster management practices, your OpenSearch deployment can scale reliably.

Comments