Opensearch Upgrade to 2.7.0

[stoeps13]

Description

The description about the Opensearch update and backup is somehow misleading.

https://github.com/HCL-TECH-SOFTWARE/connections-doc/blob/946c61621beffdc9cf9e12cba70d58baaddffb90/v8-cr4/admin/install/upgrade_opensearch.md

"These files can include opensearch.yml, plugin configuration files, and TLS certificates, for example. Once you identify which files you want to back up, copy them to remote storage for safety."

The opensearch.yml is mounted from the Kubernetes config-map and the certs from K8s secrets. So even when you backup these, you have to update secret and configmap. (So better backup K8s).

As certs are only updated with bootstrap and setting the special flag and the only thing which happens when the certs are renewed, is that you have to redeploy the cert stores within WebSphere, this is not important at all.

Maybe as a side note because snapshots are mentioned here. Opensearch 2.1+ supports automatic schedulers for Snapshot creation (like some customers used in ES 7), but the plugin is not installed.
https://opensearch.org/docs/latest/tuning-your-cluster/availability-and-recovery/snapshots/snapshot-management/

As backup / restore with file system backups is not guaranteed with OpenSearch / Elasticsearch, this plugin could help all customers to keep the data.

As we are talking about opensearch.yml, please remove the option

audit.type: internal_opensearch 

from opensearch.yml because this creates daily indices for securityaudits:

Or add an option to remove these auditlogs on a weekly basis.

Thanks
Christoph