Think of a situation where you've used an index template to implement an ILM policy. Your fw-00001 index is currently in the warm phase, and fw-00002 is the new write index.

Due to some changes in the data set, you can run into a situation where you need to update the documents in the fw-00001 index. Ever wonder how you're going to pull that off?

This is a question because the warm phase's main objective is to make an index read-only when it enters the phase. Additionally, you won't be able to alter this index in any way.

However, there is a method by which you can restore the index's writeability. Take into account that there are about 2 million documents in this index if you wish to add a field to. Utilizing an update by Query is the best method for doing it.

But first, create fw-00001 as a writable index by using the following API:

Alternatively, you can specify number of replicas = 0 for the index that needs updating. This will cut the update time in half, which is a big reduction.

PUT <index-name>/_settings
{
  "blocks.write": false, 
  "number_of_replicas": 0
}

Run the update by query API once the index setting has been modified to update the documents. If your objective is to add a field with a value, you can do so by using the API listed below.

POST <index-name>/_update_by_query
{
  "script": {
    "source": "ctx._source['customer_name'] = 'Apple'"
  }
}

You can use the Task API to monitor the updating process while you wait for the API to load.

GET _tasks?detailed=true&actions=*byquery