Adding a second node to a cluster

sc1 · January 2, 2019, 9:36am

Hello,

I am looking to add a second node to my single setup running Elasticsearch, Logstash and Kibana as log management solution. I currently have 2x hosts sending logs, and for performance, I wanted to add a second node as I plan on adding 9 more Windows servers to send logs. I have been reading up on some of the threads/documentation and from my understanding, it's a matter of installing just Elasticsearch on the second node, and then ensuring they have the same name.

One question I haven't been able to get an answer, however, is will the second node be utilized for storage as well? My current node has a 1TB disk and I expect that to fill quickly, but I am looking to not retain logs for long as it's a test environment. In the future, I would like to scale up to maybe 5 nodes with logs kept for 3 months and I was wondering if someone could explain if the storage is utilized with each node added.

What happens with Logstash? Is it aware of the other nodes? Do I need to add Logstash nodes?

I have looked at the topics already posted and have not been able to find an answer. I have also read the documentation, but it's not really in lay mans terms and for a newcomer to Elastic scene, I've found it difficult to navigate and get answers.

DavidTurner · January 2, 2019, 10:45am

Yes (as long as it is configured to be a data node, which it is by default).

I don't know enough about Logstash to answer for definite, but this sounds like it mainly depends on whether a single Logstash node can handle the load you wish to apply.

As a general rule one can send requests to any node in an Elasticsearch cluster, and Elasticsearch looks after re-routing a request to the appropriate node(s).

sc1 · January 2, 2019, 11:01am

Thanks for the quick response David, I wasn't aware that you can send logs to any node in the cluster. If that's the case, would I have to then install Logstash as well to the secondary nodes or will they all still utilize the main node Logstash ?

DavidTurner · January 2, 2019, 11:05am

The dependency is in the other direction: Logstash uses Elasticsearch, but from Elasticsearch's point of view Logstash is treated like any other client.

system · January 30, 2019, 11:05am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Clustering question (storage needs and performance) Elasticsearch	19	2477	January 11, 2018
Sending data from 2 logstash nodes to an elasticsearch cluster Elasticsearch	5	303	April 18, 2023
Suggestion on Elasticsearch scaling and performance for log management Elasticsearch	9	705	October 15, 2019
How to add a new node to existing cluster Elasticsearch	4	510	March 19, 2020
Adding new DATA Node on existing Cluster Elasticsearch	5	2892	February 7, 2020

Adding a second node to a cluster

Related Topics