Hi there, i'm new to ELK and also read lot of documentations from elastic.co
I've tested many combinations to form a cluster and wondering can't find the best way to form it:
1-Creating the 1st Node (that is also a cluster) and adding the extra nodes with the 1st node' token?
2-Configuringe all the nodes and joining them together with *.yml file correctly filled ?
I notices that when the elasticsearch.service is started the 1st time it is a considered as a single node cluster so i'm a bit confused. Can somenone help me to sart a fresh ELK lab with 4 nodes ? like:
Node1: master only
Node2: master eligible /data / ingest / transform / remote client
Node3: master eligible / data / ingest / transform / remote client
Node4: master voting only / machine learnig / kibana
Any suggestion woud be appreciated. Thanks.
Fred.
Which version of the Elastic Stack are you using? 8.x builds clusters very well using the enrollment token process (that is, start the first node and then enroll the other nodes before starting them).
Thanks Bob, i'm using 8.4 version of ELK.
What do i need to configure in elasticsearch.yml for each node before enrolling them to the cluster ?
Thanks for your time.
Fred.
There's not a lot that must be done in 8.x. I've had good luck with the following sequence (developed on 8.1 - I haven't run them on later . revs):
- Install ES 8.x on the first node
- If needed set firewall exceptions for 9200 and 9300
- Configure elasticsearch.yml with the desired cluster name and node name. I've usually configured network.host and localhost to the node's IP address.
- Start Elasticsearch on the first node and check status
- Install ES 8.x on the second node
- If needed set firewall exceptions
- Generate the enrollment token on the first node
- Copy the enrollment token from the first node to the second and use it in the elasticsearch-reconfigure-node command
- Start Elasticsearch on the second node and check status
- Configure elasticsearch.yml with the desired cluster name and node name. I've usually configured network.host to the node's IP address. Verify localhost matches the first node's IP.
- Restart Elasticsearch on the second node and check status
- Check cluster health and confirm the nodes have formed a cluster
- Repeat the second node installation steps (# 5 to 12) on any other nodes
Ths for your help Bob, everything works now.
I'm just wondering how does .yml files affect the cluster if i modify node.roles after joining the cluster.
By the way, how can i check the cluster health ? In the log ?
Realy appreciate your help and time 
Regards
Fred.
Good to hear that it's working!
For the Elasticsearch nodes I believe modifications to the .yml will only become effective when the node - the Elasticsearch service - is restarted. Depending on what you set in node.roles and what is configured in other parts of your implementation, such as lifecycle management based on data tiers, changes to node.roles may trigger activity such as shard reallocation.
You can check cluster health in several ways. One is to use curl from the command line to send a health request to the cluster API (Cluster health API | Elasticsearch Guide [8.4] | Elastic). Another is to use the same API through the Kibana Dev Tools console - although if you have Kibana running, the monitoring page should give you very good information on your implementation's status. You can also check the logs on each Elasticsearch node. You might want to grep for ERROR or WARN, depending on the logging level you've set (Logging | Elasticsearch Guide [8.4] | Elastic).
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.