I'm begineer in ELK stack and I have a cluster with 2 master nodes and 3 data nodes.
I have also a machine with logstash and kibana running.
The cluster thing it's not so clear and a I have few questions:
Master nodes are responsable for load index data through the data nodes?
Is it necessary to have a load balacing in front of data masters?
When I refer to the elasticsearch.url on kibana config, is it need to inform all the nodes?
For Logstash.conf should I inform all the cluster nodes on output?
output {
elasticsearch {
hosts => ["master01:9200","master02:9200","data-01:9200","data02:9200","data03:9200"]
}
}
We say "Elastic Stack" and not ELK anymore otherwise Beats feels alone.
Master nodes are responsable for load index data through the data nodes?
No. They are just responsible to manage the cluster state (information about nodes, indices) and take decision regarding cluster events like a node joins or leave, an index needs to be created.
Is it necessary to have a load balacing in front of data masters?
Not necessary.
When I refer to the elasticsearch.url on kibana config, is it need to inform all the nodes?
No. One of the nodes is enough. But if your node dies, then your Kibana instance won't be able to connect to the cluster until it comes back.
For Logstash.conf should I inform all the cluster nodes on output?
No. Same as for Kibana. But it means that all the load will go first to those nodes.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.