ELK stack on a standalone machine?

karankamat_21 · September 16, 2024, 6:44am

Hello,
Is it a good practice to run ELK stack on a standalone machine?

My concerns:

The search dataset I'm trying to load is huge
Minimum requirement to run Elastic Search, Logstash, Kibana, Elastic Agent

Suggestions are always welcomed!

Wolfram_Haussig · September 17, 2024, 4:55am

Hi,

While it is possible to run the Elastic Stack on a standalone machine (depending on the amount of data of course), it is definitely not a good practice. We only do this on our test system reduce the costs but even then it can be a problem. Some of the issues you will see:

Only one instance can be installed over the package manager, the other 2 need to be installed and updated manually if you follow the recommendations of a 3 node setup
if you use a single node cluser, you loose the resiliency granted by replica shards
Failover not possible
contention for resources from the different services (CPU, Memory, Disk IO, ...)
...

The size of the dataset itself is not the issue - once loaded it just takes space on the disk. The question is: How much Ingest and Search traffic does the server need to serve? How important is availability to you?

In the end, you need to test it yourself, if a single, standalone machine is sufficient for you. If you still want to do this, checkout the recommendations for small clusters

Best regards
Wolfram