Hello, I'm building a multi-node elastic stack cluster with the following nodes:
- 3 master-eligible nodes (with all default roles)
- 1 coordinating-only node with Kibana
- additional data/ingest-dedicated nodes as needed
All of these nodes will exist on the same network and subnet, and should be able to communicate with each other without any firewall or IP filtering issues. Log data is then being shipped to the master-eligible nodes by Filebeat sitting on a separate host.
As I'm a novice when it comes to networking, I need to ask for some help setting the "server.host", "elasticsearch.host", and "network.host" parameters on each of the nodes for a production-level set up.
On my master-eligibile nodes, I've configured elasticsearch.yml with:
network.host: 0.0.0.0
http.port: 9200
On my coordinating-only node with Kibana, I've also configured elasticsearch.yml with:
network.host: 0.0.0.0
http.port: 9200
...and configured kibana.yml with:
server.host: 0.0.0.0
server.port: 5601
elasticsearch.hosts: ["http://localhost:9200"]
Then, I am making the Kibana GUI accessible to remote users by assigning the node a floating IP address.
My primary question is: In a production-level setup, is it appropriate to set both the elasticsearch network.host and kibana server.host to 0.0.0.0? Or is it advisable not to do this?
If not, what is the recommended configuration for each setting? Should server.host be set to the node's local static IP instead? Likewise, what about the network.host setting, for both the master-eligible nodes and coordinating-only/Kibana node?
Any thoughts or advice on this setup would be greatly appreciated.
Thank you,
Dennis