Hello community,
we are planning new architecture for our Elastic stack and we need some advices from you.
Currently we have multiple daily indexes which contains aplication logs, from ~20mb to 1gb each. It is around ~600gb data for 24 months across all our Elasticsearch clusters.
Our production environment contains two separated Elastic cluster due to PCI policy. We want connect both clusters with tribe elastic node.
Just a few things:
New elastic stack will be inside KVM virtual machines
We are prefer 3-node master and 2-node data solution
We are thinking about X-pack subscription
How many CPUs and RAM we need? What is your suggestions for our user case? What is your advice? Which types of elasticsearch nodes we need?
Thank you.