I want to use unicast discovery in one of my logstash deployments as mentioned here in the best practices. I have gone through this link.
My ES Cluster looks like below:-
- 3 Master-Data Nodes -
es-masterdata1,es-masterdata2,es-masterdata3. - 1 Dedicated Client Node for now -
es-client1
I have added unicast host names in elasticsearch.yaml (as below) in all 3 Master data nodes:-
discovery.zen.ping.unicast.hosts: ["es-masterdata1:9300", "es-masterdata2:9300", "es-masterdata3:9300"]
I am having the following doubts:-
Doubt 1
Do I have to include es-client1 in the list of unicast hosts?
discovery.zen.ping.unicast.hosts: ["es-masterdata1:9300", "es-masterdata2:9300", "es-masterdata3:9300", "es-client1:9300"]
Doubt 2
Do I have to include discovery.zen.ping.unicast.hosts in the elasticsearch.yaml of the es-client1 as well?
Doubt3
How the logstash config should look like? Do I have to include es-client1 as the host name or I have to give the IP of one of the master / data nodes? Which is the best practice? Is the below logstash output config fine?
output {
elasticsearch {
cluster => "elasticsearch"
host => "es-client1"
port => "9300"
protocol => "transport"
}
}
As per my understanding after reading the docs the answer to Doubt 1 & Doubt 2 is No. I wanted to confirm that.
But I could find any proper guideline regarding my 3rd doubt.