I Installed the ELK stacks as usual:

sudo apt-get install openjdk-8-jdk
wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-5.x.list
sudo apt-get update && sudo apt-get install elasticsearch


But then I had to add nodes. A lot of google gave a lot of more og less usefull hints, so here is what i did:

First, I changed the name of the cluster and node elkserver1 (the only node) in /etc/elasticseach/elasticseach.yml

And restarted elasticsearch, tailed log - everything was ok

vi /etc/elasticseach/elasticseach.yml
service eleaticsearch restart
tail -f /var/log/elasticsearch/mos-eisley.log

Notice the logfilename follows the clustername (smile)


Secondly, I changed the same on the next node (elkserver2) and added the IP on elkserver1 in the /etc/elasticseach/elasticseach.yml, changing:

discovery.zen.ping.unicast.hosts: ["host1","host1"]


discovery.zen.ping.unicast.hosts: [""]

Then started ES with:

service eleaticsearch restart
tail -f /var/log/elasticsearch/mos-eisley.log

But the node never connected to the cluster.

After a short part of troubleshooting, ES only listens pr. default on, so in /etc/elasticseach/elasticseach.yml do change




After successfull join, I changed:

discovery.zen.ping.unicast.hosts: [""]


discovery.zen.ping.unicast.hosts: ["",""]

on both nodes.

For the 3rd node (elkserver3), the trickt was the same, and in the end, the /etc/elasticseach/elasticseach.yml had:

discovery.zen.ping.unicast.hosts: ["","",""]

On all servers, giving me:

root@elkserver1:/usr/share/elasticsearch/bin# curl -XGET http://localhost:9200/_cluster/health?pretty=true
  "cluster_name" : "mos-eisley",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 3,
  "number_of_data_nodes" : 3,
  "active_primary_shards" : 146,
  "active_shards" : 292,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0