I Installed the ELK stacks as usual:
sudo apt-get install openjdk-8-jdk wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-5.x.list sudo apt-get update && sudo apt-get install elasticsearch
But then I had to add nodes. A lot of google gave a lot of more og less usefull hints, so here is what i did:
First, I changed the name of the cluster and node elkserver1 (the only node) in /etc/elasticseach/elasticseach.yml
And restarted elasticsearch, tailed log - everything was ok
vi /etc/elasticseach/elasticseach.yml service eleaticsearch restart tail -f /var/log/elasticsearch/mos-eisley.log
Notice the logfilename follows the clustername
Secondly, I changed the same on the next node (elkserver2) and added the IP on elkserver1 in the /etc/elasticseach/elasticseach.yml, changing:
discovery.zen.ping.unicast.hosts: ["host1","host1"]
to
discovery.zen.ping.unicast.hosts: ["77.243.52.135"]
Then started ES with:
service eleaticsearch restart tail -f /var/log/elasticsearch/mos-eisley.log
But the node never connected to the cluster.
After a short part of troubleshooting, ES only listens pr. default on 127.0.0.0:9200, so in /etc/elasticseach/elasticseach.yml do change
#network.host: 127.0.0.1
to
network.host: 0.0.0.0
After successfull join, I changed:
discovery.zen.ping.unicast.hosts: ["77.243.52.135"]
to
discovery.zen.ping.unicast.hosts: ["77.243.52.135","77.243.52.155"]
on both nodes.
For the 3rd node (elkserver3), the trickt was the same, and in the end, the /etc/elasticseach/elasticseach.yml had:
discovery.zen.ping.unicast.hosts: ["77.243.52.135","77.243.52.155","77.243.52.153"]
On all servers, giving me:
root@elkserver1:/usr/share/elasticsearch/bin# curl -XGET http://localhost:9200/_cluster/health?pretty=true { "cluster_name" : "mos-eisley", "status" : "green", "timed_out" : false, "number_of_nodes" : 3, "number_of_data_nodes" : 3, "active_primary_shards" : 146, "active_shards" : 292, "relocating_shards" : 0, "initializing_shards" : 0, "unassigned_shards" : 0, "delayed_unassigned_shards" : 0, "number_of_pending_tasks" : 0, "number_of_in_flight_fetch" : 0, "task_max_waiting_in_queue_millis" : 0, "active_shards_percent_as_number" : 100.0 } root@elkserver1:/usr/share/elasticsearch/bin#