Elasticsearch Cluster

This section explains the installation and configuration of Elasticsearch (ES) on Cluster (three nodes).

Notice

  • The number of ES nodes you use in a cluster should be odd. That is, the minimum number of nodes you can use in a cluster is 3.

  • To avoid split-brain, you need to specify an appropriate value for the discovery.seed_hosts parameter. To determine it, follow the rule N/2+1, where N is the number of nodes in the cluster. In a three-node cluster, the parameter should be set to 2 (3/2+1=2 - rounded down to the nearest integer).

Install and configure the Elasticsearch cluster

On Linux

  1. Download Elastic Search 8.6.2

  2. Unzip the file in a preferred location using the command tar -xvf elasticsearch-8.6.2-linux-x86_64.tar.gz in all cluster nodes.

  3. Go to {directory}/elasticsearch-8.6.2/bin folder.

  4. Run Elasticsearch with the ./elasticsearch command.

  5. When you run ES in a terminal for the first time you get a password on the terminal (As default elastic search will run as HTTPS). You must note down the password.

    3651633182.png
  6. Open the {directory}/elasticsearch-8.6.2/config/elasticsearch.yml file for each node, for editing. Configure the node in the following way:

    To run ES on HTTP and to make ES a cluster refer to the following sample elasticsearch.yml file:

    Elasticsearch Node1:

    network.host: 0.0.0.0
    cluster.name: logging-prod
    node.name: node-1
    
    xpack.security.enabled: false
    xpack.security.enrollment.enabled: false
    xpack.security.http.ssl:
      enabled: false
    xpack.security.transport.ssl:
      enabled: false
    discovery.seed_hosts: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
    cluster.initial_master_nodes: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
    http.host: 192.168.11.57

Elasticsearch Node 2:

network.host: 0.0.0.0
cluster.name: logging-prod
node.name: node-1
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
xpack.security.http.ssl:
  enabled: false
xpack.security.transport.ssl:
  enabled: false 
discovery.seed_hosts: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
cluster.initial_master_nodes: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]

http.host: 192.168.11.227

Elasticsearch Node 3:

network.host: 0.0.0.0
cluster.name: logging-prod
node.name: node-1
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
xpack.security.http.ssl:
  enabled: false
xpack.security.transport.ssl:
  enabled: false
discovery.seed_hosts: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
cluster.initial_master_nodes: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
http.host: 192.168.11.193

7. Start ES on all nodes.

8. Check the cluster health once all nodes started. To check the cluster health, execute the following cURL command:

curl -XGET 'http://localhost:9200/_cluster/health'

9. Install the Zephyr Enterprise application with ES host URL as:

http://192.168.0.1:9200,http://192.168.0.2:9200,http://192.168.0.3:9200

On Windows:

  1. Download Elasticsearch 8.6.2

  2. Unzip the file in the preferred location.

  3. Open the command prompt as administrator and go to {directory}\elasticsearch-8.6.2\bin path.

  4. Run ES with the elasticsearch.bat command.

  5. Stop the Elasticsearch.

  6. Open the {directory}\elasticsearch-8.6.2\config\elasticsearch.yml file for each node, for editing. Configure the node in the following way:

    To run ES on HTTP and to make ES a cluster refer to the following sample elasticsearch.yml file:

    Elasticsearch Node1:

    network.host: 0.0.0.0
    cluster.name: logging-prod
    node.name: node-1
    
    xpack.security.enabled: false
    xpack.security.enrollment.enabled: false
    xpack.security.http.ssl:
      enabled: false
    xpack.security.transport.ssl:
      enabled: false
    discovery.seed_hosts: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
    cluster.initial_master_nodes: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
    http.host: 192.168.11.57

Elasticsearch Node 2:

network.host: 0.0.0.0
cluster.name: logging-prod
node.name: node-1
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
xpack.security.http.ssl:
  enabled: false
xpack.security.transport.ssl:
  enabled: false 
discovery.seed_hosts: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
cluster.initial_master_nodes: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]

http.host: 192.168.11.227

Elasticsearch Node 3:

#ES Node 3:
network.host: 0.0.0.0
cluster.name: logging-prod
node.name: node-1
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
xpack.security.http.ssl:
  enabled: false
xpack.security.transport.ssl:
  enabled: false
discovery.seed_hosts: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
cluster.initial_master_nodes: ["192.168.11.57", "192.168.11.227", "192.168.11.193"]
http.host: 192.168.11.193

7. Start ES on all nodes.

8. Check the cluster health once all nodes started. To check the cluster health, execute the following cURL command:

curl -XGET 'http://localhost:9200/_cluster/health'

9. Install the Zephyr Enterprise application with ES host URL as:

http://192.168.0.1:9200,http://192.168.0.2:9200,http://192.168.0.3:9200

Enable TLS 1.2 and 1.3 versions for Elasticsearch

You to add the following two lines in the elasticsearch.yml file:

xpack.security.http.ssl:
  supported_protocols: TLSv1.3, TLSv1.2
xpack.security.transport.ssl:
  supported_protocols: TLSv1.3, TLSv1.2

The following is the sample .yml file:

cluster.name: zephyr
node.name: node-1
http.port: 9200
network.host: 192.168.0.1
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
  supported_protocols: TLSv1.3, TLSv1.2
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
  supported_protocols: TLSv1.3, TLSv1.2
http.host: 0.0.0.0
indices.query.bool.max_clause_count: 9024
action.auto_create_index: ".watches,.triggered_watches,.watcher-history-*,-zephyr*,+*"

Connect Zephyr to Elasticsearch

ES must be running before you install Zephyr Enterprise. You connect Zephyr to ES during the product installation. To do this, specify either the IP address of your ES server or its host name, depending on the settings you have specified in the elasticsearch.yml file.

  • Cluster installation

    Specify the following IP addresses and port numbers when prompted to configure ES. Use commas to separate them:

    http://192.168.0.1:9200,http://192.168.0.2:9200,http://192.168.0.3:9200

Publication date: