Multi-Nodes

It is important to consider the name of the new Elasticsearch cluster. In most cases, in fact, the default name should be changed to avoid conflicts. This guide doesn't provide a step-by-step tutorial for building a multi-node LeonaLog cluster but does give some advice on questions that might arise during the setup.

Requirements

Every server which is part of this setup has the software requirements installed to run the targeted software. All software requirements can be found in the installation manual.

We highly recommend that the system time on all systems is kept in sync via NTP or a similar mechanism. Needless to say that DNS resolution must be working, too.

In order to simplify the installation process, the servers should have a working Internet connection.

MongoDB Replica Set

We recommend deploying a MongoDB replica set.

Elasticsearch Cluster

The Elasticsearch setup documentation should help you to install Elasticsearch with a robust base configuration.

LeonaLog Multi-Node

After the installation of leona, you should take care that only one leona node is configured to be master with the configuration setting is_master = true.

The http_bind_address configured address needs to be reachable by all Graylog nodes in the cluster. The http_publish_uri is normally auto-generated from the http_bind_address. This URI is used for inter-node communication.

If the http_bind_address is configurated with 0.0.0.0 you must configure http_publish_uri. Otherwise leona will use the first non-loopback IP, what might not fit into your desired design.