We have installed Graylog 2.3.1 version and is running on AWS Instance. Elasticsearch & Mongodb were running in another AWS Instance.
So now we were trying to add new node2 to the Graylog by then we created AMI of the node 1 and using that AMI we are able to create node2 in another VM and below are the changes we did it in the node2,
Delete all files from message_journal_dir directory and also deleted the “node_id_file” file
The nodes are showing different names and ids but the processing in/out messages are showing the exact same number, also if I click on “Graceful Shutdown” on Node2, it is actually stopping Node1.
Please share your thoughts and correct me if I am doing anything wrong in the setup.
I forgot to mention I have installed & configured graylog by using tar-ball (manual setup). Graylog was running in AWS EC2 instance and I created an AMI of the running EC2 instance.
Later I used that AMI to create new node in another EC2 instance.
The graylog-ctl script is only available for Virtual machine appliances and not for manual setup using tar-ball.
I want to add new node to graylog by using the manually created AMI of the other EC2 instance.
Let me know your feedback and guide us how to proceed further.
I have installed Graylog 2.3.1 in ubuntu 16.04 which is newly created instance in GCP (Google cloud platform), Elasticsearch & Mongo db were running in the same instance. Graylog application was up and running.
Below are the server.conf file changes in Graylog node1,
You have to use the exact same password_secret for every Graylog node in the cluster, the content of /etc/graylog/server/node-id has to be unique for each Graylog node in the cluster (see node_id_file), every Graylog node has to use the same Elasticsearch cluster (see elasticsearch_hosts), and every Graylog node has to use the same MongoDB database (see mongodb_uri).
The only thing I missed was mongo url and I have given private IP address instead of public IP address so that’s why my new node was not able to start.