i have setup graylog on my ubuntu machine and its working fine, now I wanted to implement multi-node elasticsearch for high availability. I did not found any step step setup, can i use this link to setup multi-node on elasticsearch.
and is there any for notification or email if something went wrong with graylog or Elastic search node dead.
in the linked section of the documentation is this
The Elasticsearch servers need one IP that can be reached over network set in network.host and some participants of the cluster in discovery.zen.ping.unicast.hosts . That is enough to have a minimal cluster setup.
What did you need more? Installation is done of the Elasticsearch as described in the step-by-step guides.
as i understand i can define the node information in elastisearch.yml file like this #give your cluster a name.
cluster.name: my-cluster
#give your nodes a name (change node number from node to node).
node.name: "es-node-1"
#define node 1 as master-eligible:
node.master: true
#define nodes 2 and 3 as data nodes:
node.data: true
#enter the private IP and port of your node:
network.host: 172.11.61.27
http.port: 9200
#detail the private IPs of your nodes:
discovery.zen.ping.unicast.hosts: ["172.11.61.27", "172.31.22.131","172.31.32.221"]
personal I would define only node.name, discovery.zen.ping.unicast.hosts and network.host.
My advice would be to have all nodes as data and possible master nodes. Then you can benefit from the ability that elasticsearch is able to make use of all available resources.