Current Server Architecture of Our Company:
There is a management layer and multiple execution layers. Each execution layer has multiple regions, and each region contains multiple servers.
The management layer can communicate with multiple execution layers. Execution layers do not communicate with each other. Each execution layer can communicate with multiple regions under it.
Intended Deployment Plan for Graylog Log Service:
Deploy a MongoDB cluster in the management layer.
Deploy one Graylog instance and one ES cluster in each execution layer.
Logs collected from each server will be sent directly to the Graylog service of the corresponding execution layer via firewall rules.
Consultation Questions:
What potential issues may arise with this architecture?
Are there any additional configurations required?
If multiple Graylog instances use the same MongoDB cluster for configuration storage but different ES clusters for data storage, what theoretical problems may occur?
If the management layer acts as a gateway to route requests to the Graylog APIs of each execution layer, can it obtain all configuration information and log data of the corresponding execution layers? (Will configurations and ES data be isolated?)
Your assistance with the above questions is greatly appreciated.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.