I am having difficulty adding a second Data Node to my deployment of Graylog 6.1.
I have set up my server, first data node, and monodb instance all on one host, and it works perfectly.
For the second data node, I have followed the installation guide: Red Hat Installation
stopping after the installation of the data node, as the guide says.
Piecing what I could from other documentation, I gathered that I needed to set my Mongodb instance on my initial server to listen on all interfaces, not just local host, so I edited /etc/mongod.conf to set bindIP to 0.0.0.0 .
On my second data node, I edited /etc/graylog/datanode/datanode.conf to set monogodb_uri to mongodb://<SERVER-1-IP>/graylog
I have set the password_secret in datanode.conf to be the exact same value on the first and the second node.
I also set bind_address to 0.0.0.0 on both nodes, and the http_publish_uri to each node’s IP address.
I have added firewall rules in firewall-d on both nodes for all the ports listed here: Planning Your Deployment
Restarting everything, and I still only see one data node in my graylog server. Am I missing something?
Those are generally the right steps, are you seeing errors in the log of the new datanode about connecting to mongodb etc?
In the logs for my second node, it says MongoDB is not available.
This makes me think something is misconfigured with MongoDB, since I am pretty positive my firewall is set correctly.
On my primary data node, I ran db.getMongo() to see the connection string. It’s connecting to mongodb://12.0.0.1:27017 – not my network interface.
I double-checked /etc/mongodb.conf and I have my bindIP set to 0.0.0.0, and I have restarted the mongodb service – is something misconfigured here?
Ya you may want to hard code the address it should bind to, but also then make sure that the graylog that is on the same machine is pointing to that address and not 127.0.0.1
thanks, I’ll try that. On my primary node (where I have graylog server installed), do I need to edit bothserver.conf and datanode.conf, or does one config supersede the other?
binding mongod to my primary node’s IP address resulted in an error: “illegal map value” – so I switched it back to 0.0.0.0
I have managed to get it working (there was a DNS issue).
My secondary node is connecting, however, I now receive the following error:
2025-01-17T10:00:30.451+11:00 ERROR [CmdLineTool] Startup error:
java.lang.RuntimeException: org.graylog.datanode.configuration.DatanodeKeystoreException: java.io.IOException: keystore password was incorrect
I have double-checked and confirmed ther password_secret is the same on both nodes. Any help here is much appreciated.
I have this working now – I had to delete the keystore.jks file located in /var/log/graylog-datanode/config and restart the graylog-datanode service. I can now see my secondary datanode in graylog.
