Two machines on the same VM host, one ES, on graylog, configured via puppet.
Graylog Server error:
2016-03-14T16:40:10.280+01:00 INFO [transport] [graylog2-server]
bound_address {inet[/0:0:0:0:0:0:0:0:9350]}, publish_address
{inet[/a.b.c.d:9350]}
2016-03-14T16:40:10.296+01:00 INFO [discovery] [graylog2-server]
graylog2/glh_l29gT9Sk1_nRRT3VNw
2016-03-14T16:40:10.300+01:00 WARN [ClusterStateMonitor] No Elasticsearch
data nodes in cluster, cluster is completely offline.
2016-03-14T16:40:10.574+01:00 INFO [Reflections] Reflections took 448 ms
to scan 1 urls, producing 2 keys and 2 values
2016-03-14T16:40:13.299+01:00 WARN [discovery] [graylog2-server] waited
for 3s and no initial state was set by the discovery
2016-03-14T16:40:13.299+01:00 INFO [node] [graylog2-server] started
2016-03-14T16:40:17.099+01:00 INFO [RestApiService] Adding security
context factory:
<org.graylog2.security.ShiroSecurityContextFactory@4b7ee77a>
2016-03-14T16:40:17.115+01:00 INFO [RestApiService] Started REST API at
<http://127.0.0.1:12900/>
2016-03-14T16:40:18.301+01:00 INFO [IndexerSetupService] Checking
Elasticsearch HTTP API at http://fqdn:9200/
2016-03-14T16:40:18.384+01:00 ERROR [UI]
curl -X GET http://fqdn:9200
{
"status" : 200,
"name" : "graylog2-server",
"cluster_name" : "graylog2",
"version" : {
"number" : "1.7.5",
"build_hash" : "00f95f4ffca6de89d68b7ccaf80d148f1f70e4d4",
"build_timestamp" : "2016-02-02T09:55:30Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
}
Config (using puppet):
ES:
class { 'elasticsearch':
ensure => 'present',
package_url =>
"https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-${elasticversion}.deb";,
config => {
'elasticsearch.discovery.zen.ping.multicast.enable' => false,
'elasticsearch.discovery.zen.ping.unicast.hosts' =>
"${::fqdn}:9300",
},
}->
elasticsearch::instance { 'graylog2':
config => {
'node.name' =>
'graylog2-server',
'cluster.name' => 'graylog2',
'network.host' => $::ipaddress,
'transport.tcp.port' => '9300',
'http.port' => '9200',
}
Graylog:
class {'graylog2::server':
password_secret =>
root_password_sha2 => ',
elasticsearch_cluster_name => 'graylog2',
elasticsearch_node_name => 'graylog2-server',
elasticsearch_discovery_zen_ping_multicast_enabled => false,
elasticsearch_discovery_zen_ping_unicast_hosts => 'fqdn:9300',
gc_warning_threshold => '15s',
usage_statistics_enabled => false,
}
I tried pretty much every combination of using multicast, using unicast
with different ports, manually setting elasticsearch_network_host
and elasticsearch_transport_tcp_port. No other software that uses
elasticsearch has any issues whatsoever, it just works. Using the same
config but on one machine it also works.
Any ideas?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/f9be7905-8cc6-47e1-b4ef-bf131d3b8800%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
