Hi Mattis,
you shouldn't cut off the error message from the logs you've posted if you
expect anyone to help you. ;-)
Cheers,
Jochen
On Monday, 14 March 2016 16:51:54 UTC+1, Mattis Haase wrote:
>
> Two machines on the same VM host, one ES, on graylog, configured via
> puppet.
>
> Graylog Server error:
>
> 2016-03-14T16:40:10.280+01:00 INFO [transport] [graylog2-server]
> bound_address {inet[/0:0:0:0:0:0:0:0:9350]}, publish_address
> {inet[/a.b.c.d:9350]}
> 2016-03-14T16:40:10.296+01:00 INFO [discovery] [graylog2-server]
> graylog2/glh_l29gT9Sk1_nRRT3VNw
> 2016-03-14T16:40:10.300+01:00 WARN [ClusterStateMonitor] No Elasticsearch
> data nodes in cluster, cluster is completely offline.
> 2016-03-14T16:40:10.574+01:00 INFO [Reflections] Reflections took 448 ms
> to scan 1 urls, producing 2 keys and 2 values
> 2016-03-14T16:40:13.299+01:00 WARN [discovery] [graylog2-server] waited
> for 3s and no initial state was set by the discovery
> 2016-03-14T16:40:13.299+01:00 INFO [node] [graylog2-server] started
> 2016-03-14T16:40:17.099+01:00 INFO [RestApiService] Adding security
> context factory:
> <org.graylog2.security.ShiroSecurityContextFactory@4b7ee77a>
> 2016-03-14T16:40:17.115+01:00 INFO [RestApiService] Started REST API at <
> http://127.0.0.1:12900/>
> 2016-03-14T16:40:18.301+01:00 INFO [IndexerSetupService] Checking
> Elasticsearch HTTP API at http://fqdn:9200/
> 2016-03-14T16:40:18.384+01:00 ERROR [UI]
>
> curl -X GET http://fqdn:9200
>
> {
> "status" : 200,
> "name" : "graylog2-server",
> "cluster_name" : "graylog2",
> "version" : {
> "number" : "1.7.5",
> "build_hash" : "00f95f4ffca6de89d68b7ccaf80d148f1f70e4d4",
> "build_timestamp" : "2016-02-02T09:55:30Z",
> "build_snapshot" : false,
> "lucene_version" : "4.10.4"
> },
> "tagline" : "You Know, for Search"
> }
>
> Config (using puppet):
> ES:
> class { 'elasticsearch':
> ensure => 'present',
> package_url => "
> https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-${elasticversion}.deb
> ",
> config => {
> 'elasticsearch.discovery.zen.ping.multicast.enable' => false,
> 'elasticsearch.discovery.zen.ping.unicast.hosts' =>
> "${::fqdn}:9300",
> },
> }->
>
> elasticsearch::instance { 'graylog2':
> config => {
> 'node.name' =>
> 'graylog2-server',
> 'cluster.name' => 'graylog2',
> 'network.host' => $::ipaddress,
> 'transport.tcp.port' => '9300',
> 'http.port' => '9200',
> }
>
> Graylog:
> class {'graylog2::server':
> password_secret =>
> root_password_sha2 => ',
> elasticsearch_cluster_name => 'graylog2',
> elasticsearch_node_name =>
> 'graylog2-server',
> elasticsearch_discovery_zen_ping_multicast_enabled => false,
> elasticsearch_discovery_zen_ping_unicast_hosts => 'fqdn:9300',
> gc_warning_threshold => '15s',
> usage_statistics_enabled => false,
> }
>
> I tried pretty much every combination of using multicast, using unicast
> with different ports, manually setting elasticsearch_network_host
> and elasticsearch_transport_tcp_port. No other software that uses
> elasticsearch has any issues whatsoever, it just works. Using the same
> config but on one machine it also works.
>
> Any ideas?
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/2c874374-6c97-48be-84b3-41efe71e2dda%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
