Elasticsearch和Logstash的故障转移
[英]Failover for elasticsearch and logstash
问题描述
I was working to configure logstash and elasticsearch. 
我正在努力配置logstash和elasticsearch。 In my logstash config file output section. 在我的logstash配置文件输出部分。
elasticsearch {
codec => json_lines
cluster => "firstEsearch_cluster"
protocol => "http"
host => "192.168.56.3"
port => "9200"
}
If I do this, I'm able to communicate to the elasticsearch instance 如果我这样做,我就能够与elasticsearch实例进行通信
But now I have multiple nodes for elasticsearch on various machines where I replicate data to recover from failure and machines are in the same network . 但是现在我在不同的机器上有多个用于弹性搜索的节点,在这些机器上我复制数据以从故障中恢复并且机器在同一网络中 。
Now when my machine 192.168.56.3 failed and 192.168.56.4 and 192.168.56.5 were running other nodes of elasticsearch, wasn't able to send logs to elasticsearch cluster, since machine 192.168.56.3 was down. 现在当我的机器192.168.56.3失败并且192.168.56.4和192.168.56.5正在运行elasticsearch的其他节点时,由于机器192.168.56.3已关闭,因此无法将日志发送到elasticsearch集群。 So 所以
- What should be the output configuration for logstash, so that I can still send the logs to elasticsearch cluster, when one of the machine goes down logstash的输出配置应该是什么,这样当其中一台机器出现故障时,我仍然可以将日志发送到elasticsearch集群
When I tried to do this: 当我尝试这样做时:
elasticsearch {
codec => json_lines
cluster => "firstEsearch_cluster"
protocol => "http"
#host => "192.168.56.3"
#port => "9200"
}
logstash wasn't able to connect to elasticsearch instance, and wasn't able to send logs. logstash无法连接到elasticsearch实例,也无法发送日志。
3 个解决方案
解决方案1
5 已采纳 2014-10-01 06:34:57
Deploy a load balancer with a DNS name and point your elasticsearch output to it. 使用DNS名称部署负载均衡器,并将elasticsearch输出指向它。 The load balancer will route the requests to the active elasticsearch nodes. 负载均衡器会将请求路由到活动的elasticsearch节点。
解决方案2
2 2014-10-04 02:39:36
You can run setup a local ES instance on your indexers that acts as a client node. 您可以在充当客户机节点的索引器上运行设置本地ES实例。 Configure the node with the following options 使用以下选项配置节点
node.master: false
node.data: false
Then just point your elasticsearch output to localhost. 然后只需将您的elasticsearch输出指向localhost。 This client node won't store any data and just act as a loadbalancer to the rest of your nodes. 该客户端节点将不存储任何数据,仅充当其余节点的负载平衡器。
解决方案3
0 2015-03-11 20:07:58
Elasticsearch (Now called just elastic) recomends setting up an nginx proxy which does load balancing. Elasticsearch(现在称为弹性)现在建议设置一个可以进行负载平衡的nginx代理。 Point your logstash servers to the proxy, and nginx will round robin between the nodes in the cluster. 将您的logstash服务器指向代理,然后nginx将在集群中的节点之间进行循环。
https://www.elastic.co/blog/playing-http-tricks-nginx/ https://www.elastic.co/blog/playing-http-tricks-nginx/
Here is a snippet of what the nginx config might look like. 这是nginx配置可能看起来的片段。 Point your logstash servers at port 8080. 将您的logstash服务器指向端口8080。
events {
worker_connections 1024;
}
http {
upstream elasticsearch {
server 127.0.0.1:9200;
server 127.0.0.1:9201;
server 127.0.0.1:9202;
keepalive 15;
}
server {
listen 8080;
location / {
proxy_pass http://elasticsearch;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.