The structure of cluster like this:
We used four VM:
A 10.32.xxx.213 ubuntu12.04
B 10.32.xxx.214 ubuntu12.04
C 10.13.xxx.85 ubuntu14.04
D 10.32.xxx.160 ubuntu14.04
Building up this cluster is not complicated: same as installing single node LEK, just add a Redis which act as a broker!
We use redis 3.0.2, you can install it like this:
$ wget http://download.redis.io/releases/redis-3.0.2.tar.gz
$ tar xzf redis-3.0..tar.gz
$ cd redis-3.0.
$ make //build
$ make install //install
$ cd utils
$ ./install_server.sh //The script will ask you a few questions and will setup everything you need to run Redis properly as a background daemon that will start again on system reboots.
Now, everything has installed. We can run this cluster and just make the kibana get data from shipper.
In shipper B and D, the logstash’s configuration file:
input {
file {
path => ['/var/log/syslog', '/var/log/kern.log']
type => "syslog"
}
}
output {
redis {
data_type => "channel"
key => "logstash-*"
host => "10.32.xxx.213"
port =>
}
In A, the logstash’s configuration file:
input {
redis {
data_type => "pattern_channel"
key => "logstash-*"
host => "10.32.xxx.213"
port => ""
}
}
output {
stdout { }
elasticsearch {
host => "10.13.xxx.85"
protocol => "http"
}
}
After all these, then yon can run your cluster smoothly.