In the Getting started with the Elastic Stack and Getting started with security tutorials, we used a cluster with a single Elasticsearch node to get up and running with the Elastic Stack.
You can add as many nodes as you want in a cluster but they must be able to communicate with each other. The communication between nodes in a cluster is handled by the transport module. To secure your cluster, you must ensure that the internode communications are encrypted.
In this tutorial, we add more nodes by installing more copies of Elasticsearch on the same machine. By default, Elasticsearch binds to loopback addresses for HTTP and transport communication. That is fine for the purposes of this tutorial and for downloading and experimenting with Elasticsearch in a test or development environment. When you are deploying a production environment, however, you are generally adding nodes on different machines so that your cluster is resilient to outages and avoids data loss. In a production scenario, there are additional requirements that are not covered in this tutorial. See Development vs production mode and Adding nodes to your cluster.
Before you beginedit
Ideally, you should do this tutorial after you complete the Getting started with the Elastic Stack and Getting started with security tutorials.
At a minimum, you must install and configure Elasticsearch and Kibana in a cluster with a
single Elasticsearch node. In particular, this tutorial provides instructions for adding
nodes that work with the
To complete this tutorial, you must install the default Elasticsearch and Kibana packages, which include the encrypted communications security features. When you install these products, they apply basic licenses with no expiration dates. All of the subsequent steps in this tutorial assume that you are using a basic license. For more information, see https://www.elastic.co/subscriptions and License management.
Intro to Kibana
ELK for Logs & Metrics