I'm setting up an Elasticsearch cluster using VMs in AWS.
I know that each node automatically tries to join an existing cluster which have the same cluster name in the same network.
However, I could not understand what the "same network" is.
Trying to understand about the same network, I found the concept of multicast and unicast.
It seems to be the same concept between "same network" and "in the multicast group".
If so, how can I figured out what ip addresses are in the multicast group? and how can I add or remove some IP addresses in the multicast group?
I'm not so familiar with the concepts of network.
What I really want to know is that how can I figured out whether my
nodes are in the same network or not? and how can I configure that.
Thanks in advance.
I am not a networking guy, but I believe they mean as long as they can see each other on a private network. Each node in a cluster wants to communicate internally with the other nodes on port 9300 by default.
So if you have one node on 10.20.10.5 (as an example) and one on 10.20.10.6, they should be able to "see" each other.
Also you can explicitly set the nodes in the cluster in the config file for Elastic.
For example in my elasticsearch.yml, I have something like this under the ### DISCOVERY ### section:
discovery.zen.ping.unicast.hosts: ["elastic-p1.domain.net:9300", "elastic-p2.domain.net:9300"]
Related
I am looking for a basic thing yet I have not found not even a single good documentation on getting it done.
I want to allocate a floating IP, then associate it to a network interface of a droplet other than eth0.
The reason is I want to have the ability to very easily switch from one IP to the other with a programming language.
In a few words, I want to be able to do these two commands and both should provide a different response.
curl --interface eth0 https://icanhazip.com
curl --interface eth1 https://icanhazip.com
Also, I want to know what to do once I release the Floating IP, how do I roll back to the starting point.
All documentation I read, rely heavily on "ip route" and "route", most did not even work, some worked but replaced completely the old IP by the floating and that's not what I want, and also they did not show how to rollback the introduced configuration changes.
Please help, I spent 1 whole day now trying to get this to work for a project, and no results so far.
I guess there is no need to know DigitalOcean, how to make this work on other Cloud Providers would apply here too I think.
Update
After asking this on DigitalOcean community forum (https://www.digitalocean.com/community/questions/clear-guide-on-outbound-network-through-floating-ip), they claim that is not supported, although there may be some solutions to this if somebody can provide such a "hacky" solution I would take it too. Thanks
In the cloud (AWS. GCP etc.) ARP is emulated by the virtual network layer, meaning that only IPs assigned to VMs by the cloud platform can be resolved. Most of the L2 failover protocols do break for that reason. Even if ARP worked,the IP allocation process for these IPs (often called “floating IPs”) would not integrate with the virtual network in a standard way, so your OS can't just "grab" the IP using ARP and route the packets to itself.
I have not personally done this on Digital Ocean, but I assume that you can call the cloud's proprietary API to do this functionality if you would like to go this route.
See this link on GCP about floating IPs and their implementation. Hope this is helpful.
Here's an idea that needs to be tested:
Let's say you have Node1(10.1.1.1/24) and Node2(10.1.1.2/24)
Create a loopback interface on both VMs and set the same IP address for both like (10.2.1.1/32)
Start a heartbeat send/receive between them
When NodeA starts it automatically makes an API call to create a route for 10.2.1.1/32 and points to itself with preference 2
When NodeB starts it automatically makes an API call to create a route for 10.2.1.1/32 and points to itself with preference 1
The nodes could monitor each other to withdraw the static routes if the other fails. Ideally you would need a 3rd node to reach quorum and prevent split brain scenarios, but you get the idea right?
This may seem a naive question, since the computer networks knowledge from university days has almost vanished throughout the years, but before getting my hands on a book relevant on this topic, I would like to find out what more experienced folks out there know about this.
Basically I would like to be able to connect a client (C) to a remote server (S), sitting in separate LANs, without adding special rules (e.g. port forwarding) to any of the routers in between.
I know that some applications (TeamViewer) use broker servers for connecting a client to a remote machine, but what I don't know is if the whole traffic between them goes through the broker server.
For my use case, I would use such a server only for initial discovery of the peers (more exactly the discovery of S by C), then the traffic would go through a connection directly initiated by C towards S.
Would such an approach be possible?
Thank you!
Unfortunately if the devices reside in networks separated by the Internet your first hurdle concerns RFC1918. In order to connect to a private IP you will have to use some level of NAT. To over come this is to build a VPN connection between the two networks affectively connecting as if each are local to the other. Please note that to avoid any NAT configuration in this scenario requires that the private networks are using different subnets IPs
I want to get and set network properties those one are in this picture by salt(If I want to be more specific salt-api).
Ubuntu network information
I know I can get some ip and netmask by salt.modules.network.interfaces and gateway from salt.modules.network.default_route and set network properties of windows machines by WIN_IP but I think there must be a better way.
Also I didn't find a way to gather dns of minions yet.
thanks in advance
Here's a link to my network diagram http://i48.tinypic.com/dcev0y.png
I am trying to learn on my own how to setup networks, and on the hybrid network parts I am confused, how does one calculate the amount of minimum datalink needed for a situation like the picture linked above.
English is not my primary language so it is hard for me to search for the proper keywords. Any help is kindly appreciated.
If possible to do so it would be useful to ask the network provider how much bandwidth was available on each route and how much was currently being used.
If there is a network administrator in your organisation you should speak with them first.
This would be the easiest way to aquire an understanding the network topology in the diagram. But you would need to sensitive to the fact network administrators are typically very busy and under pressure so bear that in mind if you are asking for their time.
If you need to figure this out yourself you need to research and learn about basic network monitoring tools
Here are a list of concepts and tools that you should research and understand.
ports ping, traceroute, nslookup and telnet
You will likely need to research TCP/IP, network addresses and subnetting
In addition you will need to learn how about network interfaces controllers, multi-homing IP addresses, public and private facing IP addresses.
First-timer on Stack Overflow here. I'm surprised nobody seems to have asked this question, and I hope this is the right place to ask this. I'm trying to determine if I should expect regular network switches (just simple switches, not routers) to have the capability to isolate local network traffic (i.e. targeted traffic that is directed to another local port in the ame switch) within the switch?
For example, if I have 2 machines connected to ports on the same switch (say, ports 2 and 3) and conversing using a directed, non-broadcast protocol (e.g. TCP), I wanted to make sure the traffic between these 2 machines are not forwarded the the rest of the network outside of the switched subnet.
I'm building a home network and I wanted to build private network "subnets" or "zones" using switches where local subnet traffic does not get forwarded to the "backbone" or the rest of the network. Note that I am NOT trying to block any inbound or outbound traffic to/from/between these "zones", but I just wanted to implement a "need to know" basis for these zones to limit network-wide exposure for localized traffic destined within the same switch. Specifically, I wanted the backbone to have as little unnecessary traffic as possible.
So back to the original question: is it fair to expect any network switch out there to be smart enough not to forward local traffic to the rest of the network? I would expect this to be the case, but I wanted to make sure.
PS: You can assume I have a DHCP/WINS server somewhere on the network that will be assigning IP addresses and the such.
I hope the question makes sense, and any help will be appreciated!
- K.
Short answer: yes, the switch is smart enough (otherwise it would be a hub).
And if you need fancy stuff you might have a look a VLANs.
And I believe this question belongs to serverfault or maybe superuser. That's probably why nobody asked it here :)