In this chapter, we went through many steps to configure an Elastic Stack, which is a collection of four main components—Elasticsearch, Logstash, Kibana, and Beats. For the setup, we used three VMs; we hosted two Elasticsearch nodes, and then, on a single system, we installed Logstash and Kibana, using version 6.5 for each of the components. We installed Elasticsearch using the RPM repository provided by Elastic Stack; yum was used to install the required packages. Elasticsearch configuration was done using the elasticsearch.yml file, which controls how elasticsearch behaves. We defined a number of settings that are required for a functional cluster, such as the cluster.name parameter and discovery.zen.minimum_master_nodes.
We added a new Elasticsearch node by configuring the cluster name and the discovery settings, which allows the node to join the cluster automatically. Then, we moved onto installing Kibana and Logstash, which are provided on the same RPM repository that was used for Elasticsearch; configuring Logstash and Kibana was done through their respective .yml files.
Once all three main components were up, and the operation was ready to accept incoming data, we moved onto installing Beats, which are the data shippers that are used by Elasticsearch and Logstash to ingest data. For logs and events, we used Filebeat, and for system metrics such as memory usage and CPU, we used Metricbeat.
In the next chapter, we will learn about the challenges of systems management and Salt's architecture.