Using replicaCount: 2 in Helm chart sends all alerts twice #451
-
|
Hi, I've deployed the 2.2.1 Helm chart in an EKS and I've changed replicaCount from 1 to 2 (replicaCount: 2) for HA. After configuring some alerts, I've noticed that each alert is sent twice for a single query hit. Is there a setting I need to set to be using a replicaCount > 1? Thanks :-) |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
I will defer to @jertel's opinion on this, but my understanding of the way ElastAlert works suggests that it does not currently support multiple replicas working in tandem. ElastAlert simply runs in a loop, with an instance maintaining a queue of rules to be run and writing its current search status back to an index within Elasticsearch. Multiple replicas would have no knowledge of each other and would therefore have no way of preventing race conditions. A similar question from some time ago with a reply from the original chief contributor suggests that a single instance is all that is supported, with no concept of coordination between instances. |
Beta Was this translation helpful? Give feedback.
I will defer to @jertel's opinion on this, but my understanding of the way ElastAlert works suggests that it does not currently support multiple replicas working in tandem.
ElastAlert simply runs in a loop, with an instance maintaining a queue of rules to be run and writing its current search status back to an index within Elasticsearch. Multiple replicas would have no knowledge of each other and would therefore have no way of preventing race conditions.
A similar question from some time ago with a reply from the original chief contributor suggests that a single instance is all that is supported, with no concept of coordination between instances.