How to add a node to an Elasticsearch cluster

Adding a node increases an Elasticsearch cluster’s capacity for indexing and search while improving resilience when hardware fails or maintenance is required. A correctly joined node allows shards to rebalance across more hosts, reducing hotspots and improving recovery options.

Cluster membership is established over the transport layer (typically port 9300), where the node discovers an existing cluster using discovery.seed_hosts and joins only when cluster.name and transport security expectations match. Node responsibilities are controlled through node.roles, which determines whether the new node can store shards (data), run ingest pipelines (ingest), or participate in cluster management.

Version and security alignment matters more than the YAML edits: a mismatched major version, blocked transport connectivity, or transport TLS mismatch prevents joining. Avoid using cluster.initial_master_nodes for an existing cluster, and keep the HTTP API (port 9200) restricted to trusted networks when exposed.

Steps to add a node to an Elasticsearch cluster:

Open the Elasticsearch configuration file on the new node.
```
$ sudo nano /etc/elasticsearch/elasticsearch.yml
```
Set the cluster identity and discovery settings to match the existing cluster.
```
cluster.name: search-cluster
node.name: node-04
network.host: 192.0.2.43
discovery.seed_hosts: ["192.0.2.40:9300", "192.0.2.41:9300", "192.0.2.42:9300"]
```
node.name must be unique within the cluster, and each discovery.seed_hosts entry must be reachable on port 9300.
Remove the cluster.initial_master_nodes setting from the configuration if present.
```
cluster.initial_master_nodes: ["node-01", "node-02", "node-03"]
```
cluster.initial_master_nodes is only for bootstrapping a brand-new cluster; leaving it set on a joining node can trigger an unintended bootstrap during discovery failures.
Set node roles for the new node.
```
node.roles: [data, ingest]
```
Related: How to configure Elasticsearch node roles
Enable and start the elasticsearch service.
```
$ sudo systemctl enable --now elasticsearch
```
Related: How to manage the Elasticsearch service with systemctl in Linux

Verify the new node appears in the cluster node list.

$ curl -sS "http://192.0.2.40:9200/_cat/nodes?v&h=ip,name,node.role,master"
ip         name    node.role   master
192.0.2.41 node-02 cdfhilmrstw *
192.0.2.42 node-03 cdfhilmrstw -
192.0.2.40 node-01 cdfhilmrstw -
192.0.2.43 node-04 cdfhilmrstw -

If the HTTP API is protected by TLS and authentication, use https and add credentials plus the cluster CA, for example:

$ curl -sS --cacert /etc/elasticsearch/certs/http_ca.crt -u "elastic:%%password%%" "https://192.0.2.40:9200/_cat/nodes?v&h=ip,name,node.role,master"

Confirm cluster health reflects the additional node.

$ curl -sS "http://192.0.2.40:9200/_cluster/health?pretty"
{
  "cluster_name" : "search-cluster",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 4,
  "number_of_data_nodes" : 4,
  "active_primary_shards" : 3,
  "active_shards" : 6,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

status may be yellow while replicas relocate after a node join, and returns to green after allocation completes.

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.