Elastic Cloud Enterprise is designed to be used in conjunction with at least one load balancer. A load balancer is not included with Elastic Cloud Enterprise, so you need to provide one yourself and place it in front of the Elastic Cloud Enterprise proxies. The exact number of load balancers depends on the utilization rate for your clusters. In a highly available installation, use at least two load balancers per availability zone in your installation.
Load balancers require that inbound traffic is open on the ports used by Elasticsearch, Kibana, and the transport client. To learn more, see the networking prerequisites.
Load balancers must be configured to strip inbound
X-Forwarded-For headers and to replace them with the client source IP as seen by the load balancer. This is required to prevent clients from spoofing their IP addresses. Elastic Cloud Enterprise uses
X-Forwarder-For for logging client IP addresses and, if you have implemented IP filtering, for traffic management.
When setting up your load balancer:
- Use HTTP mode for ports 9200/9243 (HTTP traffic to clusters) and also for ports 12400/12443 (adminconsole traffic).
- Use TCP mode for ports 9300/9343 (transport client traffic to clusters) and the load balancer should enable the proxy protocol support.
Be sure that all load balancers or proxies sending HTTP traffic to deployments hosted on Elastic Cloud Enterprise are sending HTTP/1.1 traffic.
Intro to Kibana
ELK for Logs & Metrics