Configure an Elasticsearch Service deployment as a remote clusteredit

Using Kibanaedit

You can configure remote clusters in Kibana starting with version 7.7.0 and this mechanism is supported if the remote is at 7.6.0 or higher. Alternatively, the Elasticsearch API can be used for other versions.

  1. Configure both the local cluster and the remote cluster in your environment to trust each other. The steps are different depending on where the local and remote cluster live.
  2. Open the Kibana main menu, and select Stack Management > Remote Clusters.

    Remote Clusters UI in Kibana
  3. To add a deployment as a new remote cluster, fill in the following fields:

    • Use Proxy Mode: this must be enabled.
    • Name: this is the alias you will use to run CCS queries.
    • Proxy Address: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote.
    • Server Name: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote.
Remote Cluster Parameters in Deployment

Using the Elasticsearch APIedit

When the cluster to be configured as a remote is 7.6.0 or higher, the Remote cluster must be configured using the proxy mode to update the remote settings of the cluster. To configure your deployment as a remote cluster you need to pass the following fields:

  • Mode: proxy
  • Proxy address: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote. Also, using the API, this value can be obtained from the elasticsearch resource info, concatenating the fields metadata.endpoint and metadata.ports.transport_passthrough using a semicolon.
  • Server name: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote. Also, using the API, this can be obtained from the Elasticsearch resource info field metadata.endpoint.

This is an example of the API call to _cluster/settings:

{
  "persistent": {
    "cluster": {
      "remote": {
        "alias-for-my-remote-cluster": {
          "mode":"proxy",
          "proxy_address": "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io:9400",
          "server_name": "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io"
        }
      }
    }
  }
}
Stack Version above 6.7.0 and below 7.6.0

When the cluster to be configured as a remote is above 6.7.0 and below 7.6.0, the remote cluster must be configured using the sniff mode with the proxy field. For each remote cluster you need to pass the following fields:

  • Proxy: This value can be found on the Security page of the deployment you want to use as a remote under the name Proxy Address. Also, using the API, this can be obtained from the elasticsearch resource info, concatenating the fields metadata.endpoint and metadata.ports.transport_passthrough using a semicolon.
  • Seeds: This field is an array that must contain only one value, which is the server name that can be found on the Security page of the {s} deployment you want to use as a remote concatenated with :1. Also, using the API, this can be obtained from the Elasticsearch resource info, concatenating the fields metadata.endpoint and 1 with a semicolon.
  • Mode: sniff (or empty, since sniff is the default value)

This is an example of the API call to _cluster/settings:

{
  "persistent": {
    "cluster": {
      "remote": {
        "my-remote-cluster-1": {
          "seeds": [
            "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io:1"
          ],
          "proxy": "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io:9400"
        }
      }
    }
  }
}

Using the Elasticsearch Service RESTful APIedit

The following PUT request configures a remote cluster which also lives inside Elasticsearch Service and belongs to the same organization (for other scenarios, the Elasticsearch API should be used instead):

curl -H 'Content-Type: application/json' -X PUT -H "Authorization: ApiKey $EC_API_KEY" https://api.elastic-cloud.com/api/v1/deployments/$DEPLOYMENT_ID/elasticsearch/$REF_ID/remote-clusters -d '
{
  "resources" : [
    {
      "deployment_id": "$DEPLOYMENT_ID_REMOTE",
      "elasticsearch_ref_id": "$REF_ID_REMOTE",
      "alias": "alias-your-remote",
      "skip_unavailable" : true
    }
  ]
}'
DEPLOYMENT_ID_REMOTE
The ID of your remote deployment, as shown in the Cloud UI or obtained through the API.
REF_ID_REMOTE
The unique ID of the Elasticsearch resources inside your remote deployment (you can obtain these values through the API).

Note the following when using the Elasticsearch Service RESTful API:

  1. A cluster alias must contain only letters, numbers, dashes (-), or underscores (_).
  2. To learn about skipping disconnected clusters, refer to the Elasticsearch documentation.
  3. When remote clusters are already configured for a deployment, the PUT request replaces the existing configuration with the new configuration passed. Passing an empty array of resources will remove all remote clusters.

The following API request retrieves the remote clusters configuration:

curl -X GET -H "Authorization: ApiKey $EC_API_KEY" https://api.elastic-cloud.com/api/v1/deployments/$DEPLOYMENT_ID/elasticsearch/$REF_ID/remote-clusters

The response will include just the remote clusters from the same organization in Elasticsearch Service. In order to obtain the whole list of remote clusters, use Kibana or the Elasticsearch API Elasticsearch API directly.

Configure a self-managed cluster as the remote cluster of an Elasticsearch Service clusteredit

You can configure remote clusters in Kibana starting with version 7.7.0 and this mechanism is supported if the remote is at 7.6.0 or higher. Alternatively, the Elasticsearch API can be used for other versions.

  1. Configure both the local cluster and the remote cluster in your environment to trust each other. The steps are different depending on where the local and remote cluster live.
  2. Open the Stack Management section and select Remote Clusters from the side navigation.

    Remote Clusters UI in Kibana
  3. To add a self-managed remote cluster, fill in the fields. You may need to use sniff mode or the proxy mode depending on the topology of your self-managed cluster and your network configuration. Find more details in the remote clusters documentation.

Enable CCR and the Remote Clusters UI in Kibanaedit

If your deployment was created before February 2021, CCR won’t be enabled and you won’t find the Remote Clusters UI in Kibana even though your deployment meets all the criteria.

To enable these features, go to the Security page of your deployment and under Trust management select Enable CCR.

CCR is not supported for indices used by Enterprise Search.

Remote Clusters and Traffic Filteringedit

Traffic filtering can be enabled to restrict access to deployments that are used as a local or remote cluster without any impact to cross-cluster search or cross-cluster replication.