Add remote clusters using TLS certificate authenticationedit

  1. Configure both the local cluster and the remote cluster in your environment to trust each other. The steps are different depending on where the local and remote cluster live.
  2. On the local cluster, add the remote cluster using Kibana, the Elasticsearch API, or the Elasticsearch Service RESTful API.

Using Kibanaedit

  1. Open the Kibana main menu, and select Stack Management > Data > Remote Clusters > Add a remote cluster.
  2. Enable Manually enter proxy address and server name.
  3. Fill in the following fields:

    • Name: This cluster alias is a unique identifier that represents the connection to the remote cluster and is used to distinguish between local and remote indices.
    • Proxy address: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote.
    • Server name: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote.

      Remote Cluster Parameters in Deployment
  4. Click Next.
  5. Click Add remote cluster (you have already established trust in a previous step).

Using the Elasticsearch APIedit

To configure a deployment as a remote cluster, use the cluster update settings API. Configure the following fields:

  • mode: proxy
  • proxy_address: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote. Also, using the API, this value can be obtained from the Elasticsearch resource info, concatenating the field metadata.endpoint and port 9400 using a semicolon.
  • server_name: This value can be found on the Security page of the Elasticsearch Service deployment you want to use as a remote. Also, using the API, this can be obtained from the Elasticsearch resource info field metadata.endpoint.

This is an example of the API call to _cluster/settings:

PUT /_cluster/settings
{
  "persistent": {
    "cluster": {
      "remote": {
        "alias-for-my-remote-cluster": {
          "mode":"proxy",
          "proxy_address": "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io:9400",
          "server_name": "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io"
        }
      }
    }
  }
}
Stack Version above 6.7.0 and below 7.6.0

When the cluster to be configured as a remote is above 6.7.0 and below 7.6.0, the remote cluster must be configured using the sniff mode with the proxy field. For each remote cluster you need to pass the following fields:

  • Proxy: This value can be found on the Security page of the deployment you want to use as a remote under the name Proxy Address. Also, using the API, this can be obtained from the elasticsearch resource info, concatenating the fields metadata.endpoint and metadata.ports.transport_passthrough using a semicolon.
  • Seeds: This field is an array that must contain only one value, which is the server name that can be found on the Security page of the {s} deployment you want to use as a remote concatenated with :1. Also, using the API, this can be obtained from the Elasticsearch resource info, concatenating the fields metadata.endpoint and 1 with a semicolon.
  • Mode: sniff (or empty, since sniff is the default value)

This is an example of the API call to _cluster/settings:

{
  "persistent": {
    "cluster": {
      "remote": {
        "my-remote-cluster-1": {
          "seeds": [
            "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io:1"
          ],
          "proxy": "a542184a7a7d45b88b83f95392f450ab.192.168.44.10.ip.es.io:9400"
        }
      }
    }
  }
}

Using the Elasticsearch Service RESTful APIedit

The following PUT request configures a remote cluster which also lives inside Elasticsearch Service and belongs to the same organization (for other scenarios, the Elasticsearch API should be used instead):

curl -H 'Content-Type: application/json' -X PUT -H "Authorization: ApiKey $EC_API_KEY" https://api.elastic-cloud.com/api/v1/deployments/$DEPLOYMENT_ID/elasticsearch/$REF_ID/remote-clusters -d '
{
  "resources" : [
    {
      "deployment_id": "$DEPLOYMENT_ID_REMOTE",
      "elasticsearch_ref_id": "$REF_ID_REMOTE",
      "alias": "alias-your-remote",
      "skip_unavailable" : true
    }
  ]
}'
DEPLOYMENT_ID_REMOTE
The ID of your remote deployment, as shown in the Cloud UI or obtained through the API.
REF_ID_REMOTE
The unique ID of the Elasticsearch resources inside your remote deployment (you can obtain these values through the API).

Note the following when using the Elasticsearch Service RESTful API:

  1. A cluster alias must contain only letters, numbers, dashes (-), or underscores (_).
  2. To learn about skipping disconnected clusters, refer to the Elasticsearch documentation.
  3. When remote clusters are already configured for a deployment, the PUT request replaces the existing configuration with the new configuration passed. Passing an empty array of resources will remove all remote clusters.

The following API request retrieves the remote clusters configuration:

curl -X GET -H "Authorization: ApiKey $EC_API_KEY" https://api.elastic-cloud.com/api/v1/deployments/$DEPLOYMENT_ID/elasticsearch/$REF_ID/remote-clusters

The response will include just the remote clusters from the same organization in Elasticsearch Service. In order to obtain the whole list of remote clusters, use Kibana or the Elasticsearch API Elasticsearch API directly.

Configure a self-managed cluster as the remote cluster of an Elasticsearch Service clusteredit

  1. Configure both the local cluster and the remote cluster in your environment to trust each other. The steps are different depending on where the local and remote cluster live.
  2. Open the Kibana main menu, and select Stack Management > Data > Remote Clusters > Add a remote cluster.
  3. To add a self-managed remote cluster, fill in the fields. You may need to use sniff mode or the proxy mode depending on the topology of your self-managed cluster and your network configuration. Find more details in the remote clusters documentation.

Enable CCR and the Remote Clusters UI in Kibanaedit

If your deployment was created before February 2021, CCR won’t be enabled and you won’t find the Remote Clusters UI in Kibana even though your deployment meets all the criteria.

To enable these features, go to the Security page of your deployment and under Trust management select Enable CCR.

CCR is not supported for indices used by Enterprise Search.

Remote clusters and traffic filteringedit

For remote clusters configured using TLS certificate authentication, traffic filtering can be enabled to restrict access to deployments that are used as a local or remote cluster without any impact to cross-cluster search or cross-cluster replication.