Cross Cluster Search using ELBs of remote ES cluster

Hi

I have 2 elastic search clusters.

Both cluster have ELBs for datanode & co-ordinator nodes set as the number of nodes can be increased/decreased. As we have deployed ELK stack in AWS cloud and do rehydration every 30 days, the IP address will change.

Hence, we would like to use ELBs names for logstash & kibana to connect to the Elastic search cluster.

But as per the elastic search cross cluster documentation, we need specify the clusters & their seeds.

search:
remote:
local_cluster:
seeds: 127.0.0.1:9300
dev_cluster:
seeds: 127.0.0.1:9301

My questions here are:

  1. How can we specify ELB ( AWS elastic load balance) here as the 93xx ports are not open on these ELB? As the IP address of Elastic search instance will change in our environment, hence we would like to use ELBs name so that the search request sent to remote clusters are distributed & not coupled with Ip addresses.

  2. How do I pass the credentials of remote cluster in the seed block? there is no clear documentation whether it is support or not. As I'm using X-Pack on both clusters and changed the default password for elastic user, hence I need to know how to pass the credentials in the seed.

  3. How do I search the data in same index name from multiple clusters without specifying cluster-name (specified in the elasticsearch.yml) in the search query...
    I tried below queries and didn't work
    GET /*:indexname/log/_search
    GET /_all:indexname/log/_search

Any answers?

You cannot do 1.
For 2 you do as per https://www.elastic.co/guide/en/x-pack/current/cross-cluster-configuring.html, then you authenticate the HTTP request, not the cross-cluster request.
3, you need to do something like this, assuming you are requesting via local_cluster;

GET /dev_cluster:indexname,indexname/log/_search

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.