Cross cluster Search


Has anyone implemented CCS between Elastic running on GCP or AWS and on on-prem hardware ?

I am getting a connection refused error message when I try to add a remote cluster running on GCP or AWS.


What is the error?
What does your config look like?
What version(s) are you running?

Hi Mark,

I am running version 7.12 of ElasticStack in AWS as well as on my machine. Configured both installations as follows:

  • Enabled security for xpack,,
  • Generated keys, certs

When I try to add the remote cluster in Kibana, I do not see any activity on the remote cluster elastic logs but the local cluster on my workstation shows this error.

[2021-04-22T08:38:34,838][WARN ][o.e.t.SniffConnectionStrategy] [node2] fetching nodes from external cluster [myremotecluster] failed org.elasticsearch.transport.ConnectTransportException: [][remoteip:9243] handshake_timeout[30s]

On AWS, I have allowed inbound communication on ports between 9200-9400 from any ip.


Hi Mark,

I am trying the same setup with Elastic Cloud running on GCP and my workstation.
a) Created a deployment
b) Exported the certificates of the deployment (server, intermediate and root) and added them to a cabundle.pem file
c) Updated the local elasticsearch config to use the cabundle.pem file
d) Tried to add the elasticsearch URL as a remote cluster and got the following error.

[2021-04-22T16:19:36,945][WARN ][o.e.t.SniffConnectionStrategy] [node2] fetching nodes from external cluster [test] failed
org.elasticsearch.transport.ConnectTransportException: [][] general node connection failure
        at org.elasticsearch.transport.TcpTransport$ChannelsConnectedListener.lambda$onResponse$2( ~[elasticsearch-7.12.0.jar:7.12.0]

Caused by: java.lang.IllegalStateException: handshake failed
        ... 40 more
Caused by: org.elasticsearch.transport.RemoteTransportException: [Failed to deserialize exception response from stream for handler [org.elasticsearch.transport.TransportHandshaker$HandshakeResponseHandler@7d334b6f]]

Any help would be very much appreciated.


For CCS setup between AWS and local elastic instance, we need to use the proxy mode instead of the default sniff mode.

This helped with a successful remote cluster configuration :-).


1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.