Cross cluster Search

kvmuralidhar · April 21, 2021, 5:23pm

Hi.

Has anyone implemented CCS between Elastic running on GCP or AWS and on on-prem hardware ?

I am getting a connection refused error message when I try to add a remote cluster running on GCP or AWS.

Thanks
Murali

warkolm · April 21, 2021, 11:14pm

What is the error?
What does your config look like?
What version(s) are you running?

kvmuralidhar · April 22, 2021, 12:53pm

Hi Mark,

I am running version 7.12 of ElasticStack in AWS as well as on my machine. Configured both installations as follows:

Enabled security for xpack, http.security, transport.security
Generated keys, certs

When I try to add the remote cluster in Kibana, I do not see any activity on the remote cluster elastic logs but the local cluster on my workstation shows this error.

[2021-04-22T08:38:34,838][WARN ][o.e.t.SniffConnectionStrategy] [node2] fetching nodes from external cluster [myremotecluster] failed org.elasticsearch.transport.ConnectTransportException: [][remoteip:9243] handshake_timeout[30s]

On AWS, I have allowed inbound communication on ports between 9200-9400 from any ip.

Thanks
Murali

kvmuralidhar · April 22, 2021, 8:31pm

Hi Mark,

I am trying the same setup with Elastic Cloud running on GCP and my workstation.
a) Created a deployment
b) Exported the certificates of the deployment (server, intermediate and root) and added them to a cabundle.pem file
c) Updated the local elasticsearch config to use the cabundle.pem file
d) Tried to add the elasticsearch URL as a remote cluster and got the following error.

[2021-04-22T16:19:36,945][WARN ][o.e.t.SniffConnectionStrategy] [node2] fetching nodes from external cluster [test] failed
org.elasticsearch.transport.ConnectTransportException: [][35.193.143.25:9343] general node connection failure
        at org.elasticsearch.transport.TcpTransport$ChannelsConnectedListener.lambda$onResponse$2(TcpTransport.java:958) ~[elasticsearch-7.12.0.jar:7.12.0]

Caused by: java.lang.IllegalStateException: handshake failed
        ... 40 more
Caused by: org.elasticsearch.transport.RemoteTransportException: [Failed to deserialize exception response from stream for handler [org.elasticsearch.transport.TransportHandshaker$HandshakeResponseHandler@7d334b6f]]

Any help would be very much appreciated.

Thanks
Murali

kvmuralidhar · April 29, 2021, 4:40pm

For CCS setup between AWS and local elastic instance, we need to use the proxy mode instead of the default sniff mode.

This helped with a successful remote cluster configuration :-).

Thanks
Murali

system · May 27, 2021, 4:41pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.