Have a basic query on the port opening at firewall level for an ECE cluster including external LB
Suppose I have a very small setup with external LB, 3 each (proxy (3), director (3), ES master (3), kibana_server(3)) and rest servers are data nodes. Each allocators are holding these roles ie. allocator1 VM will have - ES_master1 container, allocator2 VM will have ES_master2 container and allocator3 VM will have ES_master3 container. Proxy & directors are separate instances. Rest other allocators will have different data nodes for example. In my scenario all my internal ports are open for example, so I need to only think about external ports opening only from any source to ECE. Appreciate your help
I went through the URL https://www.elastic.co/guide/en/cloud-enterprise/current/ece_inbound_traffic.html but still have some queries
For all incoming remote log data from any source via beats agents to ECE cluster.
A) do we specify the "proxy-hostname:ES_port" (proxyserver1:9243, proxyserver2:9243, proxyserver3:9243) in the Elasticsearch output config of all the beats agents or ? I assume if we mention proxy server details then all those incoming log data will be automatically forwarded internally from proxy servers to all available elasticsearch cluster. Is my assumption correct?
B) or we need to mention "ES_Hostname:9243" directly (es_hostname1:9243, es_hostname2:9243, es_hostname3:9243) in the Elasticsearch output config of all the beats agents or ? If we mention elasticsearch host and port in the beats config then what will be the role of Proxy & LB in ECE cluster for all incoming connections,
C) we need to mention the "LB:9243" (LB1:9243, LB2:9243) in the Elasticsearch output of all the beats agents ? Is it correct to mention LB:port in the beats config under elasticsearch output? because I assume the request will hit LB, then it will forward it to proxy and then further internally to elasticsearch
- Accessing kibana portal from any source, should we hit LB:9343 - I assume the LB further will redirect the request to proxy and later to kibana automatically and no need fo any manual changes required, is my understanding correct? Basically opening firewall ports at LB level only
LB:9434 --> proxy:9343 --> Kibana:9343.