I have two similar clusters with TLS configured on each.
What I need to do to connect to each other as remote cluster?
Need I add ca to keystore on each node or what?
What to do with secured HTTPS traffic?
cluster.name: elk1
node.name: ${HOSTNAME}
node.roles: [ master, remote_cluster_client ]
path.data: /opt/elasticsearch/data
path.logs: /opt/elasticsearch/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["172.29.39.141", "172.29.39.142", "172.29.39.143", "172.29.39.144"]
cluster.initial_master_nodes: ["172.29.39.141", "172.29.39.142"]
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: http.p12
indices.breaker.total.use_real_memory : false
cluster.name: elk2
node.name: ${HOSTNAME}
node.roles: [ master, remote_cluster_client ]
path.data: /opt/elasticsearch/data
path.logs: /opt/elasticsearch/logs
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["172.29.39.145", "172.29.39.146", "172.29.39.147", "172.29.39.148"]
cluster.initial_master_nodes: ["172.29.39.145", "172.29.39.146"]
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: http.p12
indices.breaker.total.use_real_memory : false