Manage connection between source and target clusters for remote index

We are migrating our ES cluster to a new environment (from stand-alone Azure VMs to Service Fabric hosted, updating the OS image, upgrading ES version, adding security etc.). I have my new cluster ready for data and am working through how best to migrate with no downtime on the source cluster.

I had originally considered snapshot and restore, but I realize now that for my preferred method (Azure repository), I need to add a plugin and restart the nodes (which I want to avoid). I am looking now into remote reindex.

My current question is wrt accessing the destination cluster. We have a number of security restrictions on the clusters, but they are different. The source cluster can only be accessed from within it's VNet. The target cluster requires a client certificate to make it through our Azure API Management layer. So, is it possible to have the source cluster use a certificate to access the target cluster (push model)? Otherwise, if it is the target cluster "pulling" the data, I guess I could create a VNet connection to the source cluster.

I'm just curious if there is guidance on how to manage the connection between source and target clusters if they are not in the same network.


Hi @jthoni ,

Reindex from remote is pull style only, running on the target cluster. It does support client certificates, but it sounds like that will not work out for you.

So some kind of tunnel would be my go to solution.

so far it looks dead simple to do VNet peering between the two VNets. This will make an internal connection between the clusters possible and should work for me.


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.