We are migrating our ES cluster to a new environment (from stand-alone Azure VMs to Service Fabric hosted, updating the OS image, upgrading ES version, adding security etc.). I have my new cluster ready for data and am working through how best to migrate with no downtime on the source cluster.
I had originally considered snapshot and restore, but I realize now that for my preferred method (Azure repository), I need to add a plugin and restart the nodes (which I want to avoid). I am looking now into remote reindex.
My current question is wrt accessing the destination cluster. We have a number of security restrictions on the clusters, but they are different. The source cluster can only be accessed from within it's VNet. The target cluster requires a client certificate to make it through our Azure API Management layer. So, is it possible to have the source cluster use a certificate to access the target cluster (push model)? Otherwise, if it is the target cluster "pulling" the data, I guess I could create a VNet connection to the source cluster.
I'm just curious if there is guidance on how to manage the connection between source and target clusters if they are not in the same network.