Hello,
I'm quite new to Elasticsearch. I have installed two Elasticsearch clusters consisting of 3x master node and 3x data node each. On one master node on each cluster I'm running Kibana. I'm using https and transport ssl (both default ports 9200 & 9300).
I have activated trial license before customer will provide platinum one to be able to enable cross-cluster replication. However when I try to add new remote-cluster in Kibana (using 3x master nodes of the remote cluster as seeds), there is no error when saving it, but also no remote cluster is displayed in Stack Management -> Remote Cluster. When I try to do the same via PUT _cluster/settings request, it gets acknowledged without error. But when I try to check remote cluster via GET _remote/info?pretty, I'm getting empty brackets { }, so similar behaviour like in Kibana. Both clusters are using the same root CA certificate.
Example of elasticsearch.yml used on one of the follower cluster master nodes (same config used across both clusters except node roles):
cluster.name: elasticsearch_follower_cluster
node.name: hostname31_master
node.master: true
node.data: false
node.ingest: false
node.ml: False
xpack.ml.enabled: False
cluster.remote.connect: False
path.data: /data/elasticsearch
path.logs: /data/logs/elasticsearch
bootstrap.memory_lock: True
network.host: x.x.x.118
http.port: 9200
discovery.seed_hosts: ['x.x.x.117', 'x.x.x.118', 'x.x.x.119']
cluster.initial_master_nodes: ['hostname36_master', 'hostname31_master', 'hostname32_master']
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /data/apps/elasticsearch/config/certs/hostname20_master.p12
xpack.security.http.ssl.truststore.path: /data/apps/elasticsearch/config/certs/ca.p12
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /data/apps/elasticsearch/config/certs/hostname20_master.p12
xpack.security.transport.ssl.truststore.path: /data/apps/elasticsearch/config/certs/ca.p12
Example of my add remote cluster request:
PUT _cluster/settings
{
"persistent": {
"cluster": {
"remote": {
"elasticsearch_leader_cluster": {
"skip_unavailable": false,
"mode": "sniff",
"proxy_address": null,
"proxy_socket_connections": null,
"server_name": null,
"seeds": [
"x.x.x.109:9300",
"x.x.x.113:9300",
"x.x.x.110:9300"
],
"node_connections": 3
}
}
}
}
Interesting thing is, that output of GET _cluster/settings?include_defaults=true&pretty is showing the remote cluster:
elasticsearch@hostname31:~> curl -X GET --cacert /etc/kibana/certs/ca.pem -u elastic "https://x.x.x.118:9200/_cluster/settings?include_defaults=true&pretty"
Enter host password for user 'elastic':
{
"persistent" : {
"cluster" : {
"remote" : {
"elasticsearch_leader_cluster" : {
"mode" : "sniff",
"skip_unavailable" : "false",
"node_connections" : "3",
"seeds" : [
"x.x.x.109:9300",
"x.x.x.113:9300",
"x.x.x.110:9300"
]
However GET _remote/info is showing:
elasticsearch@hostname31:~> curl -X GET --cacert /etc/kibana/certs/ca.pem -u elastic "https://x.x.x.118:9200/_remote/info?pretty"
Enter host password for user 'elastic':
{ }
And I'm getting these empty { } on both remote and local cluster.
Any ideas? Thank you very much for any suggestions.