I have a local cluster. Now I would like to set up a remote cluster to connect to the local cluster. How do I set up the CA certificate on the remote cluster node to make these two cluster to trust each other?
Here is my local cluster Elasticsearch node conf (elasticsearch service has started):
cluster.name: ElasticSearch
node.name: node01
node.roles: [ master, data, ingest, remote_cluster_client ]
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
bootstrap.memory_lock: true
network.host: 0.0.0.0
http.port: 9200
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
xpack.monitoring.exporters.my_local:
type: local
use_ingest: false
discovery.seed_hosts: ["node01", "node02"]
http.host: 0.0.0.0
transport.host: 0.0.0.0
And this is my remote cluster node conf (elasticsearch service has not started, yet):
cluster.name: remote-elasticsearch
node.name: remote01
node.roles: [ master, data, ingest, remote_cluster_client ]
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: full
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
cluster.initial_master_nodes: ["remote01"]
xpack.monitoring.exporters.my_local:
type: local
use_ingest: false
http.host: 0.0.0.0
transport.host: 0.0.0.0
Thank you.