OpenSearch/docs/reference/modules/remote-clusters.asciidoc

332 lines
12 KiB
Plaintext
Raw Normal View History

[[modules-remote-clusters]]
== Remote clusters
The _remote clusters_ functionality enables you to establish unidirectional
connections to a remote cluster. Remote clusters are required for
<<xpack-ccr,{ccr}>> and <<modules-cross-cluster-search,{ccs}>>.
Remote cluster connections work by configuring a remote cluster and connecting
to a limited number of nodes in that remote cluster. There are two modes for
remote cluster connections: <<sniff-mode,sniff mode>> and
<<proxy-mode,proxy mode>>.
Communication with a remote cluster uses the <<modules-transport,transport
layer>> to establish a number of <<long-lived-connections,long-lived>> TCP
connections from the coordinating nodes of the local cluster to the chosen
nodes in the remote cluster.
[discrete]
[[sniff-mode]]
=== Sniff mode
In sniff mode, a cluster is created using a name and a list of seed nodes. When
a remote cluster is registered, its cluster state is retrieved from one of the
seed nodes and up to three _gateway nodes_ are selected as part of remote
cluster requests. This mode requires that the gateway node's publish addresses
are accessible by the local cluster.
Sniff mode is the default connection mode.
[discrete]
[[gateway-nodes-selection]]
==== Gateway nodes selection
The _gateway nodes_ selection depends on the following criteria:
- *version*: Remote nodes must be compatible with the cluster they are
registered to. This is subject to rules that are similar to those for
<<rolling-upgrades>>. Any node can communicate with any other node on the same
major version (e.g. 7.0 can talk to any 7.x node). Only nodes on the last minor
version of a certain major version can communicate with nodes on the following
major version. Note that in the 6.x series, 6.8 can communicate with any 7.x
node, while 6.7 can only communicate with 7.0. Version compatibility is
symmetric, meaning that if 6.7 can communicate with 7.0, 7.0 can also
communicate with 6.7. The matrix below summarizes compatibility as described above.
// tag::remote-cluster-compatibility-matrix[]
[cols="^,^,^,^,^,^,^,^"]
|====
| 7+^h| Local cluster
h| Remote cluster | 5.0->5.5 | 5.6 | 6.0->6.6 | 6.7 | 6.8 | 7.0 | 7.1->7.x
| 5.0->5.5 | {yes-icon} | {yes-icon} | {no-icon} | {no-icon} | {no-icon} | {no-icon} | {no-icon}
| 5.6 | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {no-icon} | {no-icon}
| 6.0->6.6 | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {no-icon} | {no-icon}
| 6.7 | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {no-icon}
| 6.8 | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon}
| 7.0 | {no-icon} | {no-icon} | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon}
| 7.1->7.x | {no-icon} | {no-icon} | {no-icon} | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon}
|====
// end::remote-cluster-compatibility-matrix[]
- *role*: Dedicated master nodes never get selected.
- *attributes*: You can tag which nodes should be selected
(see <<remote-cluster-settings>>), though such tagged nodes still have
to satisfy the two above requirements.
[discrete]
[[proxy-mode]]
=== Proxy mode
In proxy mode, a cluster is created using a name and a single proxy address. When
a remote cluster is registered, a configurable number of socket connections are
opened to the proxy address. The proxy is required to route those connections to
the remote cluster. Proxy mode does not require remote cluster nodes to have
accessible publish addresses.
The proxy mode is not the default connection mode and must be configured. Similar
to the sniff <<gateway-nodes-selection,gateway nodes>>, the remote
connections are subject to the same version compatibility rules as
<<rolling-upgrades>>.
[discrete]
[[configuring-remote-clusters]]
==== Configuring remote clusters
You can configure remote clusters globally by using
<<cluster-update-settings,cluster settings>>, which you can update dynamically.
Alternatively, you can configure them locally on individual nodes by using the
`elasticsearch.yml` file.
If you specify the settings in `elasticsearch.yml` files, only the nodes with
those settings can connect to the remote cluster. In other words, functionality
that relies on remote cluster requests must be driven specifically from those
nodes. For example:
[source,yaml]
--------------------------------
cluster:
remote:
cluster_one: <1>
seeds: 127.0.0.1:9300 <2>
transport.ping_schedule: 30s <3>
cluster_two: <1>
mode: sniff <4>
seeds: 127.0.0.1:9301 <2>
transport.compress: true <5>
skip_unavailable: true <6>
cluster_three: <1>
mode: proxy <4>
proxy_address: 127.0.0.1:9302 <7>
--------------------------------
<1> `cluster_one`, `cluster_two`, and `cluster_three` are arbitrary _cluster aliases_
representing the connection to each cluster. These names are subsequently used to
distinguish between local and remote indices.
<2> The hostname and <<modules-transport,transport>> port (default: 9300) of a
seed node in the remote cluster.
<3> A keep-alive ping is configured for `cluster_one`.
<4> The configured connection mode. By default, this is <<sniff-mode,`sniff`>>, so
the mode is implicit for `cluster_one`. However, it can be explicitly configured
as demonstrated by `cluster_two` and must be explicitly configured for
<<proxy-mode,proxy mode>> as demonstrated by `cluster_three`.
<5> Compression is explicitly enabled for requests to `cluster_two`.
<6> Disconnected remote clusters are optional for `cluster_two`.
<7> The address for the proxy endpoint used to connect to `cluster_three`.
For more information about the optional transport settings, see
<<modules-transport>>.
If you use <<cluster-update-settings,cluster settings>>, the remote clusters
are available on every node in the cluster. For example:
[source,console]
--------------------------------
PUT _cluster/settings
{
"persistent": {
"cluster": {
"remote": {
"cluster_one": {
"seeds": [
"127.0.0.1:9300"
],
"transport.ping_schedule": "30s"
},
"cluster_two": {
"mode": "sniff",
"seeds": [
"127.0.0.1:9301"
],
"transport.compress": true,
"skip_unavailable": true
},
"cluster_three": {
"mode": "proxy",
"proxy_address": "127.0.0.1:9302"
}
}
}
}
}
--------------------------------
// TEST[setup:host]
// TEST[s/127.0.0.1:9300/\${transport_host}/]
You can dynamically update the compression and ping schedule settings. However,
you must re-include seeds or `proxy_address` in the settings update request.
For example:
[source,console]
--------------------------------
PUT _cluster/settings
{
"persistent": {
"cluster": {
"remote": {
"cluster_one": {
"seeds": [
"127.0.0.1:9300"
],
"transport.ping_schedule": "60s"
},
"cluster_two": {
"mode": "sniff",
"seeds": [
"127.0.0.1:9301"
],
"transport.compress": false
},
"cluster_three": {
"mode": "proxy",
"proxy_address": "127.0.0.1:9302",
"transport.compress": true
}
}
}
}
}
--------------------------------
// TEST[continued]
NOTE: When the compression or ping schedule settings change, all the existing
node connections must close and re-open, which can cause in-flight requests to
fail.
A remote cluster can be deleted from the cluster settings by setting its settings to `null` :
[source,console]
--------------------------------
PUT _cluster/settings
{
"persistent": {
"cluster": {
"remote": {
"cluster_two": { <1>
"mode": null,
"seeds": null,
"skip_unavailable": null,
"transport": {
"compress": null
}
}
}
}
}
}
--------------------------------
// TEST[continued]
<1> `cluster_two` would be removed from the cluster settings, leaving
`cluster_one` and `cluster_three` intact.
[discrete]
[[remote-cluster-settings]]
=== Remote cluster settings for all modes
These settings apply to both <<sniff-mode,sniff mode>> and
<<proxy-mode,proxy mode>>. <<remote-cluster-sniff-settings,Sniff mode settings>>
and <<remote-cluster-proxy-settings,proxy mode settings>> are described below.
`cluster.remote.<cluster_alias>.mode`::
The mode used for a remote cluster connection. The only supported modes are
`sniff` and `proxy`.
`cluster.remote.initial_connect_timeout`::
The time to wait for remote connections to be established when the node
starts. The default is `30s`.
`node.remote_cluster_client`::
By default, any node in the cluster can act as a cross-cluster client and
connect to remote clusters. The `node.remote_cluster_client` setting can be
set to `false` (defaults to `true`) to prevent certain nodes from connecting
to remote clusters. Remote cluster requests must be sent to a node that is
allowed to act as a cross-cluster client.
`cluster.remote.<cluster_alias>.skip_unavailable`::
Per cluster boolean setting that allows to skip specific clusters when no
nodes belonging to them are available and they are the target of a remote
cluster request. Default is `false`, meaning that all clusters are mandatory
by default, but they can selectively be made optional by setting this setting
to `true`.
`cluster.remote.<cluster_alias>.transport.ping_schedule`::
Sets the time interval between regular application-level ping messages that
are sent to ensure that transport connections to nodes belonging to remote
clusters are kept alive. If set to `-1`, application-level ping messages to
this remote cluster are not sent. If unset, application-level ping messages
are sent according to the global `transport.ping_schedule` setting, which
defaults to `-1` meaning that pings are not sent.
`cluster.remote.<cluster_alias>.transport.compress`::
Per cluster boolean setting that enables you to configure compression for
requests to a specific remote cluster. This setting impacts only requests
sent to the remote cluster. If the inbound request is compressed,
Elasticsearch compresses the response. If unset, the global
`transport.compress` is used as the fallback setting.
[discrete]
[[remote-cluster-sniff-settings]]
=== Remote cluster settings for sniff mode
`cluster.remote.<cluster_alias>.seeds`::
The list of seed nodes used to sniff the remote cluster state.
`cluster.remote.<cluster_alias>.node_connections`::
The number of gateway nodes to connect to for this remote cluster. The default
is `3`.
`cluster.remote.node.attr`::
A node attribute to filter out nodes that are eligible as a gateway node in
the remote cluster. For instance a node can have a node attribute
`node.attr.gateway: true` such that only nodes with this attribute will be
connected to if `cluster.remote.node.attr` is set to `gateway`.
[discrete]
[[remote-cluster-proxy-settings]]
=== Remote cluster settings for proxy mode
`cluster.remote.<cluster_alias>.proxy_address`::
The address used for all remote connections.
`cluster.remote.<cluster_alias>.proxy_socket_connections`::
The number of socket connections to open per remote cluster. The default is
`18`.
[role="xpack"]
`cluster.remote.<cluster_alias>.server_name`::
An optional hostname string which is sent in the `server_name` field of
the TLS Server Name Indication extension if
<<configuring-tls,TLS is enabled>>. The TLS transport will fail to open
remote connections if this field is not a valid hostname as defined by the
TLS SNI specification.
[discrete]
[[retrieve-remote-clusters-info]]
=== Retrieving remote clusters info
You can use the <<cluster-remote-info, remote cluster info API>> to retrieve
information about the configured remote clusters, as well as the remote nodes
that the node is connected to.