[[modules-remote-clusters]] == Remote clusters The _remote clusters_ functionality enables you to establish unidirectional connections to a remote cluster. Remote clusters are required for <> and <>. Remote cluster connections work by configuring a remote cluster and connecting to a limited number of nodes in that remote cluster. There are two modes for remote cluster connections: <> and <>. Communication with a remote cluster uses the <> to establish a number of <> TCP connections from the coordinating nodes of the local cluster to the chosen nodes in the remote cluster. [discrete] [[sniff-mode]] === Sniff mode In sniff mode, a cluster is created using a name and a list of seed nodes. When a remote cluster is registered, its cluster state is retrieved from one of the seed nodes and up to three _gateway nodes_ are selected as part of remote cluster requests. This mode requires that the gateway node's publish addresses are accessible by the local cluster. Sniff mode is the default connection mode. [discrete] [[gateway-nodes-selection]] ==== Gateway nodes selection The _gateway nodes_ selection depends on the following criteria: - *version*: Remote nodes must be compatible with the cluster they are registered to. This is subject to rules that are similar to those for <>. Any node can communicate with any other node on the same major version (e.g. 7.0 can talk to any 7.x node). Only nodes on the last minor version of a certain major version can communicate with nodes on the following major version. Note that in the 6.x series, 6.8 can communicate with any 7.x node, while 6.7 can only communicate with 7.0. Version compatibility is symmetric, meaning that if 6.7 can communicate with 7.0, 7.0 can also communicate with 6.7. The matrix below summarizes compatibility as described above. // tag::remote-cluster-compatibility-matrix[] [cols="^,^,^,^,^,^,^,^"] |==== | 7+^h| Local cluster h| Remote cluster | 5.0->5.5 | 5.6 | 6.0->6.6 | 6.7 | 6.8 | 7.0 | 7.1->7.x | 5.0->5.5 | {yes-icon} | {yes-icon} | {no-icon} | {no-icon} | {no-icon} | {no-icon} | {no-icon} | 5.6 | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {no-icon} | {no-icon} | 6.0->6.6 | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {no-icon} | {no-icon} | 6.7 | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {no-icon} | 6.8 | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | 7.0 | {no-icon} | {no-icon} | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} | {yes-icon} | 7.1->7.x | {no-icon} | {no-icon} | {no-icon} | {no-icon} | {yes-icon} | {yes-icon} | {yes-icon} |==== // end::remote-cluster-compatibility-matrix[] - *role*: Dedicated master nodes never get selected. - *attributes*: You can tag which nodes should be selected (see <>), though such tagged nodes still have to satisfy the two above requirements. [discrete] [[proxy-mode]] === Proxy mode In proxy mode, a cluster is created using a name and a single proxy address. When a remote cluster is registered, a configurable number of socket connections are opened to the proxy address. The proxy is required to route those connections to the remote cluster. Proxy mode does not require remote cluster nodes to have accessible publish addresses. The proxy mode is not the default connection mode and must be configured. Similar to the sniff <>, the remote connections are subject to the same version compatibility rules as <>. [discrete] [[configuring-remote-clusters]] ==== Configuring remote clusters You can configure remote clusters globally by using <>, which you can update dynamically. Alternatively, you can configure them locally on individual nodes by using the `elasticsearch.yml` file. If you specify the settings in `elasticsearch.yml` files, only the nodes with those settings can connect to the remote cluster. In other words, functionality that relies on remote cluster requests must be driven specifically from those nodes. For example: [source,yaml] -------------------------------- cluster: remote: cluster_one: <1> seeds: 127.0.0.1:9300 <2> transport.ping_schedule: 30s <3> cluster_two: <1> mode: sniff <4> seeds: 127.0.0.1:9301 <2> transport.compress: true <5> skip_unavailable: true <6> cluster_three: <1> mode: proxy <4> proxy_address: 127.0.0.1:9302 <7> -------------------------------- <1> `cluster_one`, `cluster_two`, and `cluster_three` are arbitrary _cluster aliases_ representing the connection to each cluster. These names are subsequently used to distinguish between local and remote indices. <2> The hostname and <> port (default: 9300) of a seed node in the remote cluster. <3> A keep-alive ping is configured for `cluster_one`. <4> The configured connection mode. By default, this is <>, so the mode is implicit for `cluster_one`. However, it can be explicitly configured as demonstrated by `cluster_two` and must be explicitly configured for <> as demonstrated by `cluster_three`. <5> Compression is explicitly enabled for requests to `cluster_two`. <6> Disconnected remote clusters are optional for `cluster_two`. <7> The address for the proxy endpoint used to connect to `cluster_three`. For more information about the optional transport settings, see <>. If you use <>, the remote clusters are available on every node in the cluster. For example: [source,console] -------------------------------- PUT _cluster/settings { "persistent": { "cluster": { "remote": { "cluster_one": { "seeds": [ "127.0.0.1:9300" ], "transport.ping_schedule": "30s" }, "cluster_two": { "mode": "sniff", "seeds": [ "127.0.0.1:9301" ], "transport.compress": true, "skip_unavailable": true }, "cluster_three": { "mode": "proxy", "proxy_address": "127.0.0.1:9302" } } } } } -------------------------------- // TEST[setup:host] // TEST[s/127.0.0.1:9300/\${transport_host}/] You can dynamically update the compression and ping schedule settings. However, you must re-include seeds or `proxy_address` in the settings update request. For example: [source,console] -------------------------------- PUT _cluster/settings { "persistent": { "cluster": { "remote": { "cluster_one": { "seeds": [ "127.0.0.1:9300" ], "transport.ping_schedule": "60s" }, "cluster_two": { "mode": "sniff", "seeds": [ "127.0.0.1:9301" ], "transport.compress": false }, "cluster_three": { "mode": "proxy", "proxy_address": "127.0.0.1:9302", "transport.compress": true } } } } } -------------------------------- // TEST[continued] NOTE: When the compression or ping schedule settings change, all the existing node connections must close and re-open, which can cause in-flight requests to fail. A remote cluster can be deleted from the cluster settings by setting its settings to `null` : [source,console] -------------------------------- PUT _cluster/settings { "persistent": { "cluster": { "remote": { "cluster_two": { <1> "mode": null, "seeds": null, "skip_unavailable": null, "transport": { "compress": null } } } } } } -------------------------------- // TEST[continued] <1> `cluster_two` would be removed from the cluster settings, leaving `cluster_one` and `cluster_three` intact. [discrete] [[remote-cluster-settings]] === Remote cluster settings for all modes These settings apply to both <> and <>. <> and <> are described below. `cluster.remote..mode`:: The mode used for a remote cluster connection. The only supported modes are `sniff` and `proxy`. `cluster.remote.initial_connect_timeout`:: The time to wait for remote connections to be established when the node starts. The default is `30s`. `node.remote_cluster_client`:: By default, any node in the cluster can act as a cross-cluster client and connect to remote clusters. The `node.remote_cluster_client` setting can be set to `false` (defaults to `true`) to prevent certain nodes from connecting to remote clusters. Remote cluster requests must be sent to a node that is allowed to act as a cross-cluster client. `cluster.remote..skip_unavailable`:: Per cluster boolean setting that allows to skip specific clusters when no nodes belonging to them are available and they are the target of a remote cluster request. Default is `false`, meaning that all clusters are mandatory by default, but they can selectively be made optional by setting this setting to `true`. `cluster.remote..transport.ping_schedule`:: Sets the time interval between regular application-level ping messages that are sent to ensure that transport connections to nodes belonging to remote clusters are kept alive. If set to `-1`, application-level ping messages to this remote cluster are not sent. If unset, application-level ping messages are sent according to the global `transport.ping_schedule` setting, which defaults to `-1` meaning that pings are not sent. `cluster.remote..transport.compress`:: Per cluster boolean setting that enables you to configure compression for requests to a specific remote cluster. This setting impacts only requests sent to the remote cluster. If the inbound request is compressed, Elasticsearch compresses the response. If unset, the global `transport.compress` is used as the fallback setting. [discrete] [[remote-cluster-sniff-settings]] === Remote cluster settings for sniff mode `cluster.remote..seeds`:: The list of seed nodes used to sniff the remote cluster state. `cluster.remote..node_connections`:: The number of gateway nodes to connect to for this remote cluster. The default is `3`. `cluster.remote.node.attr`:: A node attribute to filter out nodes that are eligible as a gateway node in the remote cluster. For instance a node can have a node attribute `node.attr.gateway: true` such that only nodes with this attribute will be connected to if `cluster.remote.node.attr` is set to `gateway`. [discrete] [[remote-cluster-proxy-settings]] === Remote cluster settings for proxy mode `cluster.remote..proxy_address`:: The address used for all remote connections. `cluster.remote..proxy_socket_connections`:: The number of socket connections to open per remote cluster. The default is `18`. [role="xpack"] `cluster.remote..server_name`:: An optional hostname string which is sent in the `server_name` field of the TLS Server Name Indication extension if <>. The TLS transport will fail to open remote connections if this field is not a valid hostname as defined by the TLS SNI specification. [discrete] [[retrieve-remote-clusters-info]] === Retrieving remote clusters info You can use the <> to retrieve information about the configured remote clusters, as well as the remote nodes that the node is connected to.