Strona główna Odkrywaj Pomoc
Zaloguj się
lqb
/
elasticsearch
kopia lustrzana https://gitee.com/mirrors/elasticsearch.git
1
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: ae3db6042a
Gałęzie Tagi
elasticsearch
/
docs
/
reference
/
modules
/
remote-clusters.asciidoc

remote-clusters.asciidoc 5.1 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117 
  1. [[remote-clusters]]
    2. 

  2. == Remote clusters
    3. 

  3. You can connect a local cluster to other {es} clusters, known as _remote
    4. 

  4. clusters_. Remote clusters can be located in different datacenters or
    5. 

  5. geographic regions, and contain indices or data streams that can be replicated
    6. 

  6. with {ccr} or searched by a local cluster using {ccs}.
    7. 

  7. 

  8. [[remote-clusters-ccr]]
    9. 

  9. [discrete]
    10. 

  10. === {ccr-cap}
    11. 

  11. 

  12. With <<xpack-ccr,{ccr}>>, you ingest data to an index on a remote cluster. This
    13. 

  13. _leader_ index is replicated to one or more read-only _follower_ indices on your
    14. 

  14. local cluster. Creating a multi-cluster architecture with {ccr} enables you to
    15. 

  15. configure disaster recovery, bring data closer to your users, or establish a
    16. 

  16. centralized reporting cluster to process reports locally.
    17. 

  17. 

  18. [[remote-clusters-ccs]]
    19. 

  19. [discrete]
    20. 

  20. === {ccs-cap}
    21. 

  21. 

  22. <<modules-cross-cluster-search,{ccs-cap}>> enables you to run a search request
    23. 

  23. against one or more remote clusters. This capability provides each region with a
    24. 

  24. global view of all clusters, allowing you to send a search request from a local
    25. 

  25. cluster and return results from all connected remote clusters. For full {ccs}
    26. 

  26. capabilities, the local and remote cluster must be on the same
    27. 

  27. {subscriptions}[subscription level].
    28. 

  28. 

  29. [[add-remote-clusters]]
    30. 

  30. [discrete]
    31. 

  31. === Add remote clusters
    32. 

  32. 

  33. NOTE: The instructions that follow describe how to create a remote connection from a
    34. 

  34. self-managed cluster. You can also set up {ccs} and {ccr} from an
    35. 

  35. link:https://www.elastic.co/guide/en/cloud/current/ec-enable-ccs.html[{ess} deployment]
    36. 

  36. or from an link:https://www.elastic.co/guide/en/cloud-enterprise/current/ece-enable-ccs.html[{ece} deployment].
    37. 

  37. 

  38. To add remote clusters, you can choose between
    39. 

  39. <<remote-clusters-security-models,two security models>> and
    40. 

  40. <<sniff-proxy-modes,two connection modes>>. Both security models are compatible
    41. 

  41. with either of the connection modes.
    42. 

  42. 

  43. [[remote-clusters-security-models]]
    44. 

  44. [discrete]
    45. 

  45. ==== Security models
    46. 

  46. 

  47. API key based security model::
    48. 

  48. For clusters on version 8.14 or later, you can use an API key to authenticate
    49. 

  49. and authorize cross-cluster operations to a remote cluster. This model offers
    50. 

  50. administrators of both the local and the remote cluster fine-grained access
    51. 

  51. controls. <<remote-clusters-api-key>>.
    52. 

  52. 

  53. Certificate based security model::
    54. 

  54. Uses mutual TLS authentication for cross-cluster operations. User authentication
    55. 

  55. is performed on the local cluster and a user's role names are passed to the
    56. 

  56. remote cluster. In this model, a superuser on the local cluster gains total read
    57. 

  57. access to the remote cluster, so it is only suitable for clusters that are in
    58. 

  58. the same security domain. <<remote-clusters-cert>>.
    59. 

  59. 

  60. [[sniff-proxy-modes]]
    61. 

  61. [discrete]
    62. 

  62. ==== Connection modes
    63. 

  63. 

  64. [[sniff-mode]]
    65. 

  65. Sniff mode::
    66. 

  66. In sniff mode, a cluster alias is registered with a name of your choosing and a
    67. 

  67. list of addresses of _seed_ nodes specified with the
    68. 

  68. `cluster.remote.<cluster_alias>.seeds` setting. When you register a remote
    69. 

  69. cluster using sniff mode, {es} retrieves from one of the seed nodes the
    70. 

  70. addresses of up to three _gateway nodes_. Each `remote_cluster_client` node in
    71. 

  71. the local {es} cluster then opens several TCP connections to the publish
    72. 

  72. addresses of the gateway nodes. This mode therefore requires that the gateway
    73. 

  73. nodes' publish addresses are accessible to nodes in the local cluster.
    74. 

  74. +
    75. 

  75. Sniff mode is the default connection mode. See <<remote-cluster-sniff-settings>>
    76. 

  76. for more information about configuring sniff mode.
    77. 

  77. +
    78. 

  78. [[gateway-nodes-selection]]
    79. 

  79. The _gateway nodes_ selection depends on the following criteria:
    80. 

  80. +
    81. 

  81. * *version*: Remote nodes must be compatible with the cluster they are
    82. 

  82. registered to.
    83. 

  83. * *role*: By default, any non-<<master-node-role,master-eligible>> node can act as a
    84. 

  84. gateway node. Dedicated master nodes are never selected as gateway nodes.
    85. 

  85. * *attributes*: You can define the gateway nodes for a cluster by setting
    86. 

  86. <<cluster-remote-node-attr,`cluster.remote.node.attr.gateway`>> to `true`.
    87. 

  87. However, such nodes still have to satisfy the two above requirements.
    88. 

  88. 

  89. [[proxy-mode]]
    90. 

  90. Proxy mode::
    91. 

  91. In proxy mode, a cluster alias is registered with a name of your choosing and
    92. 

  92. the address of a TCP (layer 4) reverse proxy specified with the
    93. 

  93. `cluster.remote.<cluster_alias>.proxy_address` setting. You must configure this
    94. 

  94. proxy to route connections to one or more nodes of the remote cluster. When you
    95. 

  95. register a remote cluster using proxy mode, {es} opens several TCP connections
    96. 

  96. to the proxy address and uses these connections to communicate with the remote
    97. 

  97. cluster. In proxy mode {es} disregards the publish addresses of the remote
    98. 

  98. cluster nodes which means that the publish addresses of the remote cluster
    99. 

  99. nodes need not be accessible to the local cluster.
    100. 

  100. +
    101. 

  101. Proxy mode is not the default connection mode, so you must set
    102. 

  102. `cluster.remote.<cluster_alias>.mode: proxy` to use it. See
    103. 

  103. <<remote-cluster-proxy-settings>> for more information about configuring proxy
    104. 

  104. mode.
    105. 

  105. +
    106. 

  106. Proxy mode has the same <<gateway-nodes-selection, version compatibility
    107. 

  107. requirements>> as sniff mode.
    108. 

  108. 

  109. include::cluster/remote-clusters-api-key.asciidoc[]
    110. 

  110. 

  111. include::cluster/remote-clusters-cert.asciidoc[]
    112. 

  112. 

  113. include::cluster/remote-clusters-migration.asciidoc[]
    114. 

  114. 

  115. include::cluster/remote-clusters-settings.asciidoc[]
    116. 

  116. 

  117. include::cluster/remote-clusters-troubleshooting.asciidoc[]
    118.