Support configuring RCS 2.0 remote cluster without node restart#98120
Closed
ywangd wants to merge 5 commits intoelastic:mainfrom
Closed
Support configuring RCS 2.0 remote cluster without node restart#98120ywangd wants to merge 5 commits intoelastic:mainfrom
ywangd wants to merge 5 commits intoelastic:mainfrom
Conversation
Member
Author
|
@elasticmachine run elasticsearch-ci/part-1 |
Member
Author
|
@elasticmachine update branch |
elasticsearchmachine
pushed a commit
that referenced
this pull request
Dec 8, 2023
This PR enables RCS 2.0 remote clusters to be configured without the
need to restart nodes. It works as the follows (assuming both clusters
are already running):
1. Get a cross-cluster API key for accessing the _remote_ cluster
2. Add cross-cluster API key to keystores of the _local_ cluster, e.g.
```
echo -n xxx | ./bin/elasticsearch-keystore add cluster.remote.my.credentials -x
```
3. Call [ReloadSecureSettings API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html) on the _local_ cluster
4. Configure RCS 2.0 remote cluster should now just work for the _local_ cluster, e.g.
```
PUT /_cluster/settings
{"persistent":{"cluster":{"remote":{"my":{"seeds":["127.0.0.1:9443"]}}}}}
```
This PR does **not** include functionality to automatically re-build
connections on secure settings reload. I will add this in a follow up
PR.
The high level technical approach is to maintain a credentials manager
class and use this to attach credentials for connections to remote
clusters. This
[comment](https://github.com/elastic/elasticsearch/pull/102798/files#r1417708553)
also provides more context on some lower level details.
Relates: #98120 Relates:
ES-6764
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR enables RCS 2.0 remote cluster to be configured without the need to restart nodes. It works as the follows (assuming both clusters are already running):