Open
Description
Summary
We are interested in implementing a proxy connection mode for remote cluster connections. Instead of sniffing the remote cluster and connecting directly to specific nodes, this connection mode will open single channel connections to the remote cluster with no regard for the identity of the remote node. This will allow an intermediate proxy to make the routing decisions.
Tasks
- Introduce a variable connection strategy that allows for multiple implementations (Extract remote "sniffing" to connection strategy #47253)
- Introduce proxy connection strategy which opens socket connections to the remote cluster (Introduce simple remote connection strategy #47480)
- Modify remote cluster service so that the connection strategy decides whether connections need to be rebuilt on setting updates (Make remote setting updates support diff strategies #47891)
- Add setting to configure the proxy address (Allow simple connection strategy to be configured #49066)
- Add setting to configure number of proxy socket connections (Allow simple connection strategy to be configured #49066)
- Introduce a new max connection setting that identifies it is only relevant to the sniff mode (Allow simple connection strategy to be configured #49066)
- Connect the proxy connection mode to the remote cluster service and register settings (Add the simple strategy to cluster settings #49414)
- Add setting validation to ensure that proxy settings cannot be configured if sniff mode is chosen and vice versa (Add the simple strategy to cluster settings #49414)
- All appropriate settings (addresses, connection count, etc ) can be dynamically updatable (Ensure remote strategy settings can be updated #49772)
- Update remote cluster stats to support the proxy mode (Update remote cluster stats to support simple mode #49961)
- Add hostname as server_name attribute if configured appropriately (Send hostname in SNI header in simple remote mode #50247)
- Ensure all the fallback settings are tested
7.6.1/7.7
- Update documentation for new sniff settings
- Update documentation to expose new proxy settings
Future:
- Deprecate generic seed node and max number of connections settings
- Add setting upgraders for 7.x->8.0
Usage
To enable this mode the following settings must be configured:
// The mode defaults to sniff, so proxy must explicitly be configured
cluster.remote.test_remote_cluster.mode: "proxy"
// The proxy address is required
cluster.remote.test_remote_cluster.proxy_address: "localhost:9300"
// Optional, defaults to 18
cluster.remote.test_remote_cluster.proxy_socket_connections: 18
// Optional, defaults to disabled. If this is set, the Elasticsearch default
// distribution TLS implementation will send the configured hostname in the
// TLS SNI header.
cluster.remote.test_remote_cluster.server_name: "application.example.com"