Cross cluster search support


#1

I’m looking at ReadonlyREST in a cross cluster search situation. I’ve been experimenting with this, and it works as I’d expect, each individual cluster can have its on ReadonlyREST implementation, which doesn’t translate to communications across clusters (Securing C1, you can access with C2’s security rules if querying from C2 against C1).

Only thing that doesn’t seem to work when I tried it initially is specifying indices across clusters - from the cluster that has the connection to the others (clusters aliased as “c1” and “c2”, respectively), it’d be great to be able to specify cluster names and index name patterns explicitly in the “indices” parameters you can set in each block.

That is to say, on my “coordinating_cluster” cluster, I’d like to be able to specify a block that says that groups A, B and C have read access to indices starting with the string “data” on both clusters (“c*:data*”)

Alternatively, I’d want to have an explicit deny for anyone in groups X, Y and Z from accessing data on c2 (“c2:*”)

That kind of thing


(Simone Scarduzio) #2

Just merged this, basically you can write indices rules like this:

 indices: ["cluster1:index1", ".kibana1", "logstash-*" ]

As you can see the “cluster1:” prefix indicates the cluster name are you referring to. You don’t need to install ROR in all the nodes in order for this to work.