Search

Aug 1, 20213 min read

Setup Multi-Region Elasticsearch cluster with AWS EC2

#aws #implementation #tutorial #elasticsearch #largescale

In your daily work, you might received the request of setting up multi-region Elasticsearch cluster that serves content globally, the cluster have to meet these requirements:

Data Consistency.
High Availability.
Privacy & Security.
Single Endpoint & Easy to use.

Please check below recommended solution.

TL;DR:

Setup VPC & VPC Peering
Setup AWS EC2 & Elasticsearch Installation
Implement ALB for every regions
Configure Route53, Health Check and Geo Location

Step 1: Setup VPC & VPC Peering

Setup VPC

First of all, we need to setup VPC with non-overlapping CIDR as on diagram:

Region us-east-1: 172.16.1.0/24
Region eu-central-1: 172.17.1.0/24
Region ap-southeast-1: 172.18.1.0/24

CIDR have to be non-overlap due to set up VPC Peering and Routing Table

Initiate VPC Peering between the regions, which make mesh network.

IMPORTANT: The Elasticsearch cluster need mesh connections between nodes due to failover & synchronization seemlessly.

Setup VPC Peering

Follow this instruction from official AWS.

There are 3 VPC Peering Connections we have to setup is:

Connection 1: between us-east-1 and eu-central-1
Connection 2: between us-east-1 and ap-southeast-1
Connection 3: between eu-central-1 and ap-southeast-1

If you implement Elasticsearch cluster on 4 regions, you must create 6 VPC Peering Connections. Such as: 4 regions contain us-east-1, eu-central-1, ap-southeast-1, sa-east-1

Connection 1: between us-east-1 and eu-central-1
Connection 2: between us-east-1 and ap-southeast-1
Connection 3: between eu-central-1 and ap-southeast-1
Connection 4: between us-east-1 and sa-east-1
Connection 5: between eu-central-1 and sa-east-1
Connection 6: between ap-souteast-1 and sa-east-1

The fomular is:

Number of VPC Peering Connection Needed = <number_of_regions> Combinations of 2

After this step, please make sure all VPC Peering work properly 100%.

Step 2: Setup AWS EC2 & Elasticsearch Installation

Setup AWS EC2

Follow this instruction from official AWS.

Create these rules in your security group that allow Elasticsearch services running within EC2 can communicate each others for data transfer & synchronization.

Allow from us-east-1 VPC CIDR 172.16.1.0/24 access to port 9200 and 9300 on EC2.
Allow from eu-central-1 VPC CIDR 172.17.1.0/24 acess to port 9200 and 9300 on EC2.
Allow from ap-southeast-1 VPC CIDR 172.18.1.0/24 acess to port 9200 and 9300 on EC2.
Allow from any IP from local subnet of launched EC2 for Application Load Balancer to access to port 9200 on EC2.

Elasticsearch Installation

Before setting up Elasticsearch cluster, we should calculate how many master eligible nodes for cluster, the common fomular is: (N/2)+1

Elasticsearch cluster election process based on quorum-based, so we need +1 to create enough votes due to quick decision in election.

Let see the sample elasticsearch.yml configuration file:

[...]
cluster.name: sample_cluster
network.host: <node_ip>
node.roles: [master, data, voting_only] # it's up to you
[...]
discovery.seed_hosts: ["172.16.1.5:9300", "172.16.1.6:9300", "172.17.1.4:9300", "172.17.1.5:9300", "172.18.1.4:9300", "172.18.1.5:9300"]
cluster.initial_master_nodes: ["172.16.1.5:9300", "172.16.1.6:9300", "172.17.1.4:9300", "172.17.1.5:9300", "172.18.1.4:9300", "172.18.1.5:9300"]

Step 3: Implement ALB for every regions

Follow this instruction from official AWS.

Create AWS ALB as above instruction with target is Elasticsearch nodes for every region, you will get 3 dns names, like this:

us-east-1: ALB-US-ES-1056884759.us-east-1.elb.amazonaws.com
us-central-1: ALB-EU-ES-1056884759.us-east-1.elb.amazonaws.com
ap-southeast-1: ALB-AP-ES-1056884759.us-east-1.elb.amazonaws.com

Step 4: Configure Route53, heath check & geolocation

Configure Route53 records

Configure health check for Route53, follow this instruction with these steps:

Create an Cloudwatch alarm that fires when healthy targets of ALB below two.
Configure Route53 health check based on Cloudwatch Alarm.

Now configure Route53 for your hosted zone with following configuration:

us-east-1:
- Record type: CNAME
- Record name: us.es.airwallet365.com
- Routing policy: Failover
  - Health check: Cloudwatch Alarm US Elasticsearch
  - Primary: ALB-US-ES-1056884759.us-east-1.elb.amazonaws.com
  - Secondary: ALB-EU-ES-1056884759.us-east-1.elb.amazonaws.com
eu-central-1:
- Record type: CNAME
- Record name: eu.es.airwallet365.com
- Routing policy: Failover
  - Health check: Cloudwatch Alarm EU Elasticsearch
  - Primary: ALB-EU-ES-1056884759.us-east-1.elb.amazonaws.com
  - Secondary: ALB-AP-ES-1056884759.us-east-1.elb.amazonaws.com
ap-southeast-1:
- Record type: CNAME
- Record name: ap.es.airwallet365.com
- Routing policy: Failover
  - Health check: Cloudwatch Alarm AP Elasticsearch
  - Primary: ALB-AP-ES-1056884759.us-east-1.elb.amazonaws.com
  - Secondary: ALB-EU-ES-1056884759.us-east-1.elb.amazonaws.com

Now you have 3 endpoints in 3 regions. After having 3 endpoints, configure Route53 geolocation with health check, we recommend as below:

Record type: CNAME
Alias: enabled
Routing Policy: Geolocation
- Location: Default, North America, South America
  - Alias: us.es.airwallet365.com
- Location: Europe, Africa
  - Alias: eu.es.airwallet365.com
- Location: Asia, China, Japan, Oceania, Hong Kong
  - Alias: ap.es.airwallet365.com

You can modify DNS records anytime you want.

Setup Multi-Region Elasticsearch cluster with AWS EC2

Step 1: Setup VPC & VPC Peering

Setup VPC

Setup VPC Peering

Step 2: Setup AWS EC2 & Elasticsearch Installation

Setup AWS EC2

Elasticsearch Installation

Step 3: Implement ALB for every regions

Step 4: Configure Route53, heath check & geolocation

Configure Route53 records

Related Posts

Comments

Be the first to know

Follow us