With multiple elasticsearch instances per server and multiple clusters spreading to subsets of elasticsearch nodes, we need to have dedicated LVS endpoints to expose the different clusters. For details about the context, see T193654.
There are some related questions about how to route requests to those different clusters (see T198352#4671179 as well):
- differentiate on TCP port only (first instance on 9243, second on 9443)
- differentiate on server names
- differentiate on IP
- a combination of some of the above
- seems the simpler solution, it matches the expectations of the clients and does not have any significant drawback that we could find
- SAN / SNI support in HTTP libraries is often broken if supported at all. Our current clients might be OK (unchecked), but if we can avoid the pain, we should
- it would work fine, but since we want (at least at some point) to have elasticsearch listening only on localhost, elasticsearch will be on different ports already. Exposing this mapping to the TLS endpoint as well seems simpler and less surprising. (yes, we could use different lo:aliases, but that seems even more confusing for not much gain).
- why not ?
It looks like 1) is the simplest solution, but feedback is welcomed.