elastic · florent-leborgne · Feb 25, 2025 · Feb 13, 2025 · Feb 13, 2025 · Feb 13, 2025
@@ -1,23 +1,15 @@
 ---
-applies:
-  stack:
-  ece:
-  eck:
-  hosted:
-  self:
-  serverless: unavailable
+applies_to:
+  deployment:
+    ece: ga
+    eck: ga
+    ess: ga
+    self: ga
+    serverless: unavailable
 ---
 
 # Remote clusters [remote-clusters]
 
-% What needs to be done: Write from scratch
-
-% GitHub issue: https://github.com/elastic/docs-projects/issues/345
-
-% Scope notes: "Landing page for cross cluster comms, used by CCS and CCR.
-% We will cover here the raw configuration at Elasticsearch level and the docs to enable remote clusters in ESS / ECE / ECK.
-% We can include links to the use cases of remote clusters, such as CCR and CCS."
-
 By setting up **remote clusters**, you can connect an {{es}} cluster to other {{es}} clusters. Remote clusters can be located in different data centers, geographic regions, and run on a different type of environment: {{ech}}, {{ece}}, {{eck}}, or self-managed.
 
 Remote clusters are especially useful in two cases:

@@ -0,0 +1,27 @@
+:::::{dropdown} Version compatibility table
+
+* Any node can communicate with another node on the same major version. For example, 9.0 can talk to any 9.x node.
+* Version compatibility is symmetric, meaning that if 7.16 can communicate with 8.0, 8.0 can also communicate with 7.16. The following table depicts version compatibility between local and remote nodes.
+
+|     |     |
+| --- | --- |
+|  | Local cluster |
+| Remote cluster | 5.0–5.5 | 5.6 | 6.0–6.6 | 6.7 | 6.8 | 7.0 | 7.1–7.16 | 7.17 | 8.0–9.0 |
+| 5.0–5.5 | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 5.6 | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 6.0–6.6 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 6.7 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 6.8 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 7.0 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 7.1–7.16 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") |
+| 7.17 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") |
+| 8.0–9.0 | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![No](https://doc-icons.s3.us-east-2.amazonaws.com/icon-no.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") | ![Yes](https://doc-icons.s3.us-east-2.amazonaws.com/icon-yes.png "") |
+
+
+::::{important}
+Elastic only supports {{ccs}} on a subset of these configurations. See [Supported {{ccs}} configurations](../../../solutions/search/cross-cluster-search.md#ccs-supported-configurations).
+::::
+
+:::::
+
+
@@ -1,4 +1,7 @@
 ---
+applies_to:
+  deployment:
+    ess: ga
 mapped_pages:
   - https://www.elastic.co/guide/en/cloud/current/ec-edit-remove-trusted-environment.html
 ---
@@ -12,7 +15,7 @@ From a deployment’s **Security** page, you can manage trusted environments tha
 * You want to remove or update the access level granted by a cross-cluster API key.
 
 
-## Remove a trusted environment [ec_remove_a_trusted_environment]
+## Remove a certificate-based trusted environment [ec_remove_a_trusted_environment]
 
 By removing a trusted environment, this deployment will no longer be able to establish remote connections using certificate trust to clusters of that environment. The remote environment will also no longer be able to connect to this deployment using certificate trust.
 
@@ -25,9 +28,9 @@ With this method, you can only remove trusted environments relying exclusively o
 2. In the list of trusted environments, locate the one you want to remove.
 3. Remove it using the corresponding `delete` icon.
 
-    :::{image} ../../images/cloud-delete-trust-environment.png
-    :alt: button for deleting a trusted environment
-    :::
+   :::{image} ../../images/cloud-delete-trust-environment.png
+   :alt: button for deleting a trusted environment
+   :::
 
 4. In {{kib}}, go to **Stack Management** > **Remote Clusters**.
 5. In the list of existing remote clusters, delete the ones corresponding to the trusted environment you removed earlier.
@@ -39,14 +42,14 @@ With this method, you can only remove trusted environments relying exclusively o
 2. In the list of trusted environments, locate the one you want to edit.
 3. Open its details by selecting the `Edit` icon.
 
-    :::{image} ../../images/cloud-edit-trust-environment.png
-    :alt: button for editing a trusted environment
-    :::
+   :::{image} ../../images/cloud-edit-trust-environment.png
+   :alt: button for editing a trusted environment
+   :::
 
 4. Edit the trust configuration for that environment:
 
-    * From the **Trust level** tab, you can add or remove trusted deployments.
-    * From the **Environment settings** tab, you can manage the certificates and the label of the environment.
+   * From the **Trust level** tab, you can add or remove trusted deployments.
+   * From the **Environment settings** tab, you can manage the certificates and the label of the environment.
 
 5. Save your changes.
 
@@ -68,16 +71,14 @@ If you need to update the permissions granted by a cross-cluster API key for a r
 
     * For the **Setting name**, enter the same alias that was used for the previous key.
 
-        ::::{note}
-        If you use a different alias, you also need to re-create the remote cluster in {{kib}} with a **Name** that matches the new alias.
-        ::::
+      ::::{note}
+      If you use a different alias, you also need to re-create the remote cluster in {{kib}} with a **Name** that matches the new alias.
+      ::::
 
-    * For the **Secret**, paste the encoded cross-cluster API key.
-
-        1. Click **Add** to save the API key to the keystore.
+    * For the **Secret**, paste the encoded cross-cluster API key, then click **Add** to save the API key to the keystore.
 
 6. Restart the local deployment to reload the keystore with its new setting. To do that, go to the deployment’s main page (named after your deployment’s name), locate the **Actions** menu, and select **Restart {{es}}**.<br>
 
-    ::::{note}
-    If the local deployment runs on version 8.13 or greater, you no longer need to perform this step because the keystore is reloaded automatically with the new API keys.
-    ::::
+   ::::{note}
+   If the local deployment runs on version 8.14 or greater, you no longer need to perform this step because the keystore is reloaded automatically with the new API keys.
+   ::::
@@ -1,11 +1,16 @@
 ---
+applies_to:
+  deployment:
+    ess: ga
+    eck: ga
+navigation_title: With {{eck}}
 mapped_pages:
   - https://www.elastic.co/guide/en/cloud/current/ec-enable-ccs-for-eck.html
 ---
 
 # Remote clusters between {{ech}} and ECK [ec-enable-ccs-for-eck]
 
-These steps describe how to configure remote clusters between an {{es}} cluster in {{ech}} and an {{es}} cluster running within [{{eck}} (ECK)](https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-overview.html). Once that’s done, you’ll be able to [run CCS queries from {{es}}](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-cross-cluster-search.html) or [set up CCR](https://www.elastic.co/guide/en/elasticsearch/reference/current/ccr-getting-started-tutorial.html).
+These steps describe how to configure remote clusters between an {{es}} cluster in {{ech}} and an {{es}} cluster running within [{{eck}} (ECK)](/deploy-manage/deploy/cloud-on-k8s.md). Once that’s done, you’ll be able to [run CCS queries from {{es}}](/solutions/search/cross-cluster-search.md) or [set up CCR](/deploy-manage/tools/cross-cluster-replication/set-up-cross-cluster-replication.md).
 
 
 ## Establish trust between two clusters [ec_establish_trust_between_two_clusters]

@@ -1,6 +1,8 @@
 ---
-applies:
-  hosted:
+applies_to:
+  deployment:
+    ess: ga
+navigation_title: Elastic Cloud Hosted
 mapped_pages:
   - https://www.elastic.co/guide/en/cloud/current/ec-enable-ccs.html
 ---
@@ -20,7 +22,14 @@ You can configure an {{ech}} deployment to remotely access or (be accessed by) a
 
 To use CCS or CCR, your deployments must meet the following criteria:
 
-* The local and remote clusters must run on compatible versions of {{es}}. Review the [version compatibility](https://www.elastic.co/guide/en/elasticsearch/reference/current/remote-clusters-cert.html#remote-clusters-prerequisites-cert) table.
+* The local and remote clusters must run on compatible versions of {{es}}. Review the version compatibility table.
+
+  :::{include} _snippets/remote-cluster-certificate-compatibility.md
+  :::
+
+* If your deployment was created before February 2021, the **Remote clusters** page in {{kib}} must be enabled manually from the **Security** page of your deployment, by selecting **Enable CCR** under **Trust management**.
+
+## Set up remote clusters with {{ech}}
 
 The steps, information, and authentication method required to configure CCS and CCR can vary depending on where the clusters you want to use as remote are hosted.
 
@@ -36,14 +45,9 @@ The steps, information, and authentication method required to configure CCS and
 
     * [From another deployment of your {{ecloud}} organization](ec-remote-cluster-same-ess.md)
     * [From a deployment of another {{ecloud}} organization](ec-remote-cluster-other-ess.md)
-    * [From an ECE deployment](https://www.elastic.co/guide/en/cloud-enterprise/{{ece-version-link}}/ece-enable-ccs.html)
-    * [From a self-managed cluster](https://www.elastic.co/guide/en/elasticsearch/reference/current/remote-clusters.html)
-
-
-
-## Enable Remote clusters in {{kib}} [ec-enable-ccr]
-
-If your deployment was created before February 2021, the Remote clusters page in {kib} must be enabled manually from the **Security** page of your deployment, by selecting **Enable CCR** under **Trust management**.
+    * [From an ECE deployment](ece-remote-cluster-ece-ess.md)
+    * [From a self-managed cluster](remote-clusters-self-managed.md)
+    * [From an ECK environment](ec-enable-ccs-for-eck.md)
 
 
 ## Remote clusters and traffic filtering [ec-ccs-ccr-traffic-filtering]
@@ -61,5 +65,5 @@ Traffic filtering for remote clusters supports 2 methods:
 * Filtering by Organization or {{es}} cluster ID with a Remote cluster type filter. You can configure this type of filter from the **Features** > **Traffic filters** page of your organization or using the [{{ecloud}} RESTful API](https://www.elastic.co/docs/api/doc/cloud) and apply it from each deployment’s **Security** page.
 
 ::::{note}
-When setting up traffic filters for a remote connection to an {{ece}} environment, you also need to upload the region’s TLS certificate of the local cluster to the {{ece}} environment’s proxy. You can find that region’s TLS certificate in the Security page of any deployment of the environment initiating the remote connection.
+When setting up traffic filters for a remote connection to an {{ece}} environment, you also need to upload the region’s TLS certificate of the local cluster to the {{ece}} environment’s proxy. You can find that region’s TLS certificate in the **Security** page of any deployment of the environment initiating the remote connection.
 ::::