Add remote clusters xpack usage report (#94862)

This PR adds a new remote_clusters section to the xpack usage response
to report stats of remote cluster connections including total number,
mode and security model.

It also adds a new remote_cluster_server sub-section under the existing
security section.

Relates: #94817

Author: ywangd

docs/build.gradle

@@ -116,6 +116,15 @@ tasks.named("yamlRestTest").configure {
   }
 }
 
+// TODO: Remove the following when RCS feature is released
+// The get-builtin-privileges doc test does not include the new cluster privilege for RCS
+// So we disable the test if the build is a snapshot where unreleased feature is enabled by default
+tasks.named("yamlRestTest").configure {
+  if (BuildParams.isSnapshotBuild()) {
+    systemProperty 'tests.rest.blacklist', 'reference/rest-api/usage/*'
+  }
+}
+
 tasks.named("forbiddenPatterns").configure {
   exclude '**/*.mmdb'
 }

server/src/main/java/org/elasticsearch/transport/RemoteConnectionInfo.java

@@ -93,6 +93,10 @@ public boolean isSkipUnavailable() {
         return skipUnavailable;
     }
 
+    public boolean hasClusterCredentials() {
+        return hasClusterCredentials;
+    }
+
     @Override
     public void writeTo(StreamOutput out) throws IOException {
         if (out.getTransportVersion().onOrAfter(TransportVersion.V_7_6_0)) {

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/RemoteClusterFeatureSetUsage.java

@@ -0,0 +1,73 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+package org.elasticsearch.xpack.core;
+
+import org.elasticsearch.TransportVersion;
+import org.elasticsearch.common.io.stream.StreamInput;
+import org.elasticsearch.common.io.stream.StreamOutput;
+import org.elasticsearch.transport.RemoteClusterPortSettings;
+import org.elasticsearch.transport.RemoteConnectionInfo;
+import org.elasticsearch.xcontent.XContentBuilder;
+
+import java.io.IOException;
+import java.util.List;
+
+public class RemoteClusterFeatureSetUsage extends XPackFeatureSet.Usage {
+
+    private final List<RemoteConnectionInfo> remoteConnectionInfos;
+
+    public RemoteClusterFeatureSetUsage(StreamInput in) throws IOException {
+        super(in);
+        this.remoteConnectionInfos = in.readImmutableList(RemoteConnectionInfo::new);
+    }
+
+    public RemoteClusterFeatureSetUsage(List<RemoteConnectionInfo> remoteConnectionInfos) {
+        super(XPackField.REMOTE_CLUSTERS, true, true);
+        this.remoteConnectionInfos = remoteConnectionInfos;
+    }
+
+    @Override
+    public TransportVersion getMinimalSupportedVersion() {
+        return RemoteClusterPortSettings.TRANSPORT_VERSION_REMOTE_CLUSTER_SECURITY;
+    }
+
+    @Override
+    public void writeTo(StreamOutput out) throws IOException {
+        super.writeTo(out);
+        out.writeList(remoteConnectionInfos);
+    }
+
+    @Override
+    protected void innerXContent(XContentBuilder builder, Params params) throws IOException {
+        final int size = remoteConnectionInfos.size();
+        builder.field("size", size);
+
+        int numberOfSniffModes = 0;
+        int numberOfConfigurableModels = 0;
+        for (var info : remoteConnectionInfos) {
+            if ("sniff".equals(info.getModeInfo().modeName())) {
+                numberOfSniffModes += 1;
+            } else {
+                assert "proxy".equals(info.getModeInfo().modeName());
+            }
+            if (info.hasClusterCredentials()) {
+                numberOfConfigurableModels += 1;
+            }
+        }
+
+        builder.startObject("mode");
+        builder.field("proxy", size - numberOfSniffModes);
+        builder.field("sniff", numberOfSniffModes);
+        builder.endObject();
+
+        builder.startObject("security");
+        builder.field("basic", size - numberOfConfigurableModels);
+        builder.field("configurable", numberOfConfigurableModels);
+        builder.endObject();
+    }
+}

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/RemoteClusterUsageTransportAction.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+package org.elasticsearch.xpack.core;
+
+import org.elasticsearch.action.ActionListener;
+import org.elasticsearch.action.support.ActionFilters;
+import org.elasticsearch.cluster.ClusterState;
+import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
+import org.elasticsearch.cluster.service.ClusterService;
+import org.elasticsearch.common.inject.Inject;
+import org.elasticsearch.protocol.xpack.XPackUsageRequest;
+import org.elasticsearch.tasks.Task;
+import org.elasticsearch.threadpool.ThreadPool;
+import org.elasticsearch.transport.RemoteClusterService;
+import org.elasticsearch.transport.TransportService;
+import org.elasticsearch.xpack.core.action.XPackUsageFeatureAction;
+import org.elasticsearch.xpack.core.action.XPackUsageFeatureResponse;
+import org.elasticsearch.xpack.core.action.XPackUsageFeatureTransportAction;
+
+public class RemoteClusterUsageTransportAction extends XPackUsageFeatureTransportAction {
+
+    @Inject
+    public RemoteClusterUsageTransportAction(
+        TransportService transportService,
+        ClusterService clusterService,
+        ThreadPool threadPool,
+        ActionFilters actionFilters,
+        IndexNameExpressionResolver indexNameExpressionResolver
+    ) {
+        super(
+            XPackUsageFeatureAction.REMOTE_CLUSTERS.name(),
+            transportService,
+            clusterService,
+            threadPool,
+            actionFilters,
+            indexNameExpressionResolver
+        );
+    }
+
+    @Override
+    protected void masterOperation(
+        Task task,
+        XPackUsageRequest request,
+        ClusterState state,
+        ActionListener<XPackUsageFeatureResponse> listener
+    ) throws Exception {
+        final RemoteClusterService remoteClusterService = transportService.getRemoteClusterService();
+
+        listener.onResponse(
+            new XPackUsageFeatureResponse(new RemoteClusterFeatureSetUsage(remoteClusterService.getRemoteConnectionInfos().toList()))
+        );
+    }
+}

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackClientPlugin.java

@@ -555,7 +555,9 @@ public List<NamedWriteableRegistry.Entry> getNamedWriteables() {
             // TSDB Downsampling
             new NamedWriteableRegistry.Entry(LifecycleAction.class, DownsampleAction.NAME, DownsampleAction::new),
             // Health API usage
-            new NamedWriteableRegistry.Entry(XPackFeatureSet.Usage.class, XPackField.HEALTH_API, HealthApiFeatureSetUsage::new)
+            new NamedWriteableRegistry.Entry(XPackFeatureSet.Usage.class, XPackField.HEALTH_API, HealthApiFeatureSetUsage::new),
+            // Remote cluster usage
+            new NamedWriteableRegistry.Entry(XPackFeatureSet.Usage.class, XPackField.REMOTE_CLUSTERS, RemoteClusterFeatureSetUsage::new)
         );
     }
 

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackField.java

@@ -75,6 +75,7 @@ public final class XPackField {
     public static final String ARCHIVE = "archive";
     /** Name constant for the health api feature. */
     public static final String HEALTH_API = "health_api";
+    public static final String REMOTE_CLUSTERS = "remote_clusters";
 
     private XPackField() {}
 

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackPlugin.java

@@ -342,6 +342,7 @@ public Collection<Object> createComponents(
         actions.add(new ActionHandler<>(XPackUsageFeatureAction.DATA_STREAMS, DataStreamUsageTransportAction.class));
         actions.add(new ActionHandler<>(XPackInfoFeatureAction.DATA_STREAMS, DataStreamInfoTransportAction.class));
         actions.add(new ActionHandler<>(XPackUsageFeatureAction.HEALTH, HealthApiUsageTransportAction.class));
+        actions.add(new ActionHandler<>(XPackUsageFeatureAction.REMOTE_CLUSTERS, RemoteClusterUsageTransportAction.class));
         return actions;
     }
 

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/action/XPackUsageFeatureAction.java

@@ -7,9 +7,12 @@
 package org.elasticsearch.xpack.core.action;
 
 import org.elasticsearch.action.ActionType;
+import org.elasticsearch.transport.TcpTransport;
 import org.elasticsearch.xpack.core.XPackField;
 
 import java.util.List;
+import java.util.Objects;
+import java.util.stream.Stream;
 
 /**
  * A base action for usage of a feature plugin.
@@ -46,8 +49,9 @@ public class XPackUsageFeatureAction extends ActionType<XPackUsageFeatureRespons
     public static final XPackUsageFeatureAction AGGREGATE_METRIC = new XPackUsageFeatureAction(XPackField.AGGREGATE_METRIC);
     public static final XPackUsageFeatureAction ARCHIVE = new XPackUsageFeatureAction(XPackField.ARCHIVE);
     public static final XPackUsageFeatureAction HEALTH = new XPackUsageFeatureAction(XPackField.HEALTH_API);
+    public static final XPackUsageFeatureAction REMOTE_CLUSTERS = new XPackUsageFeatureAction(XPackField.REMOTE_CLUSTERS);
 
-    static final List<XPackUsageFeatureAction> ALL = List.of(
+    static final List<XPackUsageFeatureAction> ALL = Stream.of(
         AGGREGATE_METRIC,
         ANALYTICS,
         CCR,
@@ -70,8 +74,9 @@ public class XPackUsageFeatureAction extends ActionType<XPackUsageFeatureRespons
         VOTING_ONLY,
         WATCHER,
         ARCHIVE,
-        HEALTH
-    );
+        HEALTH,
+        TcpTransport.isUntrustedRemoteClusterEnabled() ? REMOTE_CLUSTERS : null
+    ).filter(Objects::nonNull).toList();
 
     // public for testing
     public XPackUsageFeatureAction(String name) {

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/SecurityFeatureSetUsage.java

@@ -9,6 +9,7 @@
 import org.elasticsearch.TransportVersion;
 import org.elasticsearch.common.io.stream.StreamInput;
 import org.elasticsearch.common.io.stream.StreamOutput;
+import org.elasticsearch.transport.RemoteClusterPortSettings;
 import org.elasticsearch.xcontent.XContentBuilder;
 import org.elasticsearch.xpack.core.XPackFeatureSet;
 import org.elasticsearch.xpack.core.XPackField;
@@ -32,6 +33,7 @@ public class SecurityFeatureSetUsage extends XPackFeatureSet.Usage {
     private static final String OPERATOR_PRIVILEGES_XFIELD = XPackField.OPERATOR_PRIVILEGES;
     private static final String DOMAINS_XFIELD = "domains";
     private static final String USER_PROFILE_XFIELD = "user_profile";
+    private static final String REMOTE_CLUSTER_SERVER_XFIELD = "remote_cluster_server";
 
     private Map<String, Object> realmsUsage;
     private Map<String, Object> rolesStoreUsage;
@@ -46,6 +48,7 @@ public class SecurityFeatureSetUsage extends XPackFeatureSet.Usage {
     private Map<String, Object> operatorPrivilegesUsage;
     private Map<String, Object> domainsUsage;
     private Map<String, Object> userProfileUsage;
+    private Map<String, Object> remoteClusterServerUsage;
 
     public SecurityFeatureSetUsage(StreamInput in) throws IOException {
         super(in);
@@ -72,6 +75,9 @@ public SecurityFeatureSetUsage(StreamInput in) throws IOException {
         if (in.getTransportVersion().onOrAfter(TransportVersion.V_8_5_0)) {
             userProfileUsage = in.readMap();
         }
+        if (in.getTransportVersion().onOrAfter(RemoteClusterPortSettings.TRANSPORT_VERSION_REMOTE_CLUSTER_SECURITY)) {
+            remoteClusterServerUsage = in.readMap();
+        }
     }
 
     public SecurityFeatureSetUsage(
@@ -88,7 +94,8 @@ public SecurityFeatureSetUsage(
         Map<String, Object> fips140Usage,
         Map<String, Object> operatorPrivilegesUsage,
         Map<String, Object> domainsUsage,
-        Map<String, Object> userProfileUsage
+        Map<String, Object> userProfileUsage,
+        Map<String, Object> remoteClusterServerUsage
     ) {
         super(XPackField.SECURITY, true, enabled);
         this.realmsUsage = realmsUsage;
@@ -104,6 +111,7 @@ public SecurityFeatureSetUsage(
         this.operatorPrivilegesUsage = operatorPrivilegesUsage;
         this.domainsUsage = domainsUsage;
         this.userProfileUsage = userProfileUsage;
+        this.remoteClusterServerUsage = remoteClusterServerUsage;
     }
 
     @Override
@@ -137,6 +145,9 @@ public void writeTo(StreamOutput out) throws IOException {
         if (out.getTransportVersion().onOrAfter(TransportVersion.V_8_5_0)) {
             out.writeGenericMap(userProfileUsage);
         }
+        if (out.getTransportVersion().onOrAfter(RemoteClusterPortSettings.TRANSPORT_VERSION_REMOTE_CLUSTER_SECURITY)) {
+            out.writeGenericMap(remoteClusterServerUsage);
+        }
     }
 
     @Override
@@ -160,6 +171,9 @@ protected void innerXContent(XContentBuilder builder, Params params) throws IOEx
             if (userProfileUsage != null && false == userProfileUsage.isEmpty()) {
                 builder.field(USER_PROFILE_XFIELD, userProfileUsage);
             }
+            if (remoteClusterServerUsage != null && false == remoteClusterServerUsage.isEmpty()) {
+                builder.field(REMOTE_CLUSTER_SERVER_XFIELD, remoteClusterServerUsage);
+            }
         } else if (sslUsage.isEmpty() == false) {
             // A trial (or basic) license can have SSL without security.
             // This is because security defaults to disabled on that license, but that dynamic-default does not disable SSL.

x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/RemoteClusterFeatureSetUsageTests.java

@@ -0,0 +1,87 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+package org.elasticsearch.xpack.core;
+
+import org.elasticsearch.common.Strings;
+import org.elasticsearch.common.xcontent.XContentHelper;
+import org.elasticsearch.core.TimeValue;
+import org.elasticsearch.test.ESTestCase;
+import org.elasticsearch.transport.ProxyConnectionStrategy;
+import org.elasticsearch.transport.RemoteConnectionInfo;
+import org.elasticsearch.transport.SniffConnectionStrategy;
+import org.elasticsearch.xcontent.ToXContent;
+import org.elasticsearch.xcontent.XContentBuilder;
+import org.elasticsearch.xcontent.json.JsonXContent;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.hamcrest.Matchers.equalTo;
+
+public class RemoteClusterFeatureSetUsageTests extends ESTestCase {
+
+    public void testToXContent() throws IOException {
+        final int numberOfRemoteClusters = randomIntBetween(0, 10);
+        int numberOfSniffModes = 0;
+        int numberOfConfigurableModels = 0;
+        final List<RemoteConnectionInfo> infos = new ArrayList<>();
+        for (int i = 0; i < numberOfRemoteClusters; i++) {
+            final boolean hasCredentials = randomBoolean();
+            if (hasCredentials) {
+                numberOfConfigurableModels += 1;
+            }
+            final RemoteConnectionInfo.ModeInfo modeInfo;
+            if (randomBoolean()) {
+                modeInfo = new SniffConnectionStrategy.SniffModeInfo(List.of(), randomIntBetween(1, 8), randomIntBetween(1, 8));
+                numberOfSniffModes += 1;
+            } else {
+                modeInfo = new ProxyConnectionStrategy.ProxyModeInfo(
+                    randomAlphaOfLengthBetween(3, 8),
+                    randomAlphaOfLengthBetween(3, 8),
+                    randomIntBetween(1, 8),
+                    randomIntBetween(1, 8)
+                );
+            }
+            infos.add(
+                new RemoteConnectionInfo(randomAlphaOfLengthBetween(3, 8), modeInfo, TimeValue.ZERO, randomBoolean(), hasCredentials)
+            );
+        }
+
+        try (XContentBuilder builder = JsonXContent.contentBuilder()) {
+            new RemoteClusterFeatureSetUsage(infos).toXContent(builder, ToXContent.EMPTY_PARAMS);
+            assertThat(
+                Strings.toString(builder),
+                equalTo(
+                    XContentHelper.stripWhitespace(
+                        Strings.format(
+                            """
+                                {
+                                  "size": %s,
+                                  "mode": {
+                                    "proxy": %s,
+                                    "sniff": %s
+                                  },
+                                  "security": {
+                                     "basic": %s,
+                                     "configurable": %s
+                                  }
+                                }""",
+                            numberOfRemoteClusters,
+                            numberOfRemoteClusters - numberOfSniffModes,
+                            numberOfSniffModes,
+                            numberOfRemoteClusters - numberOfConfigurableModels,
+                            numberOfConfigurableModels
+                        )
+                    )
+                )
+            );
+        }
+
+    }
+}