Hello,
I Installed ECK open source 1.0.1 in k8s 1.15.5
I tried to disable the security and TLS using:
apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: elasticsearch spec: version: 7.6.0 nodeSets: - name: default count: 1 config: node.master: true node.data: true node.ingest: true node.store.allow_mmap: false xpack.security.enabled: false xpack.security.http.ssl.enabled: false xpack.security.transport.ssl.enabled: false
but it doesn't seem to work:
kubectl port-forward service/elasticsearch-es-http 9200
curl http://localhost:9200
==> not working
and
PASSWORD=$(kubectl get secret elasticsearch-es-elastic-user -o=jsonpath='{.data.elastic}' | base64 --decode)
curl -k -u "elastic:$PASSWORD" https://localhost:9200
==> works
If I check the configuration in the 'elasticsearch-es-default-es-config'
kubectl get secrets elasticsearch-es-default-es-config -o jsonpath="{.data['elasticsearch.yml']}" | base64 -d
I get:
cluster: name: elasticsearch discovery: seed_providers: file network: host: 0.0.0.0 publish_host: ${POD_IP} node: data: true ingest: true master: true name: ${POD_NAME} store: allow_mmap: false path: data: /usr/share/elasticsearch/data logs: /usr/share/elasticsearch/logs xpack: license: upload: types: - trial - enterprise security: authc: realms: file: file1: order: -100 native: native1: order: -99 reserved_realm: enabled: "false" enabled: "true" http: ssl: certificate: /usr/share/elasticsearch/config/http-certs/tls.crt certificate_authorities: /usr/share/elasticsearch/config/http-certs/ca.crt enabled: true key: /usr/share/elasticsearch/config/http-certs/tls.key transport: ssl: certificate: /usr/share/elasticsearch/config/node-transport-cert/transport.tls.crt certificate_authorities: - /usr/share/elasticsearch/config/transport-certs/ca.crt enabled: "true" key: /usr/share/elasticsearch/config/node-transport-cert/transport.tls.key verification_mode: certificate
which still contains the security and tls config enabled...
Any idea on how to disable security and tls config ?
Thanks
Yann