Generate Certificates For TLS Encryption for cluster in Kubernetes

Hi There, i have a elastic 7.7.1 cluster with following architecture:

  • Ingest nodes - These are kubernetes deployment with a service called elastic-client running on port 9200
  • Data nodes - These are kubernetes stateful set
  • Master nodes - These are again kubernetes stateful set

Now i need to enable TLS and HTTP encryption for this cluster for which i need to generate certificates. I'm referring to to generate using --in <input_file> option.

This file should have all the nodes and their dns names.

So my question how this would work for my ingest nodes which are kubernetes deployment as their name would change every time scale up or down.

Just to close this, I changed the ingest nodes to be stateful set as well. Which made it easier.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.