Hi There, i have a elastic 7.7.1 cluster with following architecture:
- Ingest nodes - These are kubernetes deployment with a service called elastic-client running on port 9200
- Data nodes - These are kubernetes stateful set
- Master nodes - These are again kubernetes stateful set
Now i need to enable TLS and HTTP encryption for this cluster for which i need to generate certificates. I'm referring to https://www.elastic.co/guide/en/elasticsearch/reference/7.x/encrypting-communications-certificates.html to generate using --in <input_file> option.
This file should have all the nodes and their dns names.
So my question how this would work for my ingest nodes which are kubernetes deployment as their name would change every time scale up or down.