Hi I am having a bad time trying to install Elasticsearch (3 nodes) on Kubernetes using HELM + Production certificates.
I am using the following config:
clusterName: "my-cluster"
nodeGroup: "master"
roles:
master: "true"
ingest: "true"
data: "true"
esJavaOpts: "-Xmx1024m -Xms1024m"
resources:
requests:
cpu: "100m"
memory: "1024M"
limits:
cpu: "1000m"
memory: "1500M"
volumeClaimTemplate:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 10G
protocol: https
esConfig:
elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.authc.anonymous.username: anonymous_user
xpack.security.authc.anonymous.roles: my_anonymous_user
xpack.security.authc.anonymous.authz_exception: true
roles.yml: |
my_anonymous_user:
indices:
- names: [ 'my_index' ]
privileges: [ 'read' ]
my_text_file.txt: |
extraEnvs:
- name: ELASTIC_USERNAME
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
- name: ELASTIC_PASSWORD
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password
secretMounts:
- name: elastic-certificates
secretName: elastic-certificates
path: /usr/share/elasticsearch/config/certs
How can I make it work with 3 nodes and how can I create valid production certificates for each of them?