I have Elasticsearch running in K8s via the operator, and want to talk to it from Logstash.
Everything I've tried so far has failed, mostly resulting in
[2020-04-01T15:25:22,773][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://elasticsearch-es-http:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://elasticsearch-es-http:9200/][Manticore::ClientProtocolException] elasticsearch-es-http:9200 failed to respond"}
I don't want to worry about TLS just yet - I want to make it work first, and worry about security later. I have found hints that it's necessary to turn off TLS via
(1) turned off TLS (disabling selfSignedCertificate did work once I'd got it right)
(2) created the secret for the password for the "elastic" user manually so as not to get a generated one - would be nice to have this as a documented feature rather than something that is known to work just right now but not guaranteed to remain working in future versions.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.