In the elasticsearch.yml file of the pod created by ECK, there is a default configuration as follows:
xpack:
security:
authc:
realms:
file:
file1:
order: -100
native:
native1:
order: -99
reserved_realm:
enabled: "false"
enabled: "true"
http:
ssl:
certificate: /usr/share/elasticsearch/config/http-certs/tls.crt
certificate_authorities: /usr/share/elasticsearch/config/http-certs/ca.crt
enabled: false
key: /usr/share/elasticsearch/config/http-certs/tls.key
transport:
ssl:
certificate: /usr/share/elasticsearch/config/node-transport-cert/transport.tls.crt
certificate_authorities:
- /usr/share/elasticsearch/config/transport-certs/ca.crt
- /usr/share/elasticsearch/config/transport-remote-certs/ca.crt
enabled: false
key: /usr/share/elasticsearch/config/node-transport-cert/transport.tls.key
verification_mode: certificate
If I make the following configuration in the k8s yaml file, I can override it with my own specified values.
spec:
version: 7.11.1
nodeSets:
- name: master
count: 3
config:
node.master: true
node.data: false
node.ingest: true
xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/my_tls.crt
xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/my_ca.crt
xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/my_tls.key
But if I want to remove these configurations, how should I set it?