Hi All,
Elastic 7.17.3 via Helm Chart
I have trouble with the following:
This Helm chart can generate a [Kubernetes Secret] or use an existing one to setup Elastic credentials.
This chart is setting TLS and creating a certificate by default, but you can also provide your own certs as a K8S secret. An example of configuration for providing existing certificates can be found in examples/security.
The chart has this setting:
createCert: true
Good and fine, but the example provided, has createCert: false, and is mounting own certs via secrets.
I just want to use the autogenerated certs, but any xpack.security configuration needs to set the path to the certs explicitly. With createCert: true, I don't see any certs being created, or I have no clue where they are.
My example config:
ingress:
annotations: {}
enabled: true
hosts:
- host: elastic.apps.local.com
paths:
- path: /
tls: null
maxUnavailable: 1
minimumMasterNodes: 1
replicas: 1
clusterHealthCheckParams: 'wait_for_status=yellow&timeout=2s'
createCert: true
protocol: https
# Allows you to add any config files in /usr/share/elasticsearch/config/
# such as elasticsearch.yml and log4j2.properties
esConfig:
elasticsearch.yml: |
#CVE-2014-3120
script.allowed_types: inline
xpack.monitoring.collection.enabled: true
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.keystore.path: ?????
xpack.security.transport.ssl.truststore.path: ????
resources:
limits:
cpu: 1000m
memory: 2Gi
volumeClaimTemplate:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi
storageClassName: longhorn