Inconsistency in Security setup notes for Kubernetes (TLS), autogenerated keys missing?

Hi All,

Elastic 7.17.3 via Helm Chart

I have trouble with the following:
This Helm chart can generate a [Kubernetes Secret] or use an existing one to setup Elastic credentials.

This chart is setting TLS and creating a certificate by default, but you can also provide your own certs as a K8S secret. An example of configuration for providing existing certificates can be found in examples/security.

The chart has this setting:
createCert: true

Good and fine, but the example provided, has createCert: false, and is mounting own certs via secrets.

I just want to use the autogenerated certs, but any configuration needs to set the path to the certs explicitly. With createCert: true, I don't see any certs being created, or I have no clue where they are.

My example config:

  annotations: {}
  enabled: true
    - host:
        - path: /
  tls: null
maxUnavailable: 1
minimumMasterNodes: 1
replicas: 1
clusterHealthCheckParams: 'wait_for_status=yellow&timeout=2s'
createCert: true
protocol: https

# Allows you to add any config files in /usr/share/elasticsearch/config/
# such as elasticsearch.yml and
  elasticsearch.yml: |
          script.allowed_types: inline
          xpack.monitoring.collection.enabled: true

    cpu: 1000m
    memory: 2Gi
    - ReadWriteOnce
      storage: 3Gi
  storageClassName: longhorn

I have just realized this is a new feature for version 8.x which is not live yet. For 7.17 you have to supply your own cert store and certs .. :frowning:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.