Keystore does not update azure client secrets when changed - secrets seems to be persistent somehow

Short version: Unable to load new values into keystore secrets for azure plugin:

  • azure.client.default.account
  • azure.client.default.key

They seem to be persistent - how do I purge the old values completely from the cluster?

Detailed version:

  • Running Elastic v7.6.2 on Kubernetes
  • Using azure plugin for taking snapshots
  • Deleted old azure storage account, and created new. Need to update secure setting
  • When trying to update keystore values, the old values are reloaded
  • They persist even when removing the keystore entirely from the deployment, and then redeploying with them.
  • My main suspect is the keystore.seed file in the keystore. Tried to delete this manually with the command bin/elasticsearch remove keystore.seed in each node, and then redeploy. Did not work.

When I try to remove the keystore from deployment, and then redeploy with the secret it finds the old secret and not the new ones in the kubernetes secret.

This implies to me that it is somehow persistent to a level which I am not able to understand.

Any knowledge on how this works and/or how to fix this?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.