hello
i deploy elastci stack in kubernetes with helm chart
i got my elastcisearch runnning with xpack and running well
here uis the values
node.master: true
replicas: 1
minimumMasterNodes: 1
clusterHealthCheckParams: 'wait_for_status=yellow&timeout=1s'
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 3
timeoutSeconds: 5
protocol: https
esConfig:
Elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.http.ssl.keystore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.authc.realms.native.local.order: 0
extraEnvs:
- name: ELASTIC_PASSWORD
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password - name: ELASTIC_USERNAME
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
secretMounts:
- name: elastic-certificates
secretName: elastic-certificates
path: /usr/share/Elasticsearch/config/certs
then i try to connect kibana
values :
secretMounts:
-
name: elastic-certificate-pem
secretName: elastic-certificate-pem
path: /usr/share/kibana/config/certs
kibanaConfig:
kibana.yml: |
Elasticsearch.hosts: [ "https://elastic.cyberpeaceinstitute.network:9200/" ]xpack.security.enabled: true
xpack.security.audit.enabled: true
Elasticsearch.ssl.certificateAuthorities: /usr/share/kibana/config/certs/elastic-certificate.pem
Elasticsearch.ssl.verificationMode: certificate
Elasticsearch.username: "xxxxx"
Elasticsearch.password: "xxxx"
i got this error on kibana :
"message":"Unable to retrieve version information from Elasticsearch nodes. socket hang up"}
and in Elasticsearch :
{"type": "server", "timestamp": "2021-10-14T08:18:16,407Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "Elasticsearch", "node.name": "Elasticsearch-master-0", "message": "received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/10.25.3.245:9200, remoteAddress=/10.25.3.39:41280}", "cluster.uuid": "d8t801T_RjKy0j11ErmA3A", "node.id": "fsj52VA8TCGvRml5N_ckGA" }
it looks like the connection is in clear , but in my kibana conf it is in https
when i do a curl in the kibana pod to get the elesticsearhc i gor no error !!!!
thanks for your help