I was able to configure and install an elastic search /kibana using Eck Operator in my environment (GKE GCP) and also able to enable Kibana with an https using GCP managed certificate for SSL with GCP Default Ingress. but I'm not able to do with elastic search only with Kibana.
when I use ingress and point to elastic search its throw 502 bad gateway. but it's working with kibana . can anyone let me know if you also faced some issues similar to that or how it should be resolved?
It's difficult to give you an answer without more information about your setup. Pasting the contents of the manifests here would be helpful to diagnose the issue.
My hunch is that you are getting errors for the Elasticsearch endpoint because the Google Cloud Load Balancer (GCLB) creates an implicit health check by reusing the readiness probe. The default readiness probe created by ECK is not an HTTP probe and therefore GCLB fails to create the health check and considers the backend to be unavailable.
The reason ECK does not create an HTTP readiness probe by default is because it requires anonymous access to be enabled for Elasticsearch. You can restrict the scope of anonymous access but it is something that needs to be carefully considered as the Elasticsearch cluster will be open to the internet. If you are comfortable doing so, we have an example of configuring GCLB at https://github.com/elastic/cloud-on-k8s/tree/1.2/config/recipes/gclb.
Alternatively, you can configure a reverse proxy in front of Elasticsearch and expose the proxy through the ingress. That way, you don't have to change the Elasticsearch security to allow anonymous access.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
