Hey all, I am trying to setup a google cloud Ingress object to route traffic to the Elasticsearch service in ECK, but it appears as though the Ingress object attempts the health check using the HTTP protocol, instead of HTTPS. I was under the impression that the readinessProbe defined in the operator overrode the default check at /
looking for 200
Here is my toy ES Config:
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: quickstart
spec:
http:
service:
spec:
type: LoadBalancer
version: 7.5.2
nodeSets:
- name: default
count: 1
config:
node.master: true
node.data: true
node.ingest: true
node.store.allow_mmap: false
Here is the accompanying ingress resource:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: elastic-ingress
annotations:
kubernetes.io/ingress.global-static-ip-name: name-of-my-address
kubernetes.io/ingress.allow-http: "true"
spec:
rules:
- http:
paths:
- path: /*
backend:
serviceName: quickstart-es-http
servicePort: 9200
A few minutes after I start this ingress, I get the following in the cloud console:
And in my elasticsearch pod logs, I get the following warnings, which seem to indicate that the health checks are being rejected:
{"type": "server", "timestamp": "2020-01-30T02:29:14,832Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "quickstart", "node.name": "quickstart-es-default-0", "message": "received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/10.16.0.23:9200, remoteAddress=/10.128.0.3:36878}", "cluster.uuid": "Oxno1fnRTluho2wlekONMA", "node.id": "DtOKi0UcS6K8NyAwDtsryA" }
Is there some simple way to resolve this?
Cheers