hey all, I have followed the quickstart guide from
master branch of the docs, and all works perfectly well when i set the network type to
LoadBalancer for kibana and elastic. I am able to curl the endpoints (with the self-signed cert). However, when I create an ingress resource, it appears as though all the backends fail the health checks, and the ingress refuses to route traffic to any of the pods.
Here are my related configs:
elastic.yaml apiVersion: elasticsearch.k8s.elastic.co/v1alpha1 kind: Elasticsearch metadata: name: quickstart spec: version: 7.1.0 http: service: spec: type: NodePort ports: - port: 9200 - targetPort: 9200 - protocol: TCP tls: selfSignedCertificate: subjectAltNames: - dns: myuniquedomain.ca ip: 188.8.131.52 nodes: - nodeCount: 3 config: node.master: true node.data: true node.ingest: true volumeClaimTemplates: - metadata: name: data spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: standard
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: myuniquedomain-ingress annotations: kubernetes.io/ingress.global-static-ip-name: myuniquedomain-static-ip spec: rules: - http: paths: - path: /elastic backend: serviceName: quickstart-es servicePort: 9200
However, the ingress shows all the backend as unhealthy.
Attempting to curl with the new cert now returns:
╰─ curl --cacert ca.pem -u elastic:$PW https://myuniquedomain.ca/elastic curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to myuniquedomain.ca:443
I have an A-record on the domain correctly pointing to the static IP as well.
Am I missing something obvious?