My ES setup has 3 master nodes, 5 data nodes and a couple ingest nodes. I'm trying to create an ES object with sniffing turned on.
import os
from elasticsearch import Elasticsearch
ES = Elasticsearch(os.environ.get("ES_HOST"),
ca_certs=os.environ.get("ES_CA_CERT_PATH"),
http_auth = (os.environ.get("ES_USERNAME"), os.environ.get("ES_PASSWORD")),
port = os.environ.get("ES_PORT"),
retry_on_timeout=True,
scheme="https",
timeout=30,
sniff_on_start=True,
sniff_on_connection_fail=True,
sniffer_timeout=60,
sniff_timeout=10
)
This works fine when I remove the 4 sniffer options. With them added I get this error:
File "/home/es/.local/lib/python3.8/site-packages/urllib3/connection.py", line 467, in connect
_match_hostname(cert, self.assert_hostname or server_hostname)
File "/home/es/.local/lib/python3.8/site-packages/urllib3/connection.py", line 540, in _match_hostname
match_hostname(cert, asserted_hostname)
File "/home/es/.local/lib/python3.8/site-packages/urllib3/util/ssl_match_hostname.py", line 150, in match_hostname
raise CertificateError(
urllib3.util.ssl_match_hostname.CertificateError: hostname '10.10.10.10' doesn't match either of '*.test.domain', '*.test.net',
ES_HOSTS is set to the FQDN of the machine, not the IP. I would expect it to do this check verse the FQDN not the IP. Am I missing a certain type of DNS record?
PIP:
elastic-transport 7.16.0
elasticsearch 7.17.3
elasticsearch-dsl 7.4.0
urllib3 1.26.12