I'm posting the solution as we solved this issue on the Elastic Stack Community Slack.
I suspect it has something to do with my TLS configuration because when i disable TLS, im able to connect to it externally without issues. However in a production environment i think keeping TLS enabled is important?
Yes, it's definitively better to keep TLS.
I have tried using openssl to generate a self signed certificate but that did not work. Trying to connect locally returns the following error message.
There is a confusion here. It is not mandatory to configure a TLS certificate. By default, ECK manages all certificates for you. But if you want, you can bring your own certificate.
When using an Ingress, the error received plaintext http traffic on an https channel is often caused by the ingress not being configured correctly to force HTTPS and not allow HTTP.
The configuration then depends on the type of ingress you are using. For example:
- AWS ALB Ingress uses:
alb.ingress.kubernetes.io/backend-protocol: HTTPS. - GKE Ingress uses:
kubernetes.io/ingress.allow-http: "false".
A full example to illustrate how to expose an Elasticsearch and Kibana instance to the outside world using custom TLS certificates and using a Google Cloud Load Balancer (GCLB) is available here.