Set custom password on Elasticsearch resource

pkaramol · June 16, 2021, 1:17pm

When spinning up a new Elasticsearch resource, a new password is created than can be retrieved as follows:

PASSWORD=$(k get secret clusterName-es-elastic-user -o json | jq -r .data.elastic | base64 -D

Is there a way to pre/define hard-code the password so:

a) it does not change upon cluster destruction / recreation

b) it can be rotated on demand?

pkaramol · June 16, 2021, 1:46pm

Found out the relevant documentation.

My question is whether usage of stringData in the k8s secret is mandatory.

michael.morello · June 17, 2021, 8:39am

stringData is a K8S trick to avoid base64 encoding when creating a Secret:

If the conversion to base64 string is not desirable, you can choose to specify the stringData field instead, which accepts arbitrary strings as values.

Topic		Replies	Views
Specify known password for the elasticsearch user Elastic Cloud on Kubernetes (ECK)	3	806	November 4, 2022
Permanent password for elasticsearch on kubernetes Elastic Cloud on Kubernetes (ECK) elastic-stack-security , docker	5	5065	March 11, 2022
How to give built password in ECK CR Elastic Cloud on Kubernetes (ECK)	2	3197	November 4, 2022
Elastic user password change in kubernetes secret Elastic Cloud on Kubernetes (ECK)	3	1926	May 10, 2023
Disable default secret creating in kubernetes Elasticsearch	1	257	November 7, 2022

Set custom password on Elasticsearch resource

Related topics