Set custom password on Elasticsearch resource

pkaramol · June 16, 2021, 1:17pm

When spinning up a new Elasticsearch resource, a new password is created than can be retrieved as follows:

PASSWORD=$(k get secret clusterName-es-elastic-user -o json | jq -r .data.elastic | base64 -D

Is there a way to pre/define hard-code the password so:

a) it does not change upon cluster destruction / recreation

b) it can be rotated on demand?

pkaramol · June 16, 2021, 1:46pm

Found out the relevant documentation.

My question is whether usage of stringData in the k8s secret is mandatory.

michael.morello · June 17, 2021, 8:39am

stringData is a K8S trick to avoid base64 encoding when creating a Secret:

If the conversion to base64 string is not desirable, you can choose to specify the stringData field instead, which accepts arbitrary strings as values.

system · July 15, 2021, 8:40am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Specify known password for the elasticsearch user Elastic Cloud on Kubernetes (ECK)	3	756	November 4, 2022
How to give built password in ECK CR Elastic Cloud on Kubernetes (ECK)	2	2983	November 4, 2022
Elastic user password change in kubernetes secret Elastic Cloud on Kubernetes (ECK)	3	1257	May 10, 2023
Removing elastic-user Secret from K8s Secrets Elastic Cloud on Kubernetes (ECK)	3	479	November 22, 2021
Trying to set elastic user password in ECK 2.6.1 Elastic Cloud on Kubernetes (ECK) elastic-stack-security , docker	1	438	March 7, 2023

Set custom password on Elasticsearch resource

Related topics