Writing to ECK with Pyspark throws an SSLHandshakeException

aldoorozco · April 11, 2024, 3:48pm

Solved it. In case anyone stumbles on this thread and has the same problem, here are the steps I followed:

In the init script of my cluster I pull the cert file kubectl get secret "test-es-http-certs-public" -o go-template='{{index .data "tls.crt" | base64decode }}' > /tmp/tls.crt
Then, I add it to the keystore as sudo keytool -import -alias elastic -storepass <default_pass> -noprompt -keystore $JAVA_HOME/lib/security/cacerts -file /tmp/tls.crt
Finally, in pyspark I did the following:


# In my case [/usr/lib/jvm/temurin-11-jdk-amd64/]
JAVA_HOME=os.getenv("JAVA_HOME") 

options = {
    "es.index.auto.create": "true",
    "es.net.http.auth.user": "elastic",
    "es.net.http.auth.pass": "<password>",
    "es.nodes": "https://<loadbalancer_ip>:9200",
    "es.nodes.wan.only": "true",
    "es.net.ssl.cert.allow.self.signed": "true",
    "es.net.ssl":"true",
    "es.net.ssl.cert.allow.self.signed", "true"
    "es.net.ssl.keystore.location", "file://{JAVA_HOME}/lib/security/cacerts"
    "es.net.ssl.keystore.pass", "<default_pass>"
    "es.resource": "foo/",
}

df.write.mode("overwrite").format("org.elasticsearch.spark.sql").options(**options).save()

Topic		Replies	Views
Spark ES SSL handshake issue Elasticsearch es-hadoop	1	908	July 23, 2020
How do I connect PySpark to Elasticsearch with SSL and verify certs set to False? Ask Question Elasticsearch es-hadoop	5	5724	March 7, 2019
Apache Spark to query Elasticsearch (https and basic authentication) Elasticsearch es-hadoop	3	4154	October 23, 2019
[2021-08-18T14:40:31,056][WARhttp client did not trust this server's certificate, closing connection Netty4HttpChannel Elasticsearch es-hadoop	1	536	September 15, 2021
Fail to connect spark-elasticsearch with SSL Elasticsearch elastic-stack-security	5	3886	December 10, 2019

Writing to ECK with Pyspark throws an SSLHandshakeException

Related topics