Trying to get Elasticsearch 7.13 to run in Kubernetes with security enabled via the official helm chart.
The error is elasticsearch java.lang.IllegalArgumentException: you cannot specify a keystore and key file. What does this mean?
values.yaml
---
imageTag: "7.17.3"
replicas: 2
esJavaOpts: "-Xmx3g -Xms3g"
volumeClaimTemplate:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
extraVolumes:
- name: pwd
hostPath:
path: /certs/
extraVolumeMounts:
- name: pwd
mountPath: /pwd
readOnly: true
# Enable passwords and HTTPS
protocol: https
esConfig:
elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /pwd/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /pwd/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /pwd/elastic-certificates.p12
xpack.security.http.ssl.keystore.path: /pwd/elastic-certificates.p12
secret:
password: ***
elasticsearch uncaught exception in thread [main] ││ elasticsearch java.lang.IllegalArgumentException: you cannot specify a keystore and key file ││ elasticsearch at org.elasticsearch.xpack.core.ssl.CertParsingUtils.createKeyConfig(CertParsingUtils.java:232) ││ elasticsearch at org.elasticsearch.xpack.core.ssl.SSLConfiguration.createKeyConfig(SSLConfiguration.java:164) ││ elasticsearch at org.elasticsearch.xpack.core.ssl.SSLConfiguration.<init>(SSLConfiguration.java:51) ││ elasticsearch at org.elasticsearch.xpack.core.ssl.SSLService.lambda$getSSLConfigurations$4(SSLService.java:524) ││ elasticsearch at java.base/java.util.HashMap.forEach(HashMap.java:1421) ││ elasticsearch at java.base/java.util.Collections$UnmodifiableMap.forEach(Collections.java:1553) ││ elasticsearch at org.elasticsearch.xpack.core.ssl.SSLService.getSSLConfigurations(SSLService.java:519) ││ elasticsearch at org.elasticsearch.xpack.core.XPackPlugin.createSSLService(XPackPlugin.java:519) ││ elasticsearch at org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:338) ││ elasticsearch at org.elasticsearch.node.Node.lambda$new$18(Node.java:736) ││ elasticsearch at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:273) ││ elasticsearch at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1625) ││ elasticsearch at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509) ││ elasticsearch at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499) ││ elasticsearch at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:921) ││ elasticsearch at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ││ elasticsearch at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:682) ││ elasticsearch at org.elasticsearch.node.Node.<init>(Node.java:750) ││ elasticsearch at org.elasticsearch.node.Node.<init>(Node.java:309) ││ elasticsearch at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:234)