Migration from ElasticSearch to OpenSearch not working

[FSys77]

With ElasticSearch I used this line in my docker-compose.yml file to connect to the ES cluster: GRAYLOG_ELASTICSEARCH_HOSTS: "http://graylog-es-green-0:9200,http://graylog-es-green-1:9200,http://graylog-es-green-2:9200"

This was working fine.

After migrating from Elasticsearch to Opensearch, Graylog is not starting up any more. I have lots of error messages like this in the docker logs:

org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: unexpected end of stream on http://graylog-es-green-2:9200/... - \n not found: limit=0 content=….

I assume it's because Opensearch uses HTTPS. How do I configure this in the docker-compose.yml file properly?

I mean I could maybe make it work by disabling OpenSearch security alltogether - with plugins.security.disabled: "true" - but I don't think that's a good idea for a production environment.

[janheise]

Hi @FSys77 - is "plugins.security.ssl.http.enabled=false" what you're looking for?

[todvora]

Hello @FSys77! With the option @janheise suggests, you'll get a similar setup to your existing. The SSL communication between OpenSearch and Graylog will be disabled.

If you want to configure OpenSearch and enable SSL communication, you can follow https://opensearch.org/docs/latest/security-plugin/configuration/generate-certificates/. Your Graylog instance will need to know and accept these certificates, so you'll have to add them to a JVM truststore.