openshift-elasticsearch-plugin icon indicating copy to clipboard operation
openshift-elasticsearch-plugin copied to clipboard

Published 20 hours ago verified publisher icon fabric8io

Searchguard properties not exists in elastic context

Open kacper-jackiewicz opened this issue 5 years ago • 1 comments

I've encountered a problem with configuring the plugin for password different than default for searchguard keystore/truststore on image ose-logging-elasticsearch5:v3.11.98

    openshift.searchguard:
    keystore:
       path: /etc/elasticsearch/secret/admin.jks
       password: not-default-pass
    truststore:
       path: /etc/elasticsearch/secret/searchguard.truststore
       password: not-default-pass

java.lang.IllegalArgumentException: unknown setting [openshift.searchguard.keystore.password] did you mean any of [openshift.searchguard.keystore.path, openshift.searchguard.truststore.path]?

Same error for trustore password as well.

According to documentation action-groups such properties should work.

Is there a problem with my configuration?

kacper-jackiewicz avatar Jun 03 '19 12:06 kacper-jackiewicz

This is a documentation error as the 'openshift.searchguaurd' key and trust store settings are no longer used. Authentication is strickly either bearer token or certificate based where the trust and keystore config is here: https://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2#L47

Marking this as a bug to clean up the configuration.

jcantrill avatar Jun 03 '19 12:06 jcantrill