-
Notifications
You must be signed in to change notification settings - Fork 98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG]Opensearch playbook issue with SSL configuration #39
Comments
I hit the same issue. After some digging I noticed that the plugins.security.ssl. settings come from opensearch/tasks/security.yml. It only adds the snippet if the local /tmp/opensearch-nodecerts changes. But if there is a change to opensearch.yml in future runs it will strip out that snippet. |
@saravanan30erd anything we can do to help improve this? |
@peterzhuamazon we need to support the script for safe re-run, will work on this. |
Thanks. In the meantime, is there a way to circumvent the issue? e.g. something I can do on the target servers to fully reinstall from scratch? |
Hello, is there currently any workaround for this? |
@gadgetmerc @jnioche Actually when we created this script, its focused only on first time installation because RPM/deb packages are not available that time so upgrade process is not straight forward. We will work on proper upgrade process soon. For now, I created a quick workaround for this issue. |
I'm still getting the same error @jnioche, problem is not solved.
|
I followed the steps in the README.
The playbook fails on
TASK [linux/opensearch : Wait for opensearch to startup]
When inspecting one of the servers, I find that Opensearch is not running. Its logs end in
Looking at the documentation for TLS, I can't see any reference to plugins.security.ssl.transport.client.pemcert_filepath nor plugins.security.ssl.transport.server.pemcert_filepath.
The config dir contains a number of *.key and *.pem files.
The openseach.yml file contains
If I add
to the config file and restart Opensearch with
systemctl restart opensearch
, it goes past the error.Shouldn't the configuration have been created correctly by the playbook?
Thanks
The text was updated successfully, but these errors were encountered: