Can not disable the basic Elastic user

[xzGithu]

1, I created an ES cluster via eck operator 2, try to add auth: disableElasticUser: true 3, Got error one or more objects failed to apply, reason: error when patching "/dev/shm/2479845787": admission webhook "elastic-es-validation-v1.k8s.elastic.co" denied the request: Elasticsearch.elasticsearch.k8s.elastic.co "es" is invalid: disableElasticUser: Invalid value: "disableElasticUser": disableElasticUser field found in the kubectl.kubernetes.io/last-applied-configuration annotation is unknown. This is often due to incorrect indentation in the manifest.

backgroud: I installed the ECK operator via kustomization, and the ValidatingWebhookConfiguration policy already is matchPolicy: Exact

Could you please help why this error still happened . Thanks

[thbkrkr]

Hello,

Check that you are using ECK >= 2.13 and your manifest syntax.

Per https://www.elastic.co/guide/en/cloud-on-k8s/master/k8s-users-and-roles.html#k8s_disabling_the_default_elastic_user:

apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: elasticsearch-sample
spec:
  version: 8.14.2
  auth:
    disableElasticUser: true
  nodeSets:
  - name: default
    count: 1

Please reserve GitHub issues exclusively for bug reports and feature requests directly related to the ECK operator. You can ask these kinds of questions in our community support forum https://discuss.elastic.co/c/orchestration/eck/79. Thank you.

[xzGithu]

Hi @thbkrkr Thank you, from our logs seems the ECK version is "service.version":"2.6.1+62f2e278","service.type":"eck","ecs.version":"1.4.0" So the issue doesn't exist in the latest version https://www.elastic.co/guide/en/cloud-on-k8s/current/release-highlights-2.13.0.html ?

And btw, why my eck-operator always has a unsync status of the ValidatingWebhookConfiguration

[xzGithu]

Thanks @thbkrkr After I upgrade the eck operator version to 2.13.0, I didn't encounter the error anymore and the unsynced status also gone