Open doug62 opened 1 year ago
Han into the same issue. I planed to use the chart with a certificate in the container. But it did not seem to by default setup the correct configuration for kibana.yaml for using SSL I used the following configuration
kibanaConfig:
kibana.yml: |
server.publicBaseUrl: https://kibana.example.com
server.ssl:
enabled: true
key: /usr/share/kibana/config/certs/tls.key
certificate: /usr/share/kibana/config/certs/tls.crt
elasticsearch.ssl:
certificateAuthorities: /usr/share/kibana/config/certs/ca.crt
verificationMode: certificate
based on https://github.com/elastic/helm-charts/blob/main/kibana/examples/security/values.yaml
Can please support http for Kibana chart ? I saw crt volume mount was coded in chart and not allow conditions to bypass.
As per the values.yaml
, the default value for protocol is https
.
As per the README
, the default value for protocol is http
.
One of the two should be changed to have a coherent documentation.
Chart version: 8.5.1
Kubernetes version: NA
Kubernetes provider: E.g. GKE (Google Kubernetes Engine) NA
Helm Version: NA
helm get release
output NADescribe the bug: Previously worked, while trying to disable internal https (https->http via Traefic externally), I assume the elastic/values value for 'protocol: http' would eliminate internal https calls however. elasticsearch/templates/test/test-elasticsearch-health.yaml
!/usr/bin/env bash -e
Is hard coded to HTTPS, this area should be HTTP, this is preventing pod start/services and Kibana as well.
Steps to reproduce: Helm values:
protocol: http helm install see elastic log errors where this call fails
Expected behavior: All internal https should be http for all dependent internal calls when protocol: http
Provide logs and/or server output (if relevant): {"@timestamp":"2022-11-21T20:27:46.853Z", "log.level": "WARN", "message":"received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/127.0.0.1:9200, remoteAddress=/127.0.0.1:60256}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-master-0][transport_worker][T#2]","log.logger":"org.elasticsearch.xpack.security.transport.netty4.SecurityNetty4HttpServerTransport","elasticsearch.cluster.uuid":"uanIH6ZeSsyh3QM6rUpYKQ","elasticsearch.node.id":"qXaL4nFqT8i4fhEzVuNNyg","elasticsearch.node.name":"elasticsearch-master-0","elasticsearch.cluster.name":"elasticsearch"}