2.13 opensearch version ( 2.19.0 opensearch helm chart )
Opensearch does not refresh AWS Web Identity Token, so repository-s3 fails to take a snapshot after some time - when AWS Web Identity Token expires. The only way to refresh it and to make snapshot working is to restart all master and data nodes.
Screenshots
“Token expired: current date/time 1730190842 must be before the expiration date/time 1729863829 (Service: Sts, Status Code: 400, Request ID…”
Host/Environment (please complete the following information):
Version [2.13]
Additional contextOfficial doc is missing option for S3 repository plugin using AWS Web Identity Token for Helm Chart deployments. So we did config similar to 7982.
andrross
commented
4 days ago
Describe the bug
2.13 opensearch version ( 2.19.0 opensearch helm chart ) Opensearch does not refresh AWS Web Identity Token, so repository-s3 fails to take a snapshot after some time - when AWS Web Identity Token expires. The only way to refresh it and to make snapshot working is to restart all master and data nodes.
Related component
Plugins
To Reproduce
config for master nodes (similar for data):
Expected behavior
_PUT 'https://master_node/snapshot/repository_name/snapshot_id?wait_for_completion=true_ should work
Additional Details
Plugins repository-s3
Screenshots “Token expired: current date/time 1730190842 must be before the expiration date/time 1729863829 (Service: Sts, Status Code: 400, Request ID…”
Host/Environment (please complete the following information):
Additional context Official doc is missing option for S3 repository plugin using AWS Web Identity Token for Helm Chart deployments. So we did config similar to 7982.