Open Jerrimikkihvatai opened 1 month ago
[Triage]
Thanks for opening the issue, there is a similar issue in past https://github.com/opensearch-project/opensearch-k8s-operator/issues/308 on updating the additionalConfig
to opensearch.yml
, @Jerrimikkihvatai is it possible for you to contribute to fix bug?
Not add values part of opensearch.yml
are supported via env
, so there needs to be a way to load the additionalConfig
to opensearch.yml
.
Thank you
@swoehrl-mw @getsaurabh02
What is the bug?
Firstly, I appreciate the developers' work on this project. However, certificate rotation is one of the most painful things about this operator
According to this issue there is an bug with configuring plugins.security.XXX I am trying to set
plugins.security.ssl_cert_reload_enabled: "true"
but obviously to not avail. There are several ways to configure opensearch:i get this error
that says that I cant set this var via api)
How can one reproduce the bug?
Try to enable plugins.security.ssl_cert_reload_enabled: "true" in your deployment
What is the expected behavior?
I expect to successfully set ssl hot reload
Do you have any additional context?
Seems that such important settings should be available to be configured. I see two ways of it: 1) Create a field in the CRD that enables hot certificate reload 2) Set OpenSearchCluster.spec.general.additionalConfig directly into opensearch.yml, not into the envs
Am I wrong or is there any way to enable cert reloading? If yes, it should be described in docs