Cloud-on-k8s: xpack.security.enabled is not user configurable

Created on 2 Jul 2019 · 5Comments · Source: elastic/cloud-on-k8s

I want create xpack.security.enabled=false cluster, but get this error when I want to create it.

here is the yaml file
apiVersion: elasticsearch.k8s.elastic.co/v1alpha1
kind: Elasticsearch
metadata:
name: noauth
spec:
version: 7.1.0
nodes:

nodeCount: 1
config:
node.master: true
node.data: true
node.ingest: true
xpack.security.enabled: false
podTemplate:
spec:
containers:
- name: elasticsearch
resources:
limits:
memory: 2Gi
cpu: 1
http:
service:
spec:
type: NodePort

Source

Pandoraemon

👍3

Most helpful comment

+1
It is better to let the users choose.

wangycc on 29 Oct 2019

👍11

All 5 comments

This is by design: we don't support running clusters with security disabled.

pebrc on 2 Jul 2019

+1
It is better to let the users choose.

wangycc on 29 Oct 2019

👍11

@wangycc @Pandoraemon You can disable it by setting on the node sets the following:

env:
- name: xpack.security.enabled
  value: "false"
- name: READINESS_PROBE_PROTOCOL
  value: http

This should disable it via the env var settings in the docker container's entrypoint and the latter should tell the readiness probe to use proper protocol.

Battleroid on 13 Dec 2019

👍4

@Battleroid Thanks

wangycc on 19 Dec 2019

@wangycc @Pandoraemon You can disable it by setting on the node sets the following:
env:
- name: xpack.security.enabled
  value: "false"
- name: READINESS_PROBE_PROTOCOL
  value: http
This should disable it via the env var settings in the docker container's entrypoint and the latter should tell the readiness probe to use proper protocol.

Is it safe for cluster upgrades?