New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] The 2.12.0 initial deployment prevents the usage of the custom internal_users.yml file. #4098
Comments
The reported error appears when both internal_users and extraEnvs OPENSEARCH_INITIAL_ADMIN_PASSWORD are defined in values.yml during the deployment. |
@prudhvigodithi Can you please help here since I believe you are familiar with this issue? |
While we wait for inputs from @prudhvigodithi, If your use-case is to setup demo certificates via demo config, you can instead generate custom certs and mount them. Here is a possible solution: opensearch-project/helm-charts#519 (comment) Also, this issue seems to be duplicate of: #3891, and here is a solution from @prudhvigodithi to address that issue: #3891 (comment) |
Hey, to make it work with helm charts with this new security change, the way is to create the
Set the Adding @peterzhuamazon @bbarani |
[Triage] Hi @tomte76 thanks for filing this issue. It seems like there is already some work being put into this issue. |
Resolving it as duplicate of #3891 |
Upgrade to 2.12.0, in my case using helm on kubernetes, failed with an error message related to setting OPENSEARCH_INITIAL_ADMIN_PASSWORD. The error message is:
Exception updating the admin password : /usr/share/opensearch/config/opensearch-security/internal_users.yml: Device or resource busy
As I understand the user pablo in the forum, you can use any deployment with defined internal users in the values.yml or in my case having an existing kubernetes secret used in the helm deployment and new parameter set in values.yaml:
extraEnvs:
value: "some_strong_password_here"
Please find more information in the forum discussion.
What is the expected behavior?
Upgrade succeeds and the existing security configuration is preserved.
What is your host/environment?
The text was updated successfully, but these errors were encountered: