Apply changes with

Versions 2.0.1:

Describe the issue: I am using OpenSearch 2.0.1 version and installed it in my on-prem K8s servers.
I have disabled HTTPS access for OpenSearch as it’s inside the private cluster and for HTTPS I have my NGINX as front-ending LB.

If I am making any config changes inside OpenSearch, we need to run script to make it reflect for OpenSearch.
Is there any way to run this script or any other way by which opensearch cluster will come to know the config changes without https because as of today I have to run this script ( and for the same first I enable HTTPS access in opensearch and than run this script and than again disable the same using below configuration of opensearch.yml file false

Any help is highly appreciated

I don’t think you need to run to make OpenSearch configuration changes. If possible, I would configure OpenSearch either via the API (e.g. cluster settings) or via environment variables, for example:

Thanks for your suggestion
Can you please suggest what API you are referring to update the configuration present inside opensearch.yml file
As if I will update that configuration file, it is not taking effect untill I will run the script

Thanks a lot in advance

@vgoel @radu.gheorghe Just to be clear, the script doesn’t manage cluster/node configuration. It is used to configure security plugin.

To apply any changes with script you must use admin certificates which are defined in opensearch.yml file. Since requires certificate authentication end OpenSearch API endpoint must have SSL enabled.

Thanks Pablo

Just want to crosscheck, can I use this API

PATCH _plugins/_security/api/securityconfig

to update the security config using admin credentials
Just wanted to check whether anything it will break if I use this API

@vgoel It should work. However, I would recommend using either OpenSearch Dashboards UI or script.

Also, try testing PATCH API with dev/test environment first.

Hi @pablo/@radu.gheorghe

I may be asking a lot of question so apologies for the same
Can you please help in another topic also which I had created just now

As it becomes a big release blocker for me

will do the same