CSP blocks in-line script

Versions

Docker v20.10.23
Minikube v1.29.0
Kubernetes v1.26.1
OpenSearch - Operator v2.2.1


Describe the issue:

When I forward the OpenSearch dashboard to port 5601 and open http://localhost:5601 in my browser, the page loads (showing UI to enter user and password) but the console registers an error that says the Content Security Policy (CSP) has blocked in-line scripts from executing.

(Screenshot by Lightshot)

Then, when I try to access the dashboard with admin / admin it just says “invalid username/password” or returns 500 - Internal Server Error.

(Screenshot by Lightshot)

The thing is that all solutions mention modifying the content-security-policy file or attributes but I have no clue where is that file stored for my configuration.


Configuration:

This is the command order that I execute from scratch:

  1. minikube start --cpus=8 --memory=8192 (otherwise it has insufficient cpu / memory and the pods won’t load)

  2. helm repo add opensearch-operator https://opster.github.io/opensearch-k8s-operator/

  3. helm install my-opensearch-operator opensearch-operator/opensearch-operator --version 2.2.1

At this point, the controller manager pod is created correctly without errors:

Then, I navigate to the folder that contains the OpenSearch .yaml file to create the OpenSearch cluster. This is the opensearch-cluster.yaml file that I use:

apiVersion: opensearch.opster.io/v1
kind: OpenSearchCluster
metadata:
  name: my-cluster
  namespace: default
spec:
  general:
    version: 1.3.0
    httpPort: 9200
    vendor: opensearch
    serviceName: my-cluster
    pluginsList: ["repository-s3","https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/releases/download/1.3.0.0/prometheus-exporter-1.3.0.0.zip"]
  dashboards:
    version: 1.3.0
    enable: true
    replicas: 1
    resources:
      requests:
         memory: "1Gi"
         cpu: "500m"
      limits:
         memory: "1Gi"
         cpu: "500m"
  confMgmt:
    smartScaler: true
  nodePools:
    - component: masters
      replicas: 1
      diskSize: "30Gi"
      nodeSelector:
      resources:
         requests:
            memory: "1Gi"
            cpu: "500m"
         limits:
            memory: "1Gi"
            cpu: "500m"
      roles:
        - "master"
        - "data"
    - component: nodes
      replicas: 1
      diskSize: "30Gi"
      nodeSelector:
      resources:
         requests:
            memory: "1Gi"
            cpu: "500m"
         limits:
            memory: "1Gi"
            cpu: "500m"
      roles:
        - "data"
    - component: coordinators
      replicas: 1
      diskSize: "30Gi"
      nodeSelector:
      resources:
         requests:
            memory: "1Gi"
            cpu: "500m"
         limits:
            memory: "1Gi"
            cpu: "500m"
      roles:
        - "ingest"
  1. kubectl apply -f opensearch-cluster.yaml

When the command is executed, all the pods start creating.

https://prnt.sc/os7hYK1SBtCN

However, the bootstrap pod won’t create properly because of a problem with not enough max virtual memory areas.

To solve this, a command to increase that needs to be run:

  1. wsl -d docker-desktop sysctl -w vm.max_map_count=262144

Here is a screenshot of all pods finally configured.

https://prnt.sc/pnsCM06Q2FMV

  1. kubectl port-forward svc/my-cluster-dashboards 5601

  2. Open in browser: http://localhost:5601

Now when I open developer tools,

https://prnt.sc/TR4y0kUKXpys

  1. Enter credentials admin / admin

And after entering the credentials, I get this error:

500 - Internal Server Error:
https://prnt.sc/vn5AV5L3_wHz

@346pablo can you attach the screenshots directly? I’m unable to view them