Disabled Security but ES Nodes can still communicate

While researching different security configurations, I saw a comment in the Helm chart that indicated that “TLS is mandatory for the transport layer and can not be disabled”. However, when I disable security (by including “opendistro_security.disabled: true” in my elasticsearch.yml file, I notice that the Elasticsearch nodes still come up and eventually find each other. In fact, it appears Elasticsearch is fully functional at that point: I was able to use APIs to define pipelines, adjust settings, etc. I’ve exec’ed into the Elasticsearch pods and confirmed there are no SSL certs (.pem files).

So, how is that possible if TLS is really mandatory for the transport layer? Are there hidden certs somewhere? Is there some alternative security mechanism being used? Or, is the comment in the Helm chart incorrect?

@GSmith The TLS on transport layer is mandatory if you have opendistro_security enabled. If the opendistro_security is not enabled there is no need for any certs, but thats highly not recommended