Installing OpenSearch on AWS Kubernetes with K8s Operator

OpenSearch
,
1

Versions (relevant - OpenSearch for Kubernetes):

Describe the issue:
Hi,
I attempted to install OpenSearch on an AWS Kubernetes cluster following the official documentation:

I also found this helpful video in the OpenSearch GitHub repository:
…/userguide/main.md

Configuration:

For deployment, I used the example file:
opensearch-operator/examples/2.x/opensearch-cluster.yaml

apiVersion: opensearch.opster.io/v1
kind: OpenSearchCluster
metadata:
  name: opensearch-mesalvo-cluster
  namespace: opensearch-operator
spec:
  security:
    config:
    tls:
       http:
         generate: true 
       transport:
         generate: true
         perNode: true
  general:
    httpPort: 9200
    serviceName: opensearch-mesalvo-cluster
    version: 2.14.0
    pluginsList: ["repository-s3"]
    drainDataNodes: true
  dashboards:
    tls:
      enable: true
      generate: true
    version: 2.14.0
    enable: true
    replicas: 1
    resources:
      requests:
         memory: "1Gi"
         cpu: "500m"
      limits:
         memory: "1Gi"
         cpu: "500m"
  nodePools:
    - component: masters
      replicas: 3
      resources:
         requests:
            memory: "2Gi"
            cpu: "500m"
         limits:
            memory: "2Gi"
            cpu: "500m"
      roles:
        - "data"
        - "cluster_manager"
      persistence:
         emptyDir: {}

Relevant Logs or Screenshots:
Now I tried, to check my cluster:
kubectl port-forward svc/my-cluster 9200

and I have errors:

Screenshot 2025-02-12 112540
Screenshot 2025-02-12 1125401883×250 196 KB

I appreciate your help!

2

Hi @Dmytro,

Could you reupload the error images?

best,
mj

4

Screenshot 2025-02-12 112523
Screenshot 2025-02-12 1125231891×830 383 KB

5

Screenshot 2025-02-12 113128
Screenshot 2025-02-12 1131281377×543 141 KB

6

Any ideas???

7

I have checked your config file on my lab and deployed it with no issues (k3 Rancher).
Is this issue persistent(? do you see the same errors running your cluster for a while?) as per your logs the securityconfig is not initialised but per your cluster status it is completed.

Was there any error prior to the ones you shared?

best,
mj

8

Hi,

Thank you for your response.

  1. I have installed everything in my AWS Kubernetes cluster.
  2. I encountered an issue when running the following command:
    kubectl port-forward svc/opensearch-mesalvo-cluster 9200 -n opensearch-operator

I am not receiving any response in the browser.

  1. I restarted all the pods, but I am still seeing the following errors:

[2025-02-12T18:24:45,513][ERROR][o.o.s.c.ConfigurationLoaderSecurity7] [opensearch-mesalvo-cluster-masters-0] Failure no such index [.opendistro_security] retrieving configuration for [ACTIONGROUPS, ALLOWLIST, AUDIT, CONFIG, INTERNALUSERS, NODESDN, ROLES, ROLESMAPPING, TENANTS, WHITELIST] (index=.opendistro_security)

[2025-02-12T18:33:21,836][ERROR][o.o.h.n.s.SecureNetty4HttpServerTransport] [opensearch-mesalvo-cluster-masters-0] Exception during establishing a SSL connection: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: …

thank you

9

If I try to check dashboard:
kubectl port-forward svc/opensearch-mesalvo-cluster-dashboards 5601 -n opensearch-operator
I don’t have any response as well