I’m having a lot of trouble getting my Kibana server to start up when deploying OpenDistro w/ CertManager on GKE. The deployment was successful. When trying to view the Kibana server, it just returns:
upstream connect error or disconnect/reset before headers. reset reason: connection termination
The logs indicate this error
{"type":"log","@timestamp":"2021-03-25T06:32:32Z","tags":["error","elasticsearch","data"],"pid":1,"message":"[ConnectionError]: write EPROTO 140580982704000:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:\n"}
I’ve spent a week trying to figure out what the issue so any help would be greatly appreciated!
Here’s my installation:
Install Cert-Manager
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.yaml
Create namespace
export NAMESPACE="logging"
Set ServiceAccount as secret
kubectl -n ${NAMESPACE} create secret generic kibanaserver-user \
--from-literal=username=kibanaserver \
--from-literal=password=kibanaserver \
--from-literal=cookie="$(date +%s | sha256sum | head -c 128; echo)"
Set issuers and certificates via cert-manager
kubectl apply -f opendistro-es-custom/opendistro-es-tls.yaml -n ${NAMESPACE}
Install via helm
RELEASE_NAME="elasticsearch"
git clone https://github.com/opendistro-for-elasticsearch/opendistro-build
cd opendistro-build/helm/opendistro-es/
git fetch --all --tags
git checkout tags/v1.13.1
helm package .
helm upgrade --install ${RELEASE_NAME} opendistro-es-1.13.1.tgz \
--namespace=${NAMESPACE} \
--values=../../../opendistro-es-custom/values-opendistro.yaml
My value yaml files are below: