Multiple Node Deployment on AWS ECS

Hello and thank you so much for the wonderful work on open distro,

I am not an actual server guy and I use docker to get the readily built software and its requirements and just deploy it with some tweakings on the settings.

I chose aws ecs to manage my elastic stack containers + application load balancer to balance my nodes and acm for my ssl. I am currently struggling with the TLS setup part, I generated my own self signed ssl certificates here Add your own SSL certificates to Open Distro for Elasticsearch | AWS Open Source Blog and successfully launched a single node, but on ECS I set my service to launch at least 2 minimum tasks. So the 2 elasticsearch task run properly, the problem is they are not seeing each other and on my elasticsearch.yml I have this horus
network.publish_host: _ec2:privateIp_
transport.publish_host: _ec2:privateIp_
discovery.zen.hosts_provider: ec2
discovery.ec2.tag.ElasticSearch: horus
discovery.ec2.endpoint: ec2.${REGION}
s3.client.default.endpoint: s3.${REGION}
cloud.node.auto_attributes: true
cluster.routing.allocation.awareness.attributes: aws_availability_zone

opendistro_security.ssl.transport.pemcert_filepath: odfe-node1.pem
opendistro_security.ssl.transport.pemkey_filepath: odfe-node1.key
opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
opendistro_security.ssl.transport.enforce_hostname_verification: false

It was actually working with the regular elasticsearch distribution from but not on opendistro, I believe the problem is on the ssl transport key.

Do I need to create a pemcert and pemkey on every node? My nodes on ecs are dynamically created… Can someone point me to right direction, thank you so much!

Hello, Were you able to make it work?