Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potentially allow disabling the creation of the elastic user. #7719

Closed
naemono opened this issue Apr 16, 2024 · 0 comments · Fixed by #7723
Closed

Potentially allow disabling the creation of the elastic user. #7719

naemono opened this issue Apr 16, 2024 · 0 comments · Fixed by #7723
Assignees
@naemono
Labels
discuss We need to figure this out >enhancement Enhancement of existing functionality

Comments

@naemono
Copy link
Contributor

naemono commented Apr 16, 2024
edited
Loading

Currently the ECK Operator always creates the public-facing elastic user with superuser role for any Elasticsearch cluster. This issue is created to discuss if we should allow for this to be disabled on a per-cluster basis, and if so what would need to change for this to happen.

Known changes that would have to occur:

  1. eck-diagnostics: This uses the elastic user by default. We would need to add the option of specifying a username/password combination to use that had sufficient privileges.
  2. documentation: We reference this user in our docs. We would need to augment these to note that this user can be disabled.
  3. e2e tests: We would likely want to add an e2e test that disables this user and verifies the lack of the k8s secret.

To discuss:

  1. Any concerns for pursuing this?
  2. Are there any further integrations that we are unaware of that would cause issues when disabling this user?
@naemono naemono added the discuss We need to figure this out label Apr 16, 2024
@naemono naemono self-assigned this Apr 16, 2024
@botelastic botelastic bot added the triage label Apr 16, 2024
@thbkrkr thbkrkr added the >enhancement Enhancement of existing functionality label Apr 18, 2024
@botelastic botelastic bot removed the triage label Apr 18, 2024
@naemono naemono mentioned this issue Apr 22, 2024
Merged
5 tasks
This was referenced Jun 28, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@naemono naemono

Labels
discuss We need to figure this out >enhancement Enhancement of existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow disabling of elastic user. naemono/cloud-on-k8s
2 participants
@thbkrkr @naemono