diff --git a/docs/modules/opensearch/examples/getting_started/opensearch-security-config.yaml b/docs/modules/opensearch/examples/getting_started/opensearch-security-config.yaml index 116ea90..dde39f1 100644 --- a/docs/modules/opensearch/examples/getting_started/opensearch-security-config.yaml +++ b/docs/modules/opensearch/examples/getting_started/opensearch-security-config.yaml @@ -14,7 +14,6 @@ stringData: _meta: type: allowlist config_version: 2 - config: enabled: false audit.yml: | @@ -22,7 +21,6 @@ stringData: _meta: type: audit config_version: 2 - config: enabled: false config.yml: | @@ -30,7 +28,6 @@ stringData: _meta: type: config config_version: 2 - config: dynamic: authc: @@ -50,14 +47,12 @@ stringData: _meta: type: internalusers config_version: 2 - admin: hash: $2y$10$xRtHZFJ9QhG9GcYhRpAGpufCZYsk//nxsuel5URh0GWEBgmiI4Q/e reserved: true backend_roles: - - admin + - admin description: OpenSearch admin user - kibanaserver: hash: $2y$10$vPgQ/6ilKDM5utawBqxoR.7euhVQ0qeGl8mPTeKhmFT475WUDrfQS reserved: true @@ -77,16 +72,14 @@ stringData: _meta: type: rolesmapping config_version: 2 - all_access: reserved: false backend_roles: - - admin - + - admin kibana_server: reserved: true users: - - kibanaserver + - kibanaserver tenants.yml: | --- _meta: diff --git a/docs/modules/opensearch/examples/getting_started/opensearch.yaml b/docs/modules/opensearch/examples/getting_started/opensearch.yaml index 24c44f6..d56f87b 100644 --- a/docs/modules/opensearch/examples/getting_started/opensearch.yaml +++ b/docs/modules/opensearch/examples/getting_started/opensearch.yaml @@ -5,39 +5,34 @@ metadata: name: simple-opensearch spec: image: - custom: opensearchproject/opensearch:3.1.0 productVersion: 3.1.0 nodes: roleGroups: default: replicas: 3 - envOverrides: - DISABLE_INSTALL_DEMO_CONFIG: "true" configOverrides: opensearch.yml: plugins.security.allow_default_init_securityindex: "true" plugins.security.restapi.roles_enabled: all_access plugins.security.ssl.transport.enabled: "true" - plugins.security.ssl.transport.pemcert_filepath: /usr/share/opensearch/config/tls/tls.crt - plugins.security.ssl.transport.pemkey_filepath: /usr/share/opensearch/config/tls/tls.key - plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/opensearch/config/tls/ca.crt + plugins.security.ssl.transport.pemcert_filepath: /stackable/opensearch/config/tls/tls.crt + plugins.security.ssl.transport.pemkey_filepath: /stackable/opensearch/config/tls/tls.key + plugins.security.ssl.transport.pemtrustedcas_filepath: /stackable/opensearch/config/tls/ca.crt plugins.security.ssl.http.enabled: "true" - plugins.security.ssl.http.pemcert_filepath: /usr/share/opensearch/config/tls/tls.crt - plugins.security.ssl.http.pemkey_filepath: /usr/share/opensearch/config/tls/tls.key - plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/opensearch/config/tls/ca.crt + plugins.security.ssl.http.pemcert_filepath: /stackable/opensearch/config/tls/tls.crt + plugins.security.ssl.http.pemkey_filepath: /stackable/opensearch/config/tls/tls.key + plugins.security.ssl.http.pemtrustedcas_filepath: /stackable/opensearch/config/tls/ca.crt podOverrides: spec: containers: - name: opensearch volumeMounts: - name: security-config - mountPath: /usr/share/opensearch/config/opensearch-security + mountPath: /stackable/opensearch/config/opensearch-security readOnly: true - name: tls - mountPath: /usr/share/opensearch/config/tls + mountPath: /stackable/opensearch/config/tls readOnly: true - securityContext: - fsGroup: 1000 volumes: - name: security-config secret: @@ -48,7 +43,7 @@ spec: metadata: annotations: secrets.stackable.tech/class: tls - secrets.stackable.tech/scope: node,pod,service=simple-opensearch,service=simple-opensearch-nodes-default + secrets.stackable.tech/scope: node,pod,service=simple-opensearch,service=simple-opensearch-nodes-default,service=simple-opensearch-nodes-default-headless spec: storageClassName: secrets.stackable.tech accessModes: