From bc3042fbb66f6a231056d665f2f82cdc6f6d4a3b Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Thu, 9 Mar 2017 15:59:06 -0700 Subject: Bug 1428711 - [IntService_public_324] ES pod is unable to read searchguard.truststore after upgarde logging from 3.3.1 to 3.5.0 https://bugzilla.redhat.com/show_bug.cgi?id=1428711 The list of secrets for elasticsearch was missing searchguard.truststore --- roles/openshift_logging/tasks/generate_secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_logging/tasks/generate_secrets.yaml b/roles/openshift_logging/tasks/generate_secrets.yaml index 81fac8b5e..0f8e7ae58 100644 --- a/roles/openshift_logging/tasks/generate_secrets.yaml +++ b/roles/openshift_logging/tasks/generate_secrets.yaml @@ -64,7 +64,7 @@ admin-ca={{generated_certs_dir}}/ca.crt admin.jks={{generated_certs_dir}}/system.admin.jks -o yaml vars: secret_name: logging-elasticsearch - secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key"] + secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key", "searchguard.truststore"] register: logging_es_secret when: secret_name not in openshift_logging_facts.elasticsearch.secrets or secret_keys | difference(openshift_logging_facts.elasticsearch.secrets["{{secret_name}}"]["keys"]) | length != 0 -- cgit v1.2.3