Remove hard coded opensearch.yml

Signed-off-by: Derek Ho <[email protected]>
opensearch-project · Dec 7, 2023 · eefa4ed · eefa4ed
1 parent 5bb0531
commit eefa4ed
Show file tree

Hide file tree

Showing 3 changed files with 75 additions and 66 deletions.
diff --git a/charts/opensearch/CHANGELOG.md b/charts/opensearch/CHANGELOG.md
@@ -13,6 +13,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
 ### Security
 ---
+## [2.17.1]
+### Added
+### Changed
+### Deprecated
+### Removed
+- Removed hard coded opensearch.yml
+### Fixed
+### Security
+---
 ## [2.17.0]
 ### Added
 - Updated OpenSearch appVersion to 2.11.1

diff --git a/charts/opensearch/Chart.yaml b/charts/opensearch/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.17.0
+version: 2.17.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/charts/opensearch/values.yaml b/charts/opensearch/values.yaml
@@ -31,71 +31,71 @@ global:
 # Allows you to add any config files in {{ .Values.opensearchHome }}/config
 opensearchHome: /usr/share/opensearch
 # such as opensearch.yml and log4j2.properties
-config:
-  # Values must be YAML literal style scalar / YAML multiline string.
-  # <filename>: |
-  #   <formatted-value(s)>
-  # log4j2.properties: |
-  #   status = error
-  #
-  #   appender.console.type = Console
-  #   appender.console.name = console
-  #   appender.console.layout.type = PatternLayout
-  #   appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
-  #
-  #   rootLogger.level = info
-  #   rootLogger.appenderRef.console.ref = console
-  opensearch.yml: |
-    cluster.name: opensearch-cluster
-
-    # Bind to all interfaces because we don't know what IP address Docker will assign to us.
-    network.host: 0.0.0.0
-
-    # Setting network.host to a non-loopback address enables the annoying bootstrap checks. "Single-node" mode disables them again.
-    # Implicitly done if ".singleNode" is set to "true".
-    # discovery.type: single-node
-
-    # Start OpenSearch Security Demo Configuration
-    # WARNING: revise all the lines below before you go into production
-    plugins:
-      security:
-        ssl:
-          transport:
-            pemcert_filepath: esnode.pem
-            pemkey_filepath: esnode-key.pem
-            pemtrustedcas_filepath: root-ca.pem
-            enforce_hostname_verification: false
-          http:
-            enabled: true
-            pemcert_filepath: esnode.pem
-            pemkey_filepath: esnode-key.pem
-            pemtrustedcas_filepath: root-ca.pem
-        allow_unsafe_democertificates: true
-        allow_default_init_securityindex: true
-        authcz:
-          admin_dn:
-            - CN=kirk,OU=client,O=client,L=test,C=de
-        audit.type: internal_opensearch
-        enable_snapshot_restore_privilege: true
-        check_snapshot_restore_write_privileges: true
-        restapi:
-          roles_enabled: ["all_access", "security_rest_api_access"]
-        system_indices:
-          enabled: true
-          indices:
-            [
-              ".opendistro-alerting-config",
-              ".opendistro-alerting-alert*",
-              ".opendistro-anomaly-results*",
-              ".opendistro-anomaly-detector*",
-              ".opendistro-anomaly-checkpoints",
-              ".opendistro-anomaly-detection-state",
-              ".opendistro-reports-*",
-              ".opendistro-notifications-*",
-              ".opendistro-notebooks",
-              ".opendistro-asynchronous-search-response*",
-            ]
-    ######## End OpenSearch Security Demo Configuration ########
+# config:
+#   # Values must be YAML literal style scalar / YAML multiline string.
+#   # <filename>: |
+#   #   <formatted-value(s)>
+#   # log4j2.properties: |
+#   #   status = error
+#   #
+#   #   appender.console.type = Console
+#   #   appender.console.name = console
+#   #   appender.console.layout.type = PatternLayout
+#   #   appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n
+#   #
+#   #   rootLogger.level = info
+#   #   rootLogger.appenderRef.console.ref = console
+#   opensearch.yml: |
+#     cluster.name: opensearch-cluster
+
+#     # Bind to all interfaces because we don't know what IP address Docker will assign to us.
+#     network.host: 0.0.0.0
+
+#     # Setting network.host to a non-loopback address enables the annoying bootstrap checks. "Single-node" mode disables them again.
+#     # Implicitly done if ".singleNode" is set to "true".
+#     # discovery.type: single-node
+
+#     # Start OpenSearch Security Demo Configuration
+#     # WARNING: revise all the lines below before you go into production
+#     plugins:
+#       security:
+#         ssl:
+#           transport:
+#             pemcert_filepath: esnode.pem
+#             pemkey_filepath: esnode-key.pem
+#             pemtrustedcas_filepath: root-ca.pem
+#             enforce_hostname_verification: false
+#           http:
+#             enabled: true
+#             pemcert_filepath: esnode.pem
+#             pemkey_filepath: esnode-key.pem
+#             pemtrustedcas_filepath: root-ca.pem
+#         allow_unsafe_democertificates: true
+#         allow_default_init_securityindex: true
+#         authcz:
+#           admin_dn:
+#             - CN=kirk,OU=client,O=client,L=test,C=de
+#         audit.type: internal_opensearch
+#         enable_snapshot_restore_privilege: true
+#         check_snapshot_restore_write_privileges: true
+#         restapi:
+#           roles_enabled: ["all_access", "security_rest_api_access"]
+#         system_indices:
+#           enabled: true
+#           indices:
+#             [
+#               ".opendistro-alerting-config",
+#               ".opendistro-alerting-alert*",
+#               ".opendistro-anomaly-results*",
+#               ".opendistro-anomaly-detector*",
+#               ".opendistro-anomaly-checkpoints",
+#               ".opendistro-anomaly-detection-state",
+#               ".opendistro-reports-*",
+#               ".opendistro-notifications-*",
+#               ".opendistro-notebooks",
+#               ".opendistro-asynchronous-search-response*",
+#             ]
+#     ######## End OpenSearch Security Demo Configuration ########
   # log4j2.properties:
 
 # Extra environment variables to append to this nodeGroup