Healthchecks in elastic-docker-tls.yml always pass.

[ryanhockstad]

The current healthchecks, which look like this: curl --cacert $CERTS_DIR/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi, pass even if a node is exposed on a port other than 9200, or if the node is not accessible for some reason. The echo commands both return a response code of 0.

Getting rid of the if statement fixes this, but we could also add logic to the healthcheck based on the http response code.

[lcawl]

I believe this issue relates to the config files referenced in https://www.elastic.co/guide/en/elastic-stack-get-started/master/get-started-docker.html @debadair

[lockewritesdocs]

@lcawl, I'm currently updating these instructions in #1888. I'll be updating the section for Docker Compose with TLS in a separate PR, which will be the only Docker Compose option.

The healthcheck in question is in elastic-docker-tls.yml, which would need to change with security enabled by default. Something like:

curl --cacert %ES_HOME%\tls_auto_config_<timestamp>\http_ca.crt -u elastic https://localhost:9200

@ryanhockstad, I think that the same issue might persist with this command. Can you help with the logic for implementing a healthcheck based on the HTTP response code?