Bug
The Kibana readiness health checks in roles/kibana/tasks/main.yml and roles/kibana/tasks/restart_and_verify_kibana.yml hardcode http://localhost:5601/api/status. When kibana_tls: true, Kibana only listens on HTTPS, so the check never gets a 200/401 response and retries for 5 minutes (60 × 5s) before timing out.
Impact
- Deployment takes ~5 minutes longer than necessary per Kibana node
- The health check always "succeeds" by timeout (retries exhausted), not by actual readiness
- No CI scenario tests
kibana_tls: true, so this was never caught
Fix
Replace the hardcoded http:// with a conditional based on kibana_tls:
{{ 'https' if kibana_tls | default(false) else 'http' }}://localhost:5601/api/statusAffected files:
roles/kibana/tasks/main.yml (line ~152)roles/kibana/tasks/restart_and_verify_kibana.yml (line ~27)
Suggestion
Add a molecule scenario (or extend kibana_custom_certs) that tests with kibana_tls: true to prevent regression.
Bug
The Kibana readiness health checks in
roles/kibana/tasks/main.ymlandroles/kibana/tasks/restart_and_verify_kibana.ymlhardcodehttp://localhost:5601/api/status. Whenkibana_tls: true, Kibana only listens on HTTPS, so the check never gets a 200/401 response and retries for 5 minutes (60 × 5s) before timing out.Impact
kibana_tls: true, so this was never caughtFix
Replace the hardcoded
http://with a conditional based onkibana_tls:{{ 'https' if kibana_tls | default(false) else 'http' }}://localhost:5601/api/statusAffected files:
roles/kibana/tasks/main.yml(line ~152)roles/kibana/tasks/restart_and_verify_kibana.yml(line ~27)Suggestion
Add a molecule scenario (or extend
kibana_custom_certs) that tests withkibana_tls: trueto prevent regression.