-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup-elastic.sh
More file actions
executable file
·166 lines (161 loc) · 4.15 KB
/
setup-elastic.sh
File metadata and controls
executable file
·166 lines (161 loc) · 4.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
#!/usr/bin/env bash
set -e
# Deploy ElasticSearch CLuster
helm upgrade --install --wait --timeout 35m --atomic --namespace elastic --create-namespace \
--repo https://helm.elastic.co eck-operator eck-operator --values - <<EOF
replicaCount: 2
config:
metrics:
port: "9200"
podMonitor:
enabled: true
EOF
helm upgrade --install --wait --timeout 35m --atomic --namespace elastic --create-namespace \
--repo https://helm.elastic.co eck-stack eck-stack --values - <<'EOF'
eck-elasticsearch:
enabled: true
nodeSets:
- name: default
count: 1
config:
node.store.allow_mmap: false
xpack.security.authc:
anonymous:
username: anonymous_user
roles: remote_monitoring_collector
authz_exception: true
podTemplate:
spec:
containers:
- name: elasticsearch-exporter
image: quay.io/prometheuscommunity/elasticsearch-exporter:v1.9.0
ports:
- containerPort: 9114
name: metrics
env:
- name: ES_URI
value: "http://elasticsearch-es-http:9200"
- name: ES_PASSWORD
valueFrom:
secretKeyRef:
name: elasticsearch-es-elastic-user
key: elastic
- name: ES_USERNAME
value: "elastic"
args:
- --es.uri=$(ES_URI)
- --es.all
- --web.listen-address=:9114
- --web.telemetry-path=/metrics
- --es.ssl-skip-verify
resources:
requests:
memory: "64Mi"
cpu: "50m"
limits:
memory: "128Mi"
cpu: "100m"
securityContext:
runAsUser: 1000 # Match Elasticsearch user ID
runAsGroup: 1000
allowPrivilegeEscalation: false
version: 8.12.0
monitoring:
metrics:
elasticsearchRefs:
- name: elasticsearch
namespace: elastic
http:
tls:
selfSignedCertificate:
disabled: true
ingress:
enabled: true
className: nginx
hosts:
- host: elastic.kind.cluster
path: /
eck-kibana:
enabled: true
config:
monitoring.kibana.collection.enabled: true
monitoring.ui.enabled: true
status.allowAnonymous: true
podTemplate:
spec:
containers:
- name: kibana-prometheus-exporter
image: chamilad/kibana-prometheus-exporter:v8.7.x.2
args:
- -kibana.uri=https://localhost:5601
- -kibana.skip-tls=true
- -wait=true
securityContext:
privileged: false
allowPrivilegeEscalation: false
resources:
limits:
memory: 100Mi
cpu: 100m
requests:
cpu: 10m
memory: 50Mi
ports:
- containerPort: 9684
name: metrics
livenessProbe:
httpGet:
path: /healthz
port: 9684
initialDelaySeconds: 10
periodSeconds: 10
version: 8.12.0
monitoring:
metrics:
elasticsearchRefs:
- name: elasticsearch
namespace: elastic
ingress:
enabled: true
className: nginx
annotations:
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
hosts:
- host: kibana.kind.cluster
EOF
cat << EOF | kubectl apply -f -
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: elasticsearch-metrics
namespace: elastic
spec:
selector:
matchLabels:
elasticsearch.k8s.elastic.co/cluster-name: elasticsearch # Directly select ES pods
podMetricsEndpoints:
- port: metrics # The name of the port exposed by the ES pod (ECK sets this automatically)
path: /metrics
interval: 30s
namespaceSelector:
matchNames:
- elastic
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: kibana-metrics
namespace: elastic
spec:
selector:
matchLabels:
kibana.k8s.elastic.co/name: eck-stack-eck-kibana
podMetricsEndpoints:
- port: metrics
path: /metrics
interval: 30s
namespaceSelector:
matchNames:
- elastic
EOF