May 2022 – Justin Lim

4

Fleet server with logstash output – elastic-agent

Posted on May 26, 2022 by jlim0930

I think one of the biggest issue with fleet and elastic-agent was that it was limited on the outputs so if you had tons and tons of elastic-agents in the wild it would all connect back to your elasticsearch and can overwhelm the cluster. Starting 8.2 of elasticsearch logstash output type was introduced.. it is still in BETA at this time but I just tried it and it worked very nicely! The steps to setup the logstash output is listed on https://www.elastic.co/guide/en/fleet/8.2/secure-logstash-connections.html but I wanted to try it out and document it. Install & configure logstash Install yum install logstash-8.2.2… Continue Reading →

3

deploy-eck – script to automate various configurations of elasticsearch with ECK

Posted on May 26, 2022 by jlim0930

OUTDATED – Please use this link for the new script and instructions https://www.gooksu.com/2022/09/new-elastic-kubernetes-script-deploy-elastick8s-sh/ Updated! Aug 16, 2022 – https://www.gooksu.com/2022/08/deploy-eck-update-1/ I stand up and tear down elasticsearch deployments on kubernetes pretty often for various testing. I found that it was a bit cumbersome to do so by hand since my tests are usually short and specific and wanted some way to be able to stand up various versions of the ECK operator and the elasticsearch stack using various configurations for testing. Using my gke.sh script, I built the deploy-eck.sh. It is similar in function to my deploy-elastic.sh script but designed for… Continue Reading →

1

Google Cloud scripts

Posted on May 26, 2022 by jlim0930

At work we use google cloud as our lab to stand up and take down instances. As I work, I noticed that I usually stand up the same type of instance and run the same post install all the time so instead of doing this manually I decided to create a script for the compute instance and another for the kubernetes cluster. Compute Instance gcp.sh – script to automate creating and deletion of compute instance script is located: https://github.com/jlim0930/scripts/blob/master/gcp.sh edit gcp_name & gcp_project to match your environment. Also zone and region as needed – The script will stand up a… Continue Reading →

2

Updated deploy-elastic script – version 8

Posted on May 12, 2022 by jlim0930

Last update to version 7 is listed here The original post for the deploy-elastic.sh script is here. Changes: fully tested from 6.x-8.2(will most likely work with future 8.x versions) decoupled non stack modes from checking versions so that you can add the secondary components like monitoring/fleet/apm/enterprise-search using different version than the stack version. Just install the stack first then install the secondary components with different versions. Secondary versions can not be higher than the stack version. This will allow you to test using different versions fleet setting is now auto-populated. The script will gather the machines external IP and set… Continue Reading →