0

TROUBLESHOOT swiss-army knife container image

I created a container image to help me troubleshoot issues for both docker and kubernetes. Many container images come very slim without the default OS tools so when you are troubleshooting it makes it very hard. With this image you can easily deploy this container onto the same network as your containers/pods or even as a sidecar container or even map the host network to troubleshoot host network issues. github link: https://github.com/jlim0930/troubleshoot docker hub link: https://hub.docker.com/r/jlim0930/troubleshoot TROUBLESHOOT Container to help troubleshoot issues for docker & kubernetes environments This container image was created to help troubleshoot various network/storage/OS issues inside of… Continue Reading

2

New elastic kubernetes script – deploy-elastick8s.sh

The old deploy-eck.sh script have grown and matured a bit and now it encompasses helm charts and native installs. I renamed the script to be more inclusive of its features. All of the older articles will reference this post. The new script is located deploy-elastick8s.sh This script was designed to easily stand up elastic and its stack on kubernetes in various modes to easily test and replicate issues for troubleshooting and to setup examples for various workloads. The deployments that this script creates is not for production use but to be used as lab or test environments. This post will… Continue Reading

0

Updated deploy-elastic script – version 9

Last update to version 8 is listed here The original post for the deploy-elastic.sh script is here Changes: Starting 7.12.x added node.roles. es01 & es02 is tagged as data_content & data_hot and es03 is tagged as data_frozen. This will allow users to play with the frozen tier, configure searchable snapshots, partically mounted indices, restored indices, and more. (make sure to run the script with snapshot option so that minio is stood up) LDAP mode was added. To test various role_mappings and for basic ldap authentication configurations and settings LDAP mode was added and it will work with any versions of… Continue Reading

2

Updated deploy-elastic script – version 8

Last update to version 7 is listed here The original post for the deploy-elastic.sh script is here. Changes: fully tested from 6.x-8.2(will most likely work with future 8.x versions) decoupled non stack modes from checking versions so that you can add the secondary components like monitoring/fleet/apm/enterprise-search using different version than the stack version. Just install the stack first then install the secondary components with different versions. Secondary versions can not be higher than the stack version. This will allow you to test using different versions fleet setting is now auto-populated. The script will gather the machines external IP and set… Continue Reading

9

Updated deploy-elastic script – version 7

UPDATE 3/30/2022 – another update was made to make fleet deployments easier. This is explained on this post The original post for the deploy-elastic.sh script is here. Made some updates so I thought I would post it on a new post. Changes: 8.x is now supported. You can use the script for any versions 6.x-8.x. full – modes are removed. The script is additive so if you deploy only the stack and want to add features on top you can run it again with the feature you want to add. You can add multiple features to your stack. Starting stack… Continue Reading

1

ECE(elastic cloud enterprise) snapshot repository using object storage(minio) with self-signed TLS

Just FYI this is a complete rewrite of the previous article. It should be better organized and more closely align with real world situations. We will stand up a minio server with self-signed or internally signed SSL certificate that is not publicly trusted. This guide will work with any s3 compliant object storage not just minio. The certificate that we will create will be for internal use but you can and should create a more secure certificate to be used in your environment. If you have s3 compliant object storage with publicly trusted signed SSL certificate then all you would… Continue Reading

0

Generate test data using elastic’s makelogs

When I am testing for various issues I find that I need to create some test data. The built in sample data is great but sometimes you need to keep ingesting data or ingest some older data to reproduce issues. I found this repo and it was the answers to my issue. I did not want to install this and wanted to containerize it so that I can leave my system clean yet be able to use this and re-use it again. makelogs runs fine as it is however if your ES endpoint is secured with TLS and does not… Continue Reading

0

Install and configure vaultwarden – Migrated to a new server 4 of 4

This is the third section in the 4 part series of migrating my server Install and configure the host machine Install and configure a database and webserver Install and configure a mailserver Install and configure vaultwarden – we are here Tie everything back to 1. for backups, misc, etc Tie everything back to 1. for backups, misc, etc Dockerized vaultwarden I been a bitwarden user for a long time ever since Lastpass changed it policies. I wanted to run my own instance of bitwarden but the setup is a mess and it requires a lot of resources to run. I… Continue Reading

0

Install and configure a mailserver in docker container – Migrated to a new server 3 of 4

This is the third section in the 4 part series of migrating my server Install and configure the host machine Install and configure a database and webserver Install and configure a mailserver – we are here Install and configure vaultwarden Tie everything back to 1. for backups, misc, etc Dockerized mailserver We will install a dockerized mailserver, a sort of all in one that will run a full fledged secure mail service. There are many containers that can perform this and on my previous servers I used iRedmail. The main issue with most containerized mail solutions is that it requires… Continue Reading

1

Install and configure a database and a webserver – Migrated to a new server 2 of 4

This is the second section in the 4 part series of migrating my server Install and configure the host machine Install and configure a database and webserver – we are here Install and configure a mailserver Install and configure vaultwarden Tie everything back to 1. for backups, misc, etc Dockerized services I will configure a database and a webserver(mainly wordpress container) to listen internally only and not exposed to the outside network. I will also configure a nginx-proxy and letsencrypt to provide the access from the world to the wordpress site and to generate the letsencrypt certificate. Wanted to note… Continue Reading