New elastic kubernetes script – deploy-elastick8s.sh

The old deploy-eck.sh script have grown and matured a bit and now it encompasses helm charts and native installs. I renamed the script to be more inclusive of its features. All of the older articles will reference this post. The new script is located deploy-elastick8s.sh This script was designed to easily stand up elastic and its stack on kubernetes in various modes to easily test and replicate issues for troubleshooting and to setup examples for various workloads. The deployments that this script creates is not for production use but to be used as lab or test environments. This post will… Continue Reading


How to increase space for your elasticsearch instances in k8s on ECK

One of the most common issues of running elasticsearch on k8s is the need to increase space for your elasticsearch-data volume. It is very simple to do so lets demo it. I stood up an environment using my deploy-eck.sh script $ kubectl get pods,pvc NAME READY STATUS RESTARTS AGE pod/eck-lab-es-data-0 1/1 Running 0 112m pod/eck-lab-es-data-1 1/1 Running 0 112m pod/eck-lab-es-data-2 1/1 Running 0 112m pod/eck-lab-es-master-0 1/1 Running 0 112m pod/eck-lab-es-master-1 1/1 Running 0 112m pod/eck-lab-es-master-2 1/1 Running 0 8m12s pod/eck-lab-kb-794785d7f7-zxqlk 1/1 Running 0 110m NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE persistentvolumeclaim/elasticsearch-data-eck-lab-es-data-0 Bound pvc-4081bb0d-1664-46fe-97bd-08520075bbdc 1Gi RWO standard 112m persistentvolumeclaim/elasticsearch-data-eck-lab-es-data-1… Continue Reading


Fun things with Elastic’s Fleet server & elastic-agent

There are many fun things we can do with the fleet server & elastic-agent To understand how to edit and change settings to do fun things with fleet server, first you have to understand how fleet server works with kibana & elasticsearch and elastic-agent. Fleet server itself is elastic-agent that runs in a server mode. It needs to communicate with both kibana and elasticsearch as well as elastic-agent. It uses elasticsearch as its config manager to store configurations so that it can configure & keep track of elastic-agents that is registered against it. Kibana is used to configure fleet server,… Continue Reading


deploy-eck update 1

OUTDATED – Please use this link for the new script and instructions https://www.gooksu.com/2022/09/new-elastic-kubernetes-script-deploy-elastick8s-sh/ I developed the deploy-eck.sh script to easily deploy the elastic stack in k8s to quickly test things. Did a quick update to the script. operator mode. Now you can run the script just to deploy the operator only and apply a trial license. You can develop your own test cases etc in this mode. If you work out of ~/eckstack and name your manifest files *.yaml when you run the deploy-eck.sh cleanup it will cleanup all of your items as well. > ./deploy-eck.sh cleanup ********** Cleaning up… Continue Reading


Mounting certificates/CAs for elasticsearch pods in k8s for custom configurations – ECK

When you deploy elasticsearch in k8s via ECK by default it takes care of the transport certificates/http certificates/CA creation if you don’t use your own custom ones. Lets say that your cluster is up and running and now you are trying to configure something like SAML/LDAP/OIDC or something else that requires content to be made available to the elasticsearch pod but its a bit sensitive so you need it to be stored as a secret such as CA, certificates, etc. How would you go about doing this? Following example will add a custom certificate authority to be used with your… Continue Reading


Updated deploy-elastic script – version 9

Last update to version 8 is listed here The original post for the deploy-elastic.sh script is here Changes: Starting 7.12.x added node.roles. es01 & es02 is tagged as data_content & data_hot and es03 is tagged as data_frozen. This will allow users to play with the frozen tier, configure searchable snapshots, partically mounted indices, restored indices, and more. (make sure to run the script with snapshot option so that minio is stood up) LDAP mode was added. To test various role_mappings and for basic ldap authentication configurations and settings LDAP mode was added and it will work with any versions of… Continue Reading


Fleet server with logstash output – elastic-agent

I think one of the biggest issue with fleet and elastic-agent was that it was limited on the outputs so if you had tons and tons of elastic-agents in the wild it would all connect back to your elasticsearch and can overwhelm the cluster. Starting 8.2 of elasticsearch logstash output type was introduced.. it is still in BETA at this time but I just tried it and it worked very nicely! The steps to setup the logstash output is listed on https://www.elastic.co/guide/en/fleet/8.2/secure-logstash-connections.html but I wanted to try it out and document it. Install & configure logstash Install yum install logstash-8.2.2… Continue Reading


Updated deploy-elastic script – version 8

Last update to version 7 is listed here The original post for the deploy-elastic.sh script is here. Changes: fully tested from 6.x-8.2(will most likely work with future 8.x versions) decoupled non stack modes from checking versions so that you can add the secondary components like monitoring/fleet/apm/enterprise-search using different version than the stack version. Just install the stack first then install the secondary components with different versions. Secondary versions can not be higher than the stack version. This will allow you to test using different versions fleet setting is now auto-populated. The script will gather the machines external IP and set… Continue Reading


Updated deploy-elastic script – version 7

UPDATE 3/30/2022 – another update was made to make fleet deployments easier. This is explained on this post The original post for the deploy-elastic.sh script is here. Made some updates so I thought I would post it on a new post. Changes: 8.x is now supported. You can use the script for any versions 6.x-8.x. full – modes are removed. The script is additive so if you deploy only the stack and want to add features on top you can run it again with the feature you want to add. You can add multiple features to your stack. Starting stack… Continue Reading