Updated deploy-elastic script – version 8

Last update to version 7 is listed here The original post for the deploy-elastic.sh script is here. Changes: fully tested from 6.x-8.2(will most likely work with future 8.x versions) decoupled non stack modes from checking versions so that you can add the secondary components like monitoring/fleet/apm/enterprise-search using different version than the stack version. Just install the stack first then install the secondary components with different versions. Secondary versions can not be higher than the stack version. This will allow you to test using different versions fleet setting is now auto-populated. The script will gather the machines external IP and set… Continue Reading


Updated deploy-elastic script – version 7

UPDATE 3/30/2022 – another update was made to make fleet deployments easier. This is explained on this post The original post for the deploy-elastic.sh script is here. Made some updates so I thought I would post it on a new post. Changes: 8.x is now supported. You can use the script for any versions 6.x-8.x. full – modes are removed. The script is additive so if you deploy only the stack and want to add features on top you can run it again with the feature you want to add. You can add multiple features to your stack. Starting stack… Continue Reading


elasticsearch stack monitoring on kubernetes(ECK)

UPDATE: Since ECK operator 1.7 there is a new way to deploy stack monitoring. I’ve added the section at the end to cover for this. The old method still works and depending on your use case you can still use the old method versus new. The main difference between the OLD and NEW is that the OLD method uses filebeat and metricbeat pods while the new method uses filebeat and metricbeat sidecar containers. Lets get started with monitoring your elastic stack in kubernetes. There are multiple ways of doing this and I will divide this up into 3 sections, using… Continue Reading


How to run setup for various beats(filebeat, metricbeat, & more) in kubernetes to load dashboards and more

Whenever you install beats or update beats its best if you run the setup so that the setup will update your index templates, ILM, visualizations, etc. I found that its always best before installing or upgrading to use a seed host to just run the setup before deploying or updating across your environment and to turn off template updates and dashboard loading on the beats locally so that your elasticsearch cluster is not flooded. In a baremetal environment this is easy to do but in docker and in kubernetes it gets a bit difficult. Sure you can setup a initContainer… Continue Reading


Enterprisesearch with elasticsearch in docker container

Enterprisesearch in docker container Previously, on this post I’ve created a script to deploy the elastic stack using docker containers. Enterprise search was released as of 7.7.0 and it provides both AppSearch and WorkplaceSearch into a single solution. deploy-elastic.sh script I’ve added the entsearch mode so that you can deploy the Enterprisesearch and use it for AppSearch and WorkplaceSearch. Simple run ./deploy-elastic.sh entsearch 7.15.1 The script will check to see if your stack is 7.15+ or else it will exit. Enterprisesearch will be stood up using a container named entsearch Enterprisesearch will listen on port 3002 (standard port) Enterprisesearch is… Continue Reading


Fleet server with elasticsearch in docker container

UPDATE – 3/30/2022: another 8.1.x update to automatically populate the CA trusted fingerprint and the Advanced YAML settings to add the generated ca.crt onto fleet for easier use – Please go to the bottom of the article for an explaination UPDATE: 8.1.0 release introduced some changes where the default policies are no longer created on default and you will need to manually create it. I will add the steps to the end of the document Fleet server in docker container Fleet & Fleet server was released as of 7.14.0 and it uses the elastic-agent as a single, unified way to… Continue Reading


Helm charts to install the Elastic Stack using minikube

On the previous post we used the minikube wrapper kube.sh to install ECK – Elastic Cloud on Kubernetes. ECK uses an operator that was created by Elastic to deploy and orchestrate the Elastic Stack in kubernetes. ECK is not the only way to install elasticsearch in kubernetes, you can also use Helm charts to install the Stack. What is the difference between an operator and helm charts? Helm Helm is a package management system for kubernetes. The packaging format is called charts. In OS terms its like rpm or deb packages. An application is packed into a package that can… Continue Reading


Quickly deploy elasticsearch with docker

UPDATE: there is a new version that was released in March 2022 and you can read about it here I needed a way to quickly stand up various versions of elasticsearch for testing. Sometimes just 1 instance was needed and at other time a small cluster and configure it with TLS and security settings. I spent way too much time installing and reinstalling the software on my vm and knew that this will not work well for me. So I set out to look for a light weight, portable, fast, re-produce-able solution that I can quickly stand up and delete… Continue Reading