Skip to content

Instantly share code, notes, and snippets.

@taking
Last active March 10, 2023 02:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save taking/43a6aafdff1e86e888b72bb6d06fc22f to your computer and use it in GitHub Desktop.
Save taking/43a6aafdff1e86e888b72bb6d06fc22f to your computer and use it in GitHub Desktop.

eck-operator Installation with Helm

  • Elasticsearch, Kibana, APM Server, Enterprise Search, and Beats on Kubernetes

Step

  1. Deploy an eck-operator
  2. Deploy an Elasticsearch
  3. Deploy an Kibana

Repo

Prerequisites

  • Kubernetes 1.19+
  • Helm 3.2.0+
  • A persistent storage resource and RW access to it
  • Kubernetes StorageClass for dynamic provisioning

Document

helm update

helm repo add elastic https://helm.elastic.co
helm repo update

1. eck-operator installation

  • Deploy an eck-operator
helm install elastic-operator elastic/eck-operator \
  --create-namespace \
  --namespace elastic-system

2. Elastic installation

# Create Elasticsearch cluster
#  - 1 master nodes
#  - 2 data+ingest nodes
cat <<EOF | kubectl apply -f -
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: quickstart
  namespace: elastic-system
spec:
  version: 8.2.3
  nodeSets:
  # master nodes
  - name: masters
    count: 2
    config:
      node.roles: ["master"]
      node.store.allow_mmap: false
  # ingest-data nodes
  - name: data
    count: 3
    config:
      node.roles: ["data", "ingest"]
      node.store.allow_mmap: false
EOF
check pw
  • elastic http password
PASSWORD=$(kubectl get secret quickstart-es-elastic-user -n elastic-system -o go-template='{{.data.elastic | base64decode}}')
check es-http
ESURL=$(kubectl get -o jsonpath="{.spec.clusterIP}" services quickstart-es-http -n elastic-system)
curl -u "elastic:$PASSWORD" -k "https://$ESURL:9200"

image

3. Kibana installation

  • Deploy an Kibana
cat <<EOF | kubectl apply -f -
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
  name: quickstart
  namespace: elastic-system
spec:
  version: 8.2.3
  count: 1
  elasticsearchRef:
    name: quickstart
EOF

image

clusterIP to NodePort (Option 1)
kubectl patch svc quickstart-kb-http -n elastic-system --type='json' -p '[{"op":"replace","path":"/spec/type","value":"NodePort"},{"op":"replace","path":"/spec/ports/0/nodePort","value":32076}]'
clusterIP to NodePort (Option 2)
cat <<'EOF' | kubectl apply -f -
apiVersion: v1
kind: Service
metadata:
  name: quickstart-kb-http-external
  namespace: elastic-system
  labels:
    common.k8s.elastic.co/type: kibana
    kibana.k8s.elastic.co/name: quickstart
spec:
  ports:
  - name: https
    port: 5601
    protocol: TCP
    targetPort: 5601
    nodePort: 32076
  selector:
    common.k8s.elastic.co/type: kibana
    kibana.k8s.elastic.co/name: quickstart
  sessionAffinity: None
  type: NodePort
EOF
Connect
instance_public_ip="$(curl ifconfig.me --silent)"
echo "https://$instance_public_ip:32076"
echo "ID: elastic"
echo "PW: " $(kubectl get secret quickstart-es-elastic-user -n elastic-system -o go-template='{{.data.elastic | base64decode}}')

image

Uninstall

kubectl delete -n elastic-system \
    serviceaccount/elastic-operator \
    secret/elastic-webhook-server-cert \
    clusterrole.rbac.authorization.k8s.io/elastic-operator \
    clusterrole.rbac.authorization.k8s.io/elastic-operator-view \
    clusterrole.rbac.authorization.k8s.io/elastic-operator-edit \
    clusterrolebinding.rbac.authorization.k8s.io/elastic-operator \
    service/elastic-webhook-server \
    configmap/elastic-operator \
    validatingwebhookconfiguration.admissionregistration.k8s.io/elastic-webhook.k8s.elastic.co

kubectl delete statefulset.apps/elastic-operator -n elastic-system

helm uninstall elastic-operator -n elastic-system
kubectl delete ns elastic-system

@taking
Copy link
Author

taking commented Jul 18, 2022

(Option) all-nodes

  • Elasticsearch
# Create Elasticsearch cluster
#  - 1 master,data,ingest nodes
cat <<EOF | kubectl apply -f -
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: quickstart
  namespace: elastic-system
spec:
  version: 8.2.3
  nodeSets:
  - name: all-nodes
    count: 1
    config:
      node.roles: ["master","data","ingest"]
      node.store.allow_mmap: false
    podTemplate:
      spec:
        volumes:
        - name: elasticsearch-data
          emptyDir: {}
        affinity:
          nodeAffinity:
            requiredDuringSchedulingIgnoredDuringExecution:
              nodeSelectorTerms:
                - matchExpressions:
                  - key: node
                    operator: In
                    values:
                    - master01          
    volumeClaimTemplates:
      - metadata:
          name: elasticsearch-data # Do not change this name unless you set up a volume mount for the data path.
        spec:
          accessModes:
            - ReadWriteOnce
          resources:
            requests:
              storage: 5Gi
          storageClassName: nfs-client
EOF
  • Kibana
# Create Kibana cluster
cat <<EOF | kubectl apply -f -
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
  name: quickstart
  namespace: elastic-system
spec:
  version: 8.2.3
  count: 1
  elasticsearchRef:
    name: quickstart
  podTemplate:
    spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
              - matchExpressions:
                - key: node
                  operator: In
                  values:
                  - master01
EOF

@taking
Copy link
Author

taking commented Jul 21, 2022

(Option) Elasticsearch Curator

helm repo add lebenitza https://lebenitza.github.io/charts
helm repo update

elasticsearch-curator-value-override.yaml

cat <<EOF | kubectl apply -f -
configMaps:
  # Delete indices older than 7 days
  action_file_yml: |-
    ---
    actions:
      1:
        action: delete_indices
        description: "Clean up ES by deleting old indices"
        options:
          timeout_override:
          continue_if_exception: False
          disable_action: False
          ignore_empty_list: True
        filters:
        - filtertype: age
          source: name
          direction: older
          timestring: '%Y.%m.%d'
          unit: days
          unit_count: 7
          field:
          stats_result:
          epoch:
          exclude: False
  # Having config_yaml WILL override the other config
  config_yml: |-
    ---
    client:
      hosts:
        - quickstart-es-all-nodes
      port: 9200
      # url_prefix:
      use_ssl: True
      # certificate:
      # client_cert:
      # client_key:
      ssl_no_validate: True
      # http_auth:
      # timeout: 30
      # master_only: False
    # logging:
    #   loglevel: INFO
    #   logfile:
    #   logformat: default
    #   blacklist: ['elasticsearch', 'urllib3']
EOF
helm install elasticsearch-curator lebenitza/elasticsearch-curator \
  --create-namespace \
  --namespace elastic-system \ 
  -f elasticsearch-curator-value-override.yaml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment