Setup Your Own Certificated for ELK
1:Install custom resource definitions:
kubectl create -f https://download.elastic.co/downloads/eck/2.9.0/crds.yaml
kubectl apply -f https://download.elastic.co/downloads/eck/2.9.0/operator.yaml
kubectl -n elastic-system logs -f statefulset.apps/elastic-operator
kubectl apply -f elasticsearch-and-kibana-deployment.yaml
Retrieve elastic user password using: echo $(kubectl get secret quickstart-es-elastic-user -n eck -o jsonpath='{.data.elastic}' | base64 --decode; echo)
-- OR --
PASSWORD=$(kubectl -n eck get secret quickstart-es-elastic-user -o go-template='{{.data.elastic | base64decode}}')
will be used to login to elastic and kibana:
From inside cluster: curl -u "elastic:$PASSWORD" -k "https://quickstart-es-http:9200"
-- OR --
Using Ingress: https://elastic.example.com https://kibana.example.com https://kibana.172.16.240.240.nip.io
helm upgrade --install --wait --create-namespace --namespace logging logging-operator oci://ghcr.io/kube-logging/helm-charts/logging-operator
kubectl -n logging get pods
kubectl get crd
NAME
- clusterflows.logging.banzaicloud.io
- clusteroutputs.logging.banzaicloud.io
- eventtailers.logging-extensions.banzaicloud.io
- flows.logging.banzaicloud.io
- fluentbitagents.logging.banzaicloud.io
- hosttailers.logging-extensions.banzaicloud.io
- loggings.logging.banzaicloud.io
- nodeagents.logging.banzaicloud.io
- outputs.logging.banzaicloud.io
- syslogngclusterflows.logging.banzaicloud.io
- syslogngclusteroutputs.logging.banzaicloud.io
- syslogngflows.logging.banzaicloud.io
- syslogngoutputs.logging.banzaicloud.io
kubectl apply -f logging-operator-test.yaml
secret -> quickstart-fluentbit -> namespace: logging -> from quickstart-fluentd.logging.svc.cluster.local -> to quickstart-fluentd.logging because fluentbit pods DNS resolution fails for quickstart-fluentd.logging.svc.cluster.local service name.
helm upgrade --install --wait --create-namespace --namespace logging --set testReceiver.enabled=true logging-operator oci://ghcr.io/kube-logging/helm-charts/logging-operator kubectl -n logging get deployments kubectl -n logging get services
helm upgrade --install --wait --create-namespace --namespace logging log-generator oci://ghcr.io/kube-logging/helm-charts/log-generator
kubectl logs --namespace logging -f svc/logging-operator-test-receiver
curl -k -u "elastic:84UKWxvCPLE2e859t0a7TK72" -X PUT "https://elastic.example.com/_ilm/policy/test-rollover-logs" -H "kbn-xsrf: reporting" -H "Content-Type: application/json" --data-binary "@ilm-request.json"
kubectl get logging-all --namespace logging
kubectl delete logging quickstart kubectl delete --namespace logging flow log-generator kubectl delete --namespace logging output http
kubectl delete logging default-logging-simple kubectl delete --namespace logging flow es-flow kubectl delete --namespace logging output es-output