Criss 's Blog

k8s部署Es+Kibana

应用官方0.9版本，目的: 内部测试使用。

Install custom resource definitions and the operator with its RBAC rules:

kubectl apply -f https://download.elastic.co/downloads/eck/0.9.0/all-in-one.yaml

Monitor the operator logs:

kubectl -n elastic-system logs -f statefulset.apps/elastic-operator

Deploy the Elasticsearch clusteredit

Apply a simple Elasticsearch cluster specification, with one node:

cat <<EOF | kubectl apply -f -
apiVersion: elasticsearch.k8s.elastic.co/v1alpha1
kind: Elasticsearch
metadata:
  name: quickstart
spec:
  version: 7.2.0
  nodes:
  - nodeCount: 1
    config:
      node.master: true
      node.data: true
      node.ingest: true
EOF

Monitor cluster health and creation progressedit

Get an overview of the current Elasticsearch clusters in the Kubernetes cluster, including health, version and number of nodes:

kubectl get elasticsearch
NAME          HEALTH    NODES     VERSION   PHASE         AGE
quickstart    green     1         7.2.0     Operational   1m

You can see that one Pod is in the process of being started:

kubectl get pods --selector='elasticsearch.k8s.elastic.co/cluster-name=quickstart'
NAME                       READY     STATUS    RESTARTS   AGE
quickstart-es-5zctxpn8nd   1/1       Running   0          1m​ 

Access the logs for that Pod:

kubectl logs -f quickstart-es-5zctxpn8nd​

Request Elasticsearch accessedit

A ClusterIP Service is automatically created for your cluster:

kubectl get service quickstart-es-http​

Get the credentials.

A default user named elastic is automatically created. Its password is stored as a Kubernetes secret:  获取ES帐号密码

PASSWORD=$(kubectl get secret quickstart-es-elastic-user -o=jsonpath='{.data.elastic}' | base64 --decode)​

Request the Elasticsearch endpoint.

From inside the Kubernetes cluster:   验证ES

curl -u "elastic:$PASSWORD" -k "https://quickstart-es-http:9200"

Kibana部分

Deploy the Kibana instanceedit

To deploy your Kibana instance go through the following steps.

cat <<EOF | kubectl apply -f -
apiVersion: kibana.k8s.elastic.co/v1alpha1
kind: Kibana
metadata:
  name: quickstart
spec:
  version: 7.2.0
  nodeCount: 1
  elasticsearchRef:
    name: quickstart
EOF 

kubectl get kibana

kubectl get pod --selector='kibana.k8s.elastic.co/name=quickstart'​

kubectl get service quickstart-kb-http

• Use kubectl port-forward to access Kibana from your local workstation:

kubectl port-forward service/quickstart-kb-http 5601 ​ 

​问题

1.证书  默认查询了 一下 1年证书  需要处理

2.连接方式：https验证 【filebeat连接怎么连接等】

找到CA证书    #我这里吧ES放在NS=elastic-system组里了
# kubectl get secret -n elastic-system quickstart-es-http-certs-public  -o go-template='{{index .data "tls.crt" | base64decode }}' > esca.crt

filebeat在kube-system组里 导入esca.crt 到kube-system
# kubectl create secret generic -n kube-system es-certs-internal --from-file=esca.crt

配置 filebeat输出es配置 (挂载secret进去)
      volumes:
      - name: es-secret
        secret:
          secretName: es-certs-internal
    output.elasticsearch:
      hosts: ["https://quickstart-es-http.elastic-system.svc:9200"]
      index: "filebeat-%{+yyyy.MM.dd}"
      username: elastic
      password: xxxxxxxxxxxxxx
      ssl.certificate_authorities:          //ca证书挂载进filebeat
        - /xxx/secret/esca.crt
    setup.template:
      name: 'filebeat'
      pattern: 'filebeat-*'
      
在filebeat容器内 测试  curl证书 是否OK
sh-4.2# curl --cacert "esca.crt" -u "elastic:lwwkr24cg6d9smfdsbxw5t5m" "https://quickstart-es-http.elastic-system.svc:9200"
{
...........................................
  "tagline" : "You Know, for Search"
}
验证后启动filebeat，去kibana查看日志

3.待定

参考：

https://www.elastic.co/cn/products/elastic-cloud-kubernetes

https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html

https://github.com/elastic/cloud-on-k8s/

Monitor cluster health and creation progressedit

Get an overview of the current Elasticsearch clusters in the Kubernetes cluster, including health, version and number of nodes:

Monitor cluster health and creation progressedit

Get an overview of the current Elasticsearch clusters in the Kubernetes cluster, including health, version and number of nodes:

Deploy the Kibana instanceedit

To deploy your Kibana instance go through the following steps.