Skip to content
This repository was archived by the owner on Sep 17, 2024. It is now read-only.

Commit 3551dc5

Browse files
adam-stokesmdelapenya
authored andcommitted
Kubernetes Deployment (#1110)
* Kubernetes Deployment Signed-off-by: Adam Stokes <51892+adam-stokes@users.noreply.github.com> * Expose hostPort for kibana, elasticsearch, fleet without needing ingress This is nice for local development where you don't need an ingress and are relatively sure that the host system has the required ports available to bind to. Signed-off-by: Adam Stokes <51892+adam-stokes@users.noreply.github.com>
1 parent 074d38c commit 3551dc5

25 files changed

Lines changed: 1031 additions & 0 deletions

.pre-commit-config.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ repos:
88
exclude: ^notice/overrides.json
99
- id: check-merge-conflict
1010
- id: check-yaml
11+
exclude: >
12+
(?x)^(cli/config/kubernetes.*)$
1113
- id: check-xml
1214
- id: end-of-file-fixer
1315
exclude: >

cli/config/kubernetes/README.md

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
# K8s deployment for Elasticsearch, Kibana, and Fleet-Server
2+
3+
## Requirements
4+
5+
- docker
6+
- kind (>= 0.10.0)
7+
- kubectl (>= 1.17)
8+
9+
## Deployment
10+
11+
```
12+
kind create cluster
13+
kubectl apply -k base
14+
```
15+
16+
This will allow you to visit `http://localhost:5601` using username: `elastic` password: `changeme` to login
17+
18+
## Local Ingress (Optional)
19+
20+
If a local ingress is preferred, apply the following to setup nginx-ingress
21+
22+
```
23+
kubectl apply -k overlays/local
24+
```
25+
26+
This will allow you to reach the Kibana endpoint at `http://localhost`
Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
apiVersion: v1
2+
kind: ConfigMap
3+
metadata:
4+
name: elasticsearch-config
5+
data:
6+
ES_JAVA_OPTS: "-Xms1g -Xmx1g"
7+
network.host: ""
8+
transport.host: "127.0.0.1"
9+
http.host: "0.0.0.0"
10+
indices.id_field_data.enabled: 'true'
11+
xpack.license.self_generated.type: "trial"
12+
xpack.security.enabled: 'true'
13+
xpack.security.authc.api_key.enabled: 'true'
14+
ELASTIC_USERNAME: "elastic"
15+
ELASTIC_PASSWORD: "changeme"
Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
apiVersion: apps/v1
2+
kind: Deployment
3+
metadata:
4+
name: elasticsearch
5+
labels:
6+
app: elasticsearch
7+
spec:
8+
replicas: 1
9+
selector:
10+
matchLabels:
11+
app: elasticsearch
12+
template:
13+
metadata:
14+
labels:
15+
app: elasticsearch
16+
spec:
17+
containers:
18+
- name: elasticsearch
19+
image: docker.elastic.co/elasticsearch/elasticsearch:8.0.0-SNAPSHOT
20+
envFrom:
21+
- configMapRef:
22+
name: elasticsearch-config
23+
ports:
24+
- containerPort: 9200
25+
name: client
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
resources:
2+
- deployment.yaml
3+
- service.yaml
4+
- configmap.yaml
Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
apiVersion: v1
2+
kind: Service
3+
metadata:
4+
name: elasticsearch
5+
labels:
6+
service: elasticsearch
7+
spec:
8+
type: NodePort
9+
ports:
10+
- port: 9200
11+
name: client
12+
selector:
13+
app: elasticsearch
Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRoleBinding
3+
metadata:
4+
name: fleet-server-cluster-role-binding
5+
subjects:
6+
- kind: ServiceAccount
7+
name: default
8+
namespace: default
9+
roleRef:
10+
kind: ClusterRole
11+
name: fleet-server-cluster-role
12+
apiGroup: rbac.authorization.k8s.io
Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
---
2+
apiVersion: rbac.authorization.k8s.io/v1
3+
kind: ClusterRole
4+
metadata:
5+
name: fleet-server-cluster-role
6+
labels:
7+
app: fleet-server
8+
rules:
9+
- apiGroups: [""]
10+
resources:
11+
- nodes
12+
- namespaces
13+
- events
14+
- pods
15+
- services
16+
verbs: ["get", "list", "watch"]
Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
apiVersion: apps/v1
2+
kind: Deployment
3+
metadata:
4+
name: fleet-server
5+
labels:
6+
app: fleet-server
7+
spec:
8+
replicas: 1
9+
selector:
10+
matchLabels:
11+
app: fleet-server
12+
template:
13+
metadata:
14+
labels:
15+
app: fleet-server
16+
spec:
17+
containers:
18+
- name: fleet-server
19+
image: docker.elastic.co/beats/elastic-agent:8.0.0-SNAPSHOT
20+
env:
21+
- name: FLEET_SERVER_ENABLE
22+
value: "1"
23+
- name: FLEET_SERVER_INSECURE_HTTP
24+
value: "1"
25+
- name: KIBANA_FLEET_SETUP
26+
value: "1"
27+
- name: KIBANA_FLEET_HOST
28+
value: "http://kibana:5601"
29+
- name: FLEET_SERVER_HOST
30+
value: "0.0.0.0"
31+
- name: FLEET_SERVER_PORT
32+
value: "8220"
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
resources:
2+
- deployment.yaml
3+
- service.yaml
4+
- role.yaml
5+
- role-binding.yaml
6+
- cluster-role.yaml
7+
- cluster-role-binding.yaml

0 commit comments

Comments
 (0)