Elasticsearch-Kibana Documentation
Table of Contents
- Development
- Prerequisites
- IronBank Images
- Deployment
- Enterprise License
- Elastic Password
- Upgrading
- Configuration
- Kibana Metrics
- Kibana ECK Integration
- Kibana SSO Integration
elasticsearch-kibana
- Thin chart wrapper around a deployment of Elasticsearch and Kibana using the ECK Operator.
- This chart is owned by Big Bang and does not point to an upstream chart provided by Elastic or another vendor.
- Open an issue if you would like to request a feature or submit an issue that needs to be fixed/addressed.
Pre-Requisites
The ECK Operator must be deployed beforehand in order to leverage the Elasticsearch and Kibana custom resources. You can use the full BigBang solution or the individual eck operator chart.
Iron Bank
You can pull the registry1 image(s) here and view the container approval here.
Deployment
git clone https://repo1.dso.mil/platform-one/big-bang/apps/core/elasticsearch-kibana.git
cd elasticsearch-kibana
helm install elasticsearch-kibana chart --debug -n logging --create-namespace -f chart/values.yamlEnterprise License
If you want to experiment with enterprise features for development, you can toggle on a trial license. This is done in the BigBang values as shown below:
logging:
license:
trial: trueFor production, if you want enterprise features you will need to add your license in the BigBang values as shown below:
logging:
license:
trial: false
keyJSON: |
{"license":
{"uid":....
}
}NOTE: You can also squash the license onto a single line as follows, but ensure no quotes are present and you turn it into a multiline value with a Helm pipe:
logging:
license:
trial: false
keyJSON: |
{"license":{"uid":....}}Elastic Password
The default "admin" elastic user has its password stored in a secret. To login initially and set up additional users or SSO (see the Keycloak doc) you need to get this password:
kubectl get secrets -n logging logging-ek-es-elastic-user -o go-template='{{.data.elastic | base64decode}}'Upgrading
Please always check CHANGELOG before upgrading to a new chart version.
Configuration
| Parameter | Description | Default |
|---|---|---|
elasticsearch.{master|data}.antiAffinity |
Configurable options are "soft" and "hard" antiAffinity | "" |
elasticsearch.{master|data}.count |
Kubernetes replica count for the Deployment (i.e. how many pods for elasticsearch nodes) | 3 |
elasticsearch.heap |
Configurable setting for java JVM heap min + max amount | 1g |
{kibana|elasticsearch}.imagePullSecrets |
Configuration for imagePullSecrets so that you can use a private registry for your image | [ ] |
{kibana|elasticsearch}.image.repository |
The image repository URL | see values |
{kibana|elasticsearch}.image.tag |
Configurable tag applied to the image. | 7.9.2 |
elasticsearch.{master|data}.initContainers |
Allows for creation of an initContainer for the Elasticsearch Master or Data nodes. Kibana initContainer support coming soon | [] |
istio |
Configurable istio VirtualService for Kibana external access | see values |
kibanaBasicAuth |
Configurable setting for Kibana to enable/disable basic authentication support for the UI | enabled: true |
elasticsearch.{master|data}.nodeAffinity |
Configurable [nodeAffinity][] applied to master or data nodes to run on specific nodes | {} |
elasticsearch.{master|data}.nodeSelector |
Configurable nodeSelector so that you can target specific nodes for your Kibana instances | {} |
elasticsearch.{master|data}.persistence |
Configurable persistence for persistent volume storage, can set storageClassName and size | see values |
{kibana|elasticsearch}.resources |
Allows you to set the resources for the indivudial Deployments, kibana, es master and es data | see values |
securityContext |
Allows you to set the securityContext for the container | see values |
sso |
Configurable SSO integration with OIDC | see values & documentation |
{kibana|elasticsearch}.version |
Configurable version setting for the eck-operator to handle the version of kibana or elasticsearch | 7.9.2 |