UPDATE 3/30/2022 - another update was made to make fleet deployments easier. This is explained on this post
The original post for the deploy-elastic.sh script is here. Made some updates so I thought I would post it on a new post.
Changes:
- 8.x is now supported. You can use the script for any versions 6.x-8.x.
full- modes are removed. The script is additive so if you deploy only the stack and want to add features on top you can run it again with the feature you want to add. You can add multiple features to your stack.- Starting stack 7.16.0 apm server is removed and moved to fleet
Matrix of all the features and versions that they work on
| 6.x | 7.x | 8.x | network exposure | |
|---|---|---|---|---|
| elasticstack | * | * | * | 9200 with SSL and 9201 without SSL(<8.0.0), 5601 with SSL |
| monitoring | 6.5.0+ | * | * | |
| snapshot | * | * | * | |
| fleet | x | 7.10.0+ | * | 8220 with SSL |
| enterprise search | x | 7.7.0+ | * | 3002 without SSL |
| apm server | * | -7.16.0 | x | 8200 without SSL |
If you are running the script on your local machine you can open a browser to https://localhost:5601 to access kibana or user https://localhost:9200 to access the APIs. If you are running this on a remote machine please use https://remotemachinenameorip:5601 and https://remotemachinenameorip:9200
ca.crt that was used to sign all the certificates is located on ~/elasticstack/ca.crt and has localhost,127.0.0.1,containername as SAN for each certificate.
Thank you, Justin! This is really great!
You might want to check if docker-compose and jq are installed and give a warning if not.
I have made a prep script for my use with this in it (meant for Ubuntu 20.04 LTS):
#!/bin/bash
apt install docker-compose jq
echo “vm.max_map_count=262144” > /etc/sysctl.d/50-elastic.conf
sysctl vm.max_map_count=262144
echo “Remember to mount some decent storage on /var/lib/docker/volumes”
MARTIN – thanks for the suggestions. the script checks for docker and docker-compose. I’ve added the check for jq !!
Hi Justin, thanks for sharing your work! This is impressive. I am using the cloud product but needed a stack for my home lab and spend 2 days setting up a 3 node cluster using the Elastic documentation (yep, no external documents, it takes a few days only to read those and try to pull only what’s useful). Again, appreciate the fact you are sharing your time spend with everyone.
Have a great day!
Nikolay
Hi Justin,
The script is amazing! it’s very useful for learning Elastic. Could you please consider add Endpoint Security to it?
Eric – Its already there! all the requirements to run endpoint security are already built into the script. Once you run it in fleet mode and then register some elastic-agents on remove servers you can add the Endpoint Security integrations and start using it.
Hi Justin,
Thanks for your prompt reply, Yes, as you said, I have added an endpoint agent to fleet but it keeps showing “unhealthy” under the “fleet –> agent” and no show at “Security –> Endpoints”. The fleet server is healthy (fleet server and system integration), and agents w/o endpoint security are healthy too. (system integration or system + elastic agent integration, or system + docker + elastic agent integration….etc). No matter I add the endpoint agent in docker-compose or a pyhsical machine. Any agent w/ endpoint security becomes unhealthy, any advise? T_T ps: it’s v8.1.1
Hi Justin,
Love this thank you so much! As a suggestion before I found your setup I was using this which automatically sets up letsencrypt and nginx in docker containers so you have https enabled for a custom domain when finished.
https://github.com/datallboy/elastic-kibana-docker-nginx-letsencrypt
It needs to be updated for 8.1 but it would be an amazing addition to your already amazing script.
Thank you again!