dev-resources.site
for different kinds of informations.
Elastic Cloud on Kubernetes (ECK) with custom domain name
Published at
12/3/2024
Categories
kubernetes
elasticsearch
eck
ingress
Author
guangyuan_zhang_c508769d0
Author
25 person written this
guangyuan_zhang_c508769d0
open
Prerequisites
- Domain Name: You need a domain name (e.g., example.com) and access to its DNS settings.
- TLS Certificate: A valid TLS certificate for the custom domain. You can use Let's Encrypt or any other certificate authority (CA).
- Running ECK Cluster: An Elasticsearch cluster deployed and managed by ECK.
Provision TLS Certificates
Use Cert-Manager for automatic TLS certificate provisioning.
- Installation
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
or
helm repo add jetstack https://charts.jetstack.io --force-update
helm install \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.16.2 \
--set crds.enabled=true
- Configuring issuers
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: [email protected] #Update email with your contact email address.
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: nginx
- Update DNS Records
- Obtain the ingress controller's external IP:
kubectl get svc -n ingress-nginx
- Add a DNS record in your domain's control panel:
Type: A/CNAME
Name: es.example.com
Value: <Ingress Controller External IP>
With Elastic Cloud on Kubernetes (ECK) you can extend the basic Kubernetes orchestration capabilities to easily deploy, secure, upgrade your Elasticsearch cluster, and much more.
- Install custom resource definitions:
kubectl create -f https://download.elastic.co/downloads/eck/2.15.0/crds.yaml`
- Install the operator with its RBAC rules:
kubectl apply -f https://download.elastic.co/downloads/eck/2.15.0/operator.yaml
- Configure Ingress
kubectl apply -f - <<EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: eck
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
ingressClassName: nginx
tls:
- secretName: eck-tls
hosts:
- es.example.com
- kb.example.com
rules:
- host: es.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: quickstart-es-http
port:
number: 9200
- host: kb.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: quickstart-kb-http
port:
number: 5601
EOF
Here we customize the configuration spec.http:
selfSignedCertificate:
disabled: true
certificate:
secretName: eck-tls
Disable the self signed certificate, and use the certificate requested from letencrypt by ingress which shows belowโฌ๏ธ.
- Deploy an Elasticsearch cluster and a Kibana instance
kubectl apply -f - <<EOF
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: quickstart
spec:
version: 8.16.1
http:
tls:
selfSignedCertificate:
disabled: true
certificate:
secretName: eck-tls
nodeSets:
- name: default
count: 3
config:
node.store.allow_mmap: false
---
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
name: quickstart
spec:
version: 8.16.1
count: 1
elasticsearchRef:
name: quickstart
http:
tls:
selfSignedCertificate:
disabled: true
certificate:
secretName: eck-tls
EOF
-
cert-manager.io/cluster-issuer: "letsencrypt-prod"annotation tells the ingress to use theletsencrypt-prodcluster issuer for certificate requests. Cluster issuer has declared above. -
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"annotation is very important, for elasticsearch and kibanan are using https.
Then you can visit elasticsearch/kibana via your own domain
elasticsearch Article's
30 articles in total
Intelligent PDF Data Extraction and database creation
read article
Debugging Elasticsearch Cluster Issues: Insights from the Field
read article
Search Engine Optimisation
read article
Advantages of search databases
read article
Advanced Search in .NET with Elasticsearch(Full Video)
read article
Real-Time Data Indexing: Powering Instant Insights and Scalable Querying
read article
Coding challenge: Design and Implement an Advanced Text Search System
read article
tuistash: A Terminal User Interface for Logstash
read article
Navigating Search Solutions: A Comprehensive Comparison Guide to Meilisearch, Algolia, and ElasticSearch
read article
Elastic Cloud on Kubernetes (ECK) with custom domain name
currently reading
Step-by-Step Guide to Configuring Cribl and Grafana for Data Processing
read article
Exploring Logging Best Practices
read article
Building a Smart Log Pipeline: Syslog Parsing, Data Enrichment, and Analytics with Logstash, Elasticsearch, and Ruby
read article
How to connect to AWS OpenSearch or Elasticsearch clusters using python
read article
Elasticsearch Was Great, But Vector Databases Are the Future
read article
Building Real-Time Data Pipelines with Debezium and Kafka: A Practical Guide
read article
AI + Search + Real Time Data = ๐ฅ (๐ฎ๐๐ถ๐๐ธ๐ฝ ๐๐พ๐๐ ๐ท๐ ๐๐ฝ๐ ๐ป๐๐๐๐๐ ๐๐ป ๐๐ผ)
read article
Size Doesn't Matter: Why Your Elasticsearch Fields Need to Stop Caring About Length
read article
ELK Stack Mastery: Building a Scalable Log Management System
read article
Elastop: An HTOP Inspired Elasticsearch Monitoring Tool
read article
Hybrid Search with Elasticsearch in .NET
read article
Proximity Search: A Complete Guide for Developers
read article
How I can run elasticsearch locally for development using docker?
read article
Improving search experience using Elasticsearch
read article
How to integrate Elasticsearch in Express
read article
Advanced Techniques for Search Indexing with Go: Implementing Full-Text Search for Product Catalogs
read article
Semantic Search with Elasticsearch in .NET
read article
15 WordPress Search Plugins to Supercharge Your Websiteโs Search Functionality
read article
Building a Web Search Engine in Go with Elasticsearch
read article
github action services: mysql, redis and elasticsearch
read article
Featured ones: