A newer version is available. For the latest information, see the
current release documentation.
Quickstart
editQuickstart
edit-
To deploy Fleet Server, Elastic Agents, Elasticsearch, and Kibana, apply the following specification:
cat <<EOF | kubectl apply -f - apiVersion: agent.k8s.elastic.co/v1alpha1 kind: Agent metadata: name: fleet-server-quickstart namespace: default spec: version: 8.15.3 kibanaRef: name: kibana-quickstart elasticsearchRefs: - name: elasticsearch-quickstart mode: fleet fleetServerEnabled: true deployment: replicas: 1 podTemplate: spec: serviceAccountName: elastic-agent automountServiceAccountToken: true securityContext: runAsUser: 0 --- apiVersion: agent.k8s.elastic.co/v1alpha1 kind: Agent metadata: name: elastic-agent-quickstart namespace: default spec: version: 8.15.3 kibanaRef: name: kibana-quickstart fleetServerRef: name: fleet-server-quickstart mode: fleet daemonSet: podTemplate: spec: serviceAccountName: elastic-agent automountServiceAccountToken: true securityContext: runAsUser: 0 --- apiVersion: kibana.k8s.elastic.co/v1 kind: Kibana metadata: name: kibana-quickstart namespace: default spec: version: 8.15.3 count: 1 elasticsearchRef: name: elasticsearch-quickstart config: xpack.fleet.agents.elasticsearch.hosts: ["https://elasticsearch-quickstart-es-http.default.svc:9200"] xpack.fleet.agents.fleet_server.hosts: ["https://fleet-server-quickstart-agent-http.default.svc:8220"] xpack.fleet.packages: - name: system version: latest - name: elastic_agent version: latest - name: fleet_server version: latest xpack.fleet.agentPolicies: - name: Fleet Server on ECK policy id: eck-fleet-server is_default_fleet_server: true namespace: default monitoring_enabled: - logs - metrics unenroll_timeout: 900 package_policies: - name: fleet_server-1 id: fleet_server-1 package: name: fleet_server - name: Elastic Agent on ECK policy id: eck-agent namespace: default monitoring_enabled: - logs - metrics unenroll_timeout: 900 is_default: true package_policies: - name: system-1 id: system-1 package: name: system --- apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: elasticsearch-quickstart namespace: default spec: version: 8.15.3 nodeSets: - name: default count: 3 config: node.store.allow_mmap: false --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: elastic-agent rules: - apiGroups: [""] # "" indicates the core API group resources: - pods - nodes - namespaces verbs: - get - watch - list - apiGroups: ["coordination.k8s.io"] resources: - leases verbs: - get - create - update --- apiVersion: v1 kind: ServiceAccount metadata: name: elastic-agent namespace: default --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: elastic-agent subjects: - kind: ServiceAccount name: elastic-agent namespace: default roleRef: kind: ClusterRole name: elastic-agent apiGroup: rbac.authorization.k8s.io EOF
Check Configuration Examples for more ready-to-use manifests.
ECK automatically configures secure connections between all components. Fleet will be set up, and all agents are enrolled in the default policy.
-
Monitor the status of Fleet Server and Elastic Agent.
kubectl get agent
NAME HEALTH AVAILABLE EXPECTED VERSION AGE elastic-agent green 3 3 8.15.3 14s fleet-server green 1 1 8.15.3 19s
-
List all the Pods belonging to a given Elastic Agent specification.
kubectl get pods --selector='agent.k8s.elastic.co/name=elastic-agent'
NAME READY STATUS RESTARTS AGE elastic-agent-agent-t49fd 1/1 Running 0 54s elastic-agent-agent-xbcxr 1/1 Running 0 54s elastic-agent-agent-zqp55 1/1 Running 0 54s
-
Access logs for one of the Pods.
kubectl logs -f elastic-agent-agent-xbcxr
- Configure the policy used by Elastic Agents. Check Elastic Agent policies for more details.