K
Q

How to add self signed certificate in kubernetes elastic search deployment using Filebeat

2/13/2018

I am using https://www.elastic.co/blog/shipping-kubernetes-logs-to-elasticsearch-with-filebeat to ship kube logs to elastic search. I have self-signed elastic search host. How can I give certificate information to filebeat in kubernetes?

-- Rohit Vyavahare
elasticsearch
filebeat
kubernetes

Similar Questions

Best Practice on adding unmanaged resources in Azure AKS.
Access kafka broker outside k8 minikube cluster
MongoDB on Kubernetes Service Accounts
How kubernetes can delete automatically the completed jobs?

1 Answer

2/14/2018

So, I solved this problem by adding self-signed certificate in filebeat daemonset. Anyone who wants to add can do it by following steps. Mount path depends on OS in which your container is running, I am assuming ubuntu:

  1. Create secret with following code :

     apiVersion: v1
 kind: Secret
 metadata:
   name: self-signed-certificate-secret
 data:
   ca-certificates.crt: <base 64 encoded string of certificate>

  2. Then edit filebeat-kubernets.yaml file. In daemonset section add the following line:

    volumeMounts:
- name: cert
  mountPath: /etc/ssl/certs

  3. In volumes section add information related to volume mount cert:

    volumes:
- name: cert
  secret:
  secretName: self-signed-certificate-secret
  defaultMode: 0400
-- Rohit Vyavahare
Source: StackOverflow