Skip to content

Elastic Exporter MetricsπŸ“œ

Reference DocumentationπŸ“œ

OverviewπŸ“œ

The Elasticsearch Exporter needs authentication configured to be able to scrape information and serve up metrics:

  • By default (similar to fluent-bit) the built-in elastic superuser account is fed in to be able to authenticate.
  • There is also support for utilizing an API_KEY to communicate with the ES Cluster which is recommended for production installations.

Using an API KeyπŸ“œ

The Exporter only needs read only permission to the cluster and it’s indices. The following policy that must be applied via curl -XPOST creates a Key and Role for just those permissions:

_security/api_key

{   
    "name": "prom-exporter",  
    "role_descriptors": {    
        "prom-monitoring": {      
            "cluster": [
                "monitor", 
                "monitor_snapshot"
            ],      
            "index": [ 
              { 
                "names": ["*"], 
                "privileges": ["monitor"] 
              } 
            ] 
        } 
    } 
}

This can be applied within a BigBang cluster with the following 2 commands (run on two separate windows/panes/terminals/etc):

kubectl port-forward svc/logging-ek-es-http -n logging 9200:9200

&

curl -XPOST -H 'Content-Type: application/json' -ku "elastic:$(kubectl get secrets -n logging logging-ek-es-elastic-user -o go-template='{{.data.elastic | base64decode}}')" "https://localhost:9200/_security/api_key" -d '{   "name": "prom-exporter",  "role_descriptors": {    "prom-monitoring": {      "cluster": ["monitor", "monitor_snapshot"],      "index": [ { "names": ["*"], "privileges": ["monitor"] } ] } } }'

The above comand will return the reponse of:

{"id":"XXXXXXXXXXXXXXXXXXXX","name":"prom-exporter","api_key":"XXXXXXXXXXXXXXXXXXXXXX","encoded":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=="}

Make sure to save the "encoded" portion and adjust your logging value overrides to match the following:

logging:
  values:
    metrics:
      env:
        ES_API_KEY: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=="
        ES_USERNAME: ""
      extraEnvSecrets: null

This will disable the BigBang built in mapping of the elastic user and instead utilize only the configured ES_API_KEY