forked from Deuxfleurs/nixcfg
1.2 KiB
1.2 KiB
create elasticsearch passwords
in elasticsearch container
./bin/elasticsearch-setup-passwords auto
save passwords in consul, at:
secrets/telemetry/elastic_passwords/apm_system
for userapm_system
secrets/telemetry/elastic_passwords/kibana_system
for userkibana_system
secrets/telemetry/elastic_passwords/elastic
for userelastic
check kibana works, login to kibana with user elastic
create role and user for apm
create role apm_writer
, give privileges:
- cluster privileges
manage_ilm
,read_ilm
,manage_ingest_pipelines
- on index
apm-*
privilegescreate_doc
,create_index
,view_index_metadata
- on index
apm-*sourcemap
privilegeread_cross_cluster
create user apm
with roles apm_writer
and apm_system
. give it a randomly generated password that you save in secrets/telemetry/elastic_passwords/apm
check apm data is ingested correctly (visible in kibana)
create role and user for grafana
create role grafana
, give privileges:
- on index
apm-*
privilegesread
andview_index_metadata
create user grafana
with role grafana
. give it a randomly generated password that you save in secrets/telemetry/elastic_passwords/grafana
check grafana works