Hi there,
how is the approach to create a secured metricbeat docker container to send data to a secured elastick stack?
Background:
I have a secured stack, with self signed certificate authority in place.
Now I would like to have a metricbeat that also uses this CA and sends data securely to the stack.
Technicall it goes like this (metricbaet.docker.yml):
...
output.elasticsearch:
enabled: true
protocol: "https"
hosts: '${ELASTICSEARCH_HOSTS:elasticsearch:9200}'
AND:
This is how I would create an instance certificate if not in a docker environment:
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca-cert /usr/share/elasticsearch/ca/ca.crt --ca-key /usr/share/elasticsearch/ca/ca.key --ip 192.168.56.112 --pem
But how I do create in a docker instance a certificate since:
a) I do not know the IP, since the container is volatile - perhpas an IP range? Possible?
Since docker IPs are not fixed, can I (running on Ubuntu 20.04) build some 'general', not ip fixed docker certificates?
b) In a metricbet container I do not have a elasticsearch-certutil?
Does someone has a working / step-by-step solution for this case?
This is not documented in the elastic docs so far.
kind regards and big thanks
Stefano
AND for the docker container:
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca-cert /usr/share/elasticsearch/ca/ca.crt --ca-key /usr/share/elasticsearch/ca/ca.key --pem
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.