Terraform module which create Elastic Agent, this module is perfect if you want to run a Fleet server or run an Elastic Agent on Fleet.
module "fleet_server" {
source = "../.."
name = "fleet-server"
namespace = "monitoring"
elastic_version = "8.2.3"
fleet_server_enable = true
fleet_server_elasticsearch_host = "https://elasticsearch:9200"
fleet_server_service_token = "my-service-token"
fleet_server_policy_id = "fleet-server-policy"
fleet_server_elasticsearch_ca = "elasticsearch-coordinating-crt"
}module "fleet_elastic_agent" {
source = "../.."
name = "fleet-server"
namespace = "monitoring"
elastic_version = "8.2.3"
fleet_enroll = true
fleet_url = "https://fleet.syneki.com"
fleet_enrollment_token = "myenrollmenttoken"
}| Name | Version |
|---|---|
| terraform | >= 0.13.1 |
| kubernetes | >= 2.10 |
| Name | Version |
|---|---|
| kubernetes | 2.12.1 |
| Name | Source | Version |
|---|---|---|
| rbac | syneki/rbac/kubernetes | n/a |
| Name | Type |
|---|---|
| kubernetes_daemonset.elastic_agent | resource |
| kubernetes_deployment.elastic_agent | resource |
| kubernetes_secret.elastic_agent | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| deployment | Creates a Deployment or a DaemonSet | bool |
false |
no |
| elastic_version | The elastic agent version | string |
n/a | yes |
| elasticsearch_ca | The path to a certificate authority. | string |
null |
no |
| elasticsearch_host | The Elasticsearch host to communicate with | string |
"http://elasticsearch:9200" |
no |
| elasticsearch_password | The basic authentication password used to connect to Kibana and retrieve a service_token for Fleet. | string |
"changeme" |
no |
| elasticsearch_username | basic authentication username used to connect to Kibana and retrieve a service_token for Fleet. | string |
"elastic" |
no |
| fleet_ca | The path to a certificate authority. Overrides ELASTICSEARCH_CA when set. | string |
null |
no |
| fleet_enroll | Set to 1 to enroll the Elastic Agent into Fleet Server. | bool |
false |
no |
| fleet_enrollment_token | The token to use for enrollment. | string |
"" |
no |
| fleet_insecure | When true, Elastic Agent communicates with Fleet Server over insecure or unverified HTTP. Setting this to true is not recommended. | bool |
false |
no |
| fleet_server_cert | The path to the certificate to use for HTTPS. | string |
null |
no |
| fleet_server_elasticsearch_ca | The path to a certificate authority. Overrides ELASTICSEARCH_CA when set. | string |
null |
no |
| fleet_server_elasticsearch_host | The Elasticsearch host for Fleet Server to communicate with. Overrides ELASTICSEARCH_HOST when set. | string |
null |
no |
| fleet_server_enable | Set to 1 to bootstrap Fleet Server on this Elastic Agent. When set to 1, this automatically forces Fleet enrollment as well. | bool |
false |
no |
| fleet_server_host | The binding host for Fleet Server HTTP. Overrides the host defined in the policy. | string |
null |
no |
| fleet_server_insecure_http | When true, exposes Fleet Server over HTTP (insecure). Setting this to true is not recommended. | bool |
false |
no |
| fleet_server_policy_id | The policy ID for Fleet Server to use on itself. | string |
null |
no |
| fleet_server_policy_name | The name of the policy for Fleet Server to use on itself. Overrides FLEET_TOKEN_POLICY_NAME when set. | string |
null |
no |
| fleet_server_port | The binding port for Fleet Server HTTP. Overrides the port defined in the policy. | string |
null |
no |
| fleet_server_service_token | Service token to use for communication with Elasticsearch. | string |
null |
no |
| fleet_token_name | The token name to use to fetch the token from Kibana. | string |
null |
no |
| fleet_token_policy_name | The token policy name to use to fetch the token from Kibana. | string |
null |
no |
| fleet_url | URL to enroll the Fleet Server into. | string |
"" |
no |
| kibana_ca | The path to a certificate authority. | string |
null |
no |
| kibana_fleet_ca | The path to a certificate authority. Overrides KIBANA_CA when set. | string |
null |
no |
| kibana_fleet_host | The Kibana host to enable Fleet on. Overrides FLEET_HOST when set. | string |
null |
no |
| kibana_fleet_password | The basic authentication password used to connect to Kibana and retrieve a service_token to enable Fleet. Overrides ELASTICSEARCH_PASSWORD when set. | string |
null |
no |
| kibana_fleet_setup | Enabling Fleet is required before Fleet Server will start. When this action is not performed, a user must manually log in to Kibana and visit the Fleet page to enable setup. | bool |
false |
no |
| kibana_fleet_username | The basic authentication username used to connect to Kibana and retrieve a service_token to enable Fleet. Overrides ELASTICSEARCH_USERNAME when set. | string |
null |
no |
| kibana_host | The Kibana host. | string |
"http://kibana:5601" |
no |
| kibana_password | The basic authentication password used to connect to Kibana to retrieve a service_token. | string |
"changeme" |
no |
| kibana_username | The basic authentication username used to connect to Kibana to retrieve a service_token. | string |
"elastic" |
no |
| labels | Labels append to resources created | map(string) |
{} |
no |
| name | Name used to create resources | string |
n/a | yes |
| namespace | Namespace where resources will be created | string |
"default" |
no |
No outputs.
We'd love for you to contribute to this container. You can request new features by creating an issue, or submit a pull request with your contribution.
If you encountered a problem running this container, you can file an issue. For us to provide better support, be sure to include the following information in your issue:
- Host OS and version
- Terraform version (
terraform version) - Providers and modules version (
terraform versionin the module directory)
Copyright © 2022 Syneki
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.