diff --git a/.env b/.env index 4f80c86..694b0c1 100644 --- a/.env +++ b/.env @@ -17,6 +17,9 @@ KIBANA_PORT=5601 LOGSTASH_HOST=logstash LOGSTASH_PORT=8080 +APMSERVER_HOST=apm-server +APMSERVER_PORT=8200 + #----------- Credientals ------------------------# # Username & Password for Admin Elasticsearch cluster. # This is used to set the password at setup, and used by others to connect to Elasticsearch at runtime. @@ -25,6 +28,7 @@ ELASTIC_USERNAME=elastic ELASTIC_PASSWORD=changeme AWS_ACCESS_KEY_ID=nottherealid AWS_SECRET_ACCESS_KEY=notherealsecret +ELASTIC_APM_SECRET_TOKEN=secrettokengoeshere #----------- Cluster ----------------------------# ELASTIC_CLUSTER_NAME=elastdocker-cluster diff --git a/Makefile b/Makefile index 9e5388b..cba1ac3 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ COMPOSE_MONITORING := -f docker-compose.yml -f docker-compose.monitor.yml COMPOSE_LOGGING := -f docker-compose.yml -f docker-compose.logs.yml COMPOSE_TOOLS := -f docker-compose.yml -f docker-compose.tools.yml COMPOSE_NODES := -f docker-compose.yml -f docker-compose.nodes.yml -ELK_SERVICES := elasticsearch logstash kibana +ELK_SERVICES := elasticsearch logstash kibana apm-server ELK_LOG_COLLECTION := filebeat ELK_MONITORING := elasticsearch-exporter logstash-exporter filebeat-cluster-logs ELK_TOOLS := rubban diff --git a/README.md b/README.md index 6204416..8f5099a 100644 --- a/README.md +++ b/README.md @@ -219,6 +219,32 @@ make keystore ![Maps](https://user-images.githubusercontent.com/16992394/156664562-d38e11ee-b033-4b91-80bd-3a866ad65f56.png) ![ML](https://user-images.githubusercontent.com/16992394/156664695-5c1ed4a7-82f3-47a6-ab5c-b0ce41cc0fbe.png) +# Working with Elastic APM + +After completing the setup step, you will notice a container named apm-server which gives you deeper visibility into your applications and can help you to identify and resolve root cause issues with correlated traces, logs, and metrics. + +## Authenticating with Elastic APM + +In order to authenticate with Elastic APM, you will need the following: + +- The value of `ELASTIC_APM_SECRET_TOKEN` defined in `.env` file as we have [secret token](https://www.elastic.co/guide/en/apm/guide/master/secret-token.html) enabled by default +- The ability to reach port `8200` +- Install elastic apm client in your application e.g. for NodeJS based applications you need to install [elastic-apm-node](https://www.elastic.co/guide/en/apm/agent/nodejs/master/typescript.html) +- Import the package in your application and call the start function, In case of NodeJS based application you can do the following: + +``` +const apm = require('elastic-apm-node').start({ + serviceName: 'foobar', + secretToken: process.env.ELASTIC_APM_SECRET_TOKEN, + + // https is enabled by default as per elastdocker configuration + serverUrl: 'https://localhost:8200', +}) +``` +> Make sure that the agent is started before you require any other modules in your Node.js application - i.e. before express, http, etc. as mentioned in [Elastic APM Agent - NodeJS initialization](https://www.elastic.co/guide/en/apm/agent/nodejs/master/express.html#express-initialization) + +For more details or other languages you can check the following: +- [APM Agents in different languages](https://www.elastic.co/guide/en/apm/agent/index.html) # Monitoring The Cluster @@ -241,7 +267,6 @@ If you started Prometheus Exporters using `make monitoring` command. Prometheus ![Metrics](https://user-images.githubusercontent.com/16992394/78685076-89a58900-78f1-11ea-959b-ce374fe51500.jpg) - # License [MIT License](https://raw.githubusercontent.com/sherifabdlnaby/elastdocker/master/LICENSE) Copyright (c) 2020 Sherif Abdel-Naby diff --git a/apm-server/Dockerfile b/apm-server/Dockerfile new file mode 100644 index 0000000..92efc37 --- /dev/null +++ b/apm-server/Dockerfile @@ -0,0 +1,5 @@ +ARG ELK_VERSION + +# https://github.com/elastic/apm-server +FROM docker.elastic.co/apm/apm-server:${ELK_VERSION} +ARG ELK_VERSION diff --git a/apm-server/config/apm-server.yml b/apm-server/config/apm-server.yml new file mode 100644 index 0000000..68a6559 --- /dev/null +++ b/apm-server/config/apm-server.yml @@ -0,0 +1,101 @@ +######################### APM Server Configuration ######################### + +################################ APM Server ################################ + +apm-server: + # Defines the host and port the server is listening on. Use "unix:/path/to.sock" to listen on a unix domain socket. + host: "0.0.0.0:8200" + + + #---------------------------- APM Server - Secure Communication with Agents ---------------------------- + + # Enable authentication using Secret token + auth: + secret_token: '${ELASTIC_APM_SECRET_TOKEN}' + + # Enable secure communication between APM agents and the server. By default ssl is disabled. + ssl: + enabled: true + + # Path to file containing the certificate for server authentication. + # Needs to be configured when ssl is enabled. + certificate: "/certs/apm-server.crt" + + # Path to file containing server certificate key. + # Needs to be configured when ssl is enabled. + key: "/certs/apm-server.key" + +#================================ Outputs ================================= + +# Configure the output to use when sending the data collected by apm-server. + +#-------------------------- Elasticsearch output -------------------------- +output.elasticsearch: + # Array of hosts to connect to. + # Scheme and port can be left out and will be set to the default (`http` and `9200`). + # In case you specify and additional path, the scheme is required: `http://elasticsearch:9200/path`. + # IPv6 addresses should always be defined as: `https://[2001:db8::1]:9200`. + hosts: '${ELASTICSEARCH_HOST_PORT}' + + # Boolean flag to enable or disable the output module. + enabled: true + + # Protocol - either `http` (default) or `https`. + protocol: "https" + + # Authentication credentials + username: '${ELASTIC_USERNAME}' + password: '${ELASTIC_PASSWORD}' + + # Enable custom SSL settings. Set to false to ignore custom SSL settings for secure communication. + ssl.enabled: true + + # List of root certificates for HTTPS server verifications. + ssl.certificate_authorities: ["/certs/ca.crt"] + + # Certificate for SSL client authentication. + ssl.certificate: "/certs/apm-server.crt" + + # Client Certificate Key + ssl.key: "/certs/apm-server.key" + +#============================= X-pack Monitoring ============================= + +# APM server can export internal metrics to a central Elasticsearch monitoring +# cluster. This requires x-pack monitoring to be enabled in Elasticsearch. The +# reporting is disabled by default. + +# Set to true to enable the monitoring reporter. +monitoring.enabled: true + +# Most settings from the Elasticsearch output are accepted here as well. +# Note that these settings should be configured to point to your Elasticsearch *monitoring* cluster. +# Any setting that is not set is automatically inherited from the Elasticsearch +# output configuration. This means that if you have the Elasticsearch output configured, +# you can simply uncomment the following line. +monitoring.elasticsearch: + + # Protocol - either `http` (default) or `https`. + protocol: "https" + + # Authentication credentials + username: '${ELASTIC_USERNAME}' + password: '${ELASTIC_PASSWORD}' + + # Array of hosts to connect to. + # Scheme and port can be left out and will be set to the default (`http` and `9200`). + # In case you specify and additional path, the scheme is required: `http://elasticsearch:9200/path`. + # IPv6 addresses should always be defined as: `https://[2001:db8::1]:9200`. + hosts: '${ELASTICSEARCH_HOST_PORT}' + + # Enable custom SSL settings. Set to false to ignore custom SSL settings for secure communication. + ssl.enabled: true + + # List of root certificates for HTTPS server verifications. + ssl.certificate_authorities: ["/certs/ca.crt"] + + # Certificate for SSL client authentication. + ssl.certificate: "/certs/apm-server.crt" + + # Client Certificate Key + ssl.key: "/certs/apm-server.key" diff --git a/docker-compose.yml b/docker-compose.yml index 3ad2834..4844380 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -25,6 +25,10 @@ secrets: file: ./secrets/certs/kibana/kibana.crt kibana.key: file: ./secrets/certs/kibana/kibana.key + apm-server.certificate: + file: ./secrets/certs/apm-server/apm-server.crt + apm-server.key: + file: ./secrets/certs/apm-server/apm-server.key services: elasticsearch: @@ -120,3 +124,27 @@ services: target: /certs/kibana.key ports: - "5601:5601" + + apm-server: + image: elastdocker/apm-server:${ELK_VERSION} + build: + context: apm-server/ + args: + ELK_VERSION: $ELK_VERSION + restart: unless-stopped + ports: + - "8200:8200" + volumes: + - ./apm-server/config/apm-server.yml:/usr/share/apm-server/apm-server.yml:ro + environment: + ELASTIC_USERNAME: ${ELASTIC_USERNAME} + ELASTIC_PASSWORD: ${ELASTIC_PASSWORD} + ELASTICSEARCH_HOST_PORT: https://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT} + ELASTIC_APM_SECRET_TOKEN: ${ELASTIC_APM_SECRET_TOKEN} + secrets: + - source: elastic.ca + target: /certs/ca.crt + - source: apm-server.certificate + target: /certs/apm-server.crt + - source: apm-server.key + target: /certs/apm-server.key diff --git a/kibana/config/kibana.yml b/kibana/config/kibana.yml index 79e6372..b2adbf9 100644 --- a/kibana/config/kibana.yml +++ b/kibana/config/kibana.yml @@ -21,6 +21,22 @@ xpack.reporting.encryptionKey: RSCueeHKzrqzOVTJhkjt17EMnzM96LlN elasticsearch.serviceAccountToken: "${KIBANA_SERVICE_ACCOUNT_TOKEN}" elasticsearch.ssl.certificateAuthorities: [ "/certs/ca.crt" ] +## Add policy for apm-server integration +xpack.fleet.packages: + - name: apm + version: latest +xpack.fleet.agentPolicies: + - name: Agent policy 1 + id: agent-policy-1 + namespace: default + monitoring_enabled: + - logs + - metrics + package_policies: + - name: apm-1 + id: default-apm + package: + name: apm ## Misc elasticsearch.requestTimeout: 90000 @@ -29,4 +45,4 @@ elasticsearch.requestTimeout: 90000 ## ElastAlert Plugin #elastalert-kibana-plugin.serverHost: elastalert -#elastalert-kibana-plugin.serverPort: 3030 \ No newline at end of file +#elastalert-kibana-plugin.serverPort: 3030 diff --git a/setup/instances.yml b/setup/instances.yml index 2025ecb..853ea40 100644 --- a/setup/instances.yml +++ b/setup/instances.yml @@ -11,4 +11,11 @@ instances: - kibana - localhost ip: - - 127.0.0.1 \ No newline at end of file + - 127.0.0.1 + + - name: apm-server + dns: + - apm-server + - localhost + ip: + - 127.0.0.1