apiVersion: kibana.k8s.elastic.co/v1 kind: Kibana metadata: name: kibana spec: version: 7.14.0 count: 1 elasticsearchRef: name: elasticsearch config: xpack.fleet.agents.elasticsearch.host: "https://elasticsearch-es-http.default.svc:9200" xpack.fleet.agents.fleet_server.hosts: ["https://fleet-server-agent-http.default.svc:8220"] xpack.fleet.packages: - name: kubernetes version: latest xpack.fleet.agentPolicies: - name: Default Fleet Server on ECK policy is_default_fleet_server: true package_policies: - package: name: fleet_server name: fleet_server-1 - name: Default Elastic Agent on ECK policy is_default: true unenroll_timeout: 900 package_policies: - package: name: system name: system-1 - package: name: kubernetes name: kubernetes-1 --- apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: elasticsearch spec: version: 7.14.0 nodeSets: - name: default count: 3 config: node.store.allow_mmap: false --- apiVersion: agent.k8s.elastic.co/v1alpha1 kind: Agent metadata: name: fleet-server spec: version: 7.14.0 kibanaRef: name: kibana elasticsearchRefs: - name: elasticsearch mode: fleet fleetServerEnabled: true deployment: replicas: 1 podTemplate: spec: serviceAccountName: fleet-server automountServiceAccountToken: true securityContext: runAsUser: 0 --- apiVersion: agent.k8s.elastic.co/v1alpha1 kind: Agent metadata: name: elastic-agent spec: version: 7.14.0 kibanaRef: name: kibana fleetServerRef: name: fleet-server mode: fleet daemonSet: podTemplate: spec: serviceAccountName: elastic-agent hostNetwork: true dnsPolicy: ClusterFirstWithHostNet automountServiceAccountToken: true securityContext: runAsUser: 0 --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: fleet-server rules: - apiGroups: [""] resources: - pods verbs: - get - watch - list - apiGroups: ["coordination.k8s.io"] resources: - leases verbs: - get - create - update --- apiVersion: v1 kind: ServiceAccount metadata: name: fleet-server namespace: default --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: fleet-server subjects: - kind: ServiceAccount name: fleet-server namespace: default roleRef: kind: ClusterRole name: fleet-server apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: elastic-agent rules: - apiGroups: [""] resources: - pods - nodes - namespaces - events - services - configmaps verbs: - get - watch - list - apiGroups: ["coordination.k8s.io"] resources: - leases verbs: - get - create - update - nonResourceURLs: - "/metrics" verbs: - get - apiGroups: ["extensions"] resources: - replicasets verbs: - "get" - "list" - "watch" - apiGroups: - "apps" resources: - statefulsets - deployments - replicasets verbs: - "get" - "list" - "watch" - apiGroups: - "" resources: - nodes/stats verbs: - get - apiGroups: - "batch" resources: - jobs verbs: - "get" - "list" - "watch" --- apiVersion: v1 kind: ServiceAccount metadata: name: elastic-agent namespace: default --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: elastic-agent subjects: - kind: ServiceAccount name: elastic-agent namespace: default roleRef: kind: ClusterRole name: elastic-agent apiGroup: rbac.authorization.k8s.io ...