HCL Component Pack is fully set-up now, you’re interested what’s going on in that mysterious elasticsearch part? In CP 6.5 you’ve been able to access the ElasticSearch data directly through the kibana pod. With CP7 this seems to be gone.
If you really want/need to access the ElasticSearch environment, you may use the following path on your own risk
Step 1: get the necessary certificates
#!/bin/sh echo "check directory" cwd=`pwd` if [ ! -d "$cwd/certs" ]; then mkdir -p $cwd/certs fi version='elasticsearch-7-secret' #version='elasticsearch-secret' echo "extract certificates" if [ ! -f "$cwd/certs/elasticsearch-healthcheck.crt.pem" ]; then kubectl view-secret -n connections $version elasticsearch-healthcheck.crt.pem > $cwd/certs/elasticsearch-healthcheck.crt.pem fi if [ ! -f "$cwd/certs/elasticsearch-http.crt.pem" ]; then kubectl view-secret -n connections $version elasticsearch-http.crt.pem > $cwd/certs/elasticsearch-http.crt.pem fi if [ ! -f "$cwd/certs/elasticsearch-healthcheck.des3.key" ]; then kubectl view-secret -n connections $version elasticsearch-healthcheck.des3.key > $cwd/certs/elasticsearch-healthcheck.des3.key fi echo "done"
This script requires the kubectl krew plugins installed in your kubectl client.
Run this on your master or a client which has kubectl and the krew plugin installed to get the secrets.
Then you could use the following script as an example:
#!/bin/bash # An util script so that you can interact with es like what official site suggested: # for additional usage, if you need to do much more complicated operation, pls # refer to offcial site: # https://www.elastic.co/ set -o errexit set -o pipefail set -o nounset # the directory that all cert placed # change this to your cert directory. cert_dir=./certs HOST=`hostname` URL_base="https://localhost:30098" #CP6.5: #URL_base="https://localhost:30099" #CP6.5: KEY_PASS=`kubectl view-secret -n connections elasticsearch-secret elasticsearch-key-password.txt` KEY_PASS=`kubectl view-secret -n connections elasticsearch-7-secret elasticsearch-key-password.txt` echo "[$KEY_PASS]" if [ "${1:-}" = "" ] || [ "${2:-}" = "" ]; then echo "usage: sendRequest.sh param_method param_url [additional param]" echo "Request is send to es client(coordinating node) by default. add param" echo "to send request to es master node" echo "refer: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html" exit 107 fi # save the HTTPS METHOD. _method=$1 # and then shfit this argument. # since we need to pass the rest args to curl command unchanged. shift 1 # turn off expansion to avoid asterisk becoming current directory set -f # please ensure those # cert, password, key, cacert # are at the right location. response_text=$(curl \ --insecure \ --cert $cert_dir/elasticsearch-healthcheck.crt.pem:${KEY_PASS} \ --key $cert_dir/elasticsearch-healthcheck.des3.key \ --cacert $cert_dir/elasticsearch-http.crt.pem \ -X${_method} \ ${URL_base}"$@") # echo to return to caller. echo ${response_text} # turn expansion back to 'on' set +f
Now you can use it like this
./sendRequest.sh GET /_cat/indices > indices.txt
Disclaimer: use at your own risk