# Elasticsearch Add-On This add-on consists of a combination of [Elasticsearch](https://www.elastic.co/products/elasticsearch), [Fluentd](http://www.fluentd.org/) and [Kibana](https://www.elastic.co/products/elasticsearch). Elasticsearch is a search engine that is responsible for storing our logs and allowing for them to be queried. Fluentd sends log messages from Kubernetes to Elasticsearch, whereas Kibana is a graphical interface for viewing and querying the logs stored in Elasticsearch. ## Elasticsearch Elasticsearch is deployed as a [StatefulSet](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/), which is like a Deployment, but allows for maintaining state on storage volumes. ### Authentication Elasticsearch has basic authentication enabled by default, in our configuration the credentials are at their default values, i.e. username 'elastic' and password 'changeme'. In order to change them, please read up on [the official documentation](https://www.elastic.co/guide/en/x-pack/current/setting-up-authentication.html#reset-built-in-user-passwords). ### Initialization The Elasticsearch Statefulset manifest specifies that there shall be an [init container](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) executing before Elasticsearch containers themselves, in order to ensure that the kernel state variable `vm.max_map_count` is at least 262144, since this is a requirement of Elasticsearch. You may remove the init container if you know that your host OS meets this requirement. ### Storage The Elasticsearch StatefulSet will claim a storage volume 'elasticsearch-logging', of the standard [StorageClass](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#storageclasses), that by default will be 100 Gi per replica. Please adjust this to your needs (including possibly choosing a more suitable StorageClass). ## Fluentd Fluentd is deployed as a [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) which spawns a pod on each node that reads logs, generated by kubelet, container runtime and containers and sends them to Elasticsearch. *Please note that for Fluentd to work, every Kubernetes node must be labeled* `beta.kubernetes.io/fluentd-ds-ready=true`, as otherwise Fluentd will ignore them. Learn more at: https://kubernetes.io/docs/tasks/debug-application-cluster/logging-elasticsearch-kibana [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/addons/fluentd-elasticsearch/README.md?pixel)]()