elasticsearch.env

####################################################################### Elasticsearch Env vars #######################################################################

# possible values: 
#   - elasticsearch (Elasticsearch original)
#   - opensearch (Open source version of Elasticsearch from Amazon), default setting

ELASTICSEARCH_VERSION=opensearch

# possible values :
#   - elasticsearch                         : docker.elastic.co/elasticsearch/elasticsearch:8.19.11
#   - elasticsearch (custom cogstack image) : cogstacksystems/cogstack-elasticsearch:latest 
#   - opensearch                            : opensearchproject/opensearch:3.5.0
# the custom cogstack image is always based on the last image of ES native 

ELASTICSEARCH_DOCKER_IMAGE=opensearchproject/opensearch:3.5.0

ELASTICSEARCH_LOG_LEVEL=INFO

ELASTICSEARCH_SEED_HOSTS=localhost,elasticsearch-2,elasticsearch-1
ELASTICSEARCH_INITIAL_CLUSTER_MANAGER_NODES=es01


ELASTICSEARCH_NETWORK_HOST="0.0.0.0"
ELASTICSEARCH_NETWORK_PUBLISH_HOST="0.0.0.0"

ELASTICSEARCH_NODE_1_OUTPUT_PORT=9200
ELASTICSEARCH_NODE_2_OUTPUT_PORT=9201
ELASTICSEARCH_NODE_3_OUTPUT_PORT=9202

# cluster communication port
ELASTICSEARCH_NODE_1_COMM_OUTPUT_PORT=9300
ELASTICSEARCH_NODE_2_COMM_OUTPUT_PORT=9301
ELASTICSEARCH_NODE_3_COMM_OUTPUT_PORT=9302

# cluster analyzer port
ELASTICSEARCH_NODE_1_ANALYZER_OUTPUT_PORT=9600
ELASTICSEARCH_NODE_2_ANALYZER_OUTPUT_PORT=9601
ELASTICSEARCH_NODE_3_ANALYZER_OUTPUT_PORT=9602

# do not change these values unless you want to create new volumes manually in services.yml
# or you have a special case where you need to switch volumes
ELASTICSEARCH_NODE_1_DATA_VOL_NAME=elasticsearch-vol-1
ELASTICSEARCH_NODE_2_DATA_VOL_NAME=elasticsearch-vol-2
ELASTICSEARCH_NODE_3_DATA_VOL_NAME=elasticsearch-vol-3

# log volumes shared between filebeat and elasticsearch
ELASTICSEARCH_NODE_1_LOG_VOL_NAME=elasticsearch-vol-log-1
ELASTICSEARCH_NODE_2_LOG_VOL_NAME=elasticsearch-vol-log-2
ELASTICSEARCH_NODE_3_LOG_VOL_NAME=elasticsearch-vol-log-3

# Performance Analyzer volumes (OpenSearch)
ELASTICSEARCH_NODE_1_PA_VOL_NAME=elasticsearch-vol-performance-analyzer-1
ELASTICSEARCH_NODE_2_PA_VOL_NAME=elasticsearch-vol-performance-analyzer-2
ELASTICSEARCH_NODE_3_PA_VOL_NAME=elasticsearch-vol-performance-analyzer-3

# this is for native ES 
# possible values:
#   - trial  # 30 day trial
#   - basic

ELASTICSEARCH_LICENSE_TYPE="trial"

ELASTICSEARCH_SSL_ENABLED=true

ELASTICSEARCH_CLUSTER_NAME="elasticsearch-cogstack-cluster"

# the node names can be the same as the $ES_INSTANCE_NAME_1 variables set in security/certificates_elasticsearch.env
ELASTICSEARCH_NODE_1_NAME=es01
ELASTICSEARCH_NODE_2_NAME=es02
ELASTICSEARCH_NODE_3_NAME=es03

# corresponds to "node.attr.rack="
ELASTICSEARCH_NODE_ATTR="elastic"

ELASTICSEARCH_CORS_ENABLED="true"

ELASTICSEARCH_HTTP_PORT=9200

# this setting represents the number of CPUS allocated to each cluster.
ELASTICSEARCH_NODE_PROCESSORS="2"

ELASTICSEARCH_BACKUPS_PATH_REPO=["/mnt/es_data_backups","/mnt/es_config_backups"]

# used for full snapshot backup
# this is the path on the physical drive, not inside the container
ELASTICSEARCH_BACKUP_PARTITION_FULL=../data/es_snapshot_backups/full_backup

# this is the path on the physical drive, not inside the container
# used for snapshot backups of configs
ELASTICSEARCH_BACKUP_PARTITION_CONFIG=../data/es_snapshot_backups/config_backup

# Security certificates
ELASTICSEARCH_SECURITY_DIR=../security/certificates/elastic/

# MEMORY CONFIG
ELASTICSEARCH_JAVA_OPTS="-Xms512m -Xmx512m -Des.failure_store_feature_flag_enabled=true"
ES_JAVA_OPTS=$ELASTICSEARCH_JAVA_OPTS
OPENSEARCH_JAVA_OPTS=$ELASTICSEARCH_JAVA_OPTS

ELASTICSEARCH_DOCKER_CPU_MIN=1
ELASTICSEARCH_DOCKER_CPU_MAX=1
ELASTICSEARCH_DOCKER_RAM=1g

ELASTICSEARCH_DOCKER_SHM_SIZE=512m

ELASTICSEARCH_DOCKER_LOG_SIZE_PER_FILE="1000m"
ELASTICSEARCH_DOCKER_LOG_NUM_FILES=10

# disables swapping, imporving r/w performance (at the expense of RAM)
ELASTICSEARCH_BOOTSTRAP_MEMORY_LOCK=true

#  system_call_filter | https://en.wikipedia.org/wiki/Seccomp
ELASTICSEARCH_SYSTEM_CALL_FILTER=false

####### OpenID Connect (OpenSearch Security) #######
# Values used by: security/es_roles/opensearch/config.yml (openid_auth_domain)
ELASTICSEARCH_OPENID_CONNECT_URL="https://keycloak.example.com:8080/auth/realms/master/.well-known/openid-configuration"
ELASTICSEARCH_OPENID_REQUIRED_AUDIENCE="your-openid-client-id"
ELASTICSEARCH_OPENID_SUBJECT_KEY="preferred_username"
ELASTICSEARCH_OPENID_ROLES_KEY="roles"

####### This section is for AD user authentication #######

# example: network.xyz.uk
ELASTICSEARCH_AD_DOMAIN_NAME="network.xyz.uk"

# example: "ldap://server1.xyz.uk:389,ldap://server2.xyz.uk:389"
ELASTICSEARCH_AD_URL="ldap://server1.xyz.uk:389,ldap://server2.xyz.uk:389"

ELASTICSEARCH_AD_UNMAPPED_GROUPS_AS_ROLES=true
ELASTICSEARCH_AD_FOLLOW_REFERRALS=false

ELASTICSEARCH_AD_TIMEOUT=60s


####### SMTP EMAIL section 

# example Watcher_Email
ELASTICSEARCH_EMAIL_ACCOUNT_PROFILE="Watcher_Email"

ELASTICSEARCH_EMAIL_ACCOUNT_EMAIL_DEFAULTS=info@notifications.cogstack.net

# example: smtpserver.xyz.uk
ELASTICSEARCH_EMAIL_SMTP_HOST="smtpserver.xyz.uk"
ELASTICSEARCH_EMAIL_SMTP_PORT=25


# Other elasticsearch settings, important for indexing etc
ELASTICSEARCH_QUERY_BOOL_MAX_CLAUSE_COUNT=4096
ELASTICSEARCH_INDICES_MEMORY_INDEX_BUFFER_SIZE="25%"


##########################################################

############################################################ Shared Env vars for MetricBeats/Kibana etc ##############################################################

# please respect the double quotes "" on each address or you may get type errors from Kibana
ELASTICSEARCH_HOSTS='["https://elasticsearch-1:9200","https://elasticsearch-2:9200"]'

KIBANA_HOST="https://kibana:5601"

########################################################################## KIBANA Env vars ###########################################################################
# NOTE: some variables from the Elasticsearch section are used
#       - ${ELASTICSEARCH_VERSION} is used for certificate paths, as well as kibana.yml config path.
###################
# possible values: 
#   - kibana (Elasticsearch original), used when ELASTICSEARCH_VERSION=elasticsearch
#   - opensearch-dashboards (Open source version of Elasticsearch from Amazon), default setting

KIBANA_VERSION=opensearch-dashboards

# IMPORTANT: config file name for KIBANA
# possible values:
#   - kibana
#   - opensearch_dashboards  # make note of the underscore...

KIBANA_CONFIG_FILE_VERSION=opensearch_dashboards

# possible values:
#   - elasticsearch                         : docker.elastic.co/kibana/kibana:8.19.11
#   - elasticsearch (custom cogstack image) : cogstacksystems/cogstack-kibana:latest
#   - opensearch                            : opensearchproject/opensearch-dashboards:3.5.0
# the custom cogstack image is always based on the last image of ES native 

ELASTICSEARCH_KIBANA_DOCKER_IMAGE=opensearchproject/opensearch-dashboards:3.5.0

KIBANA_SERVER_NAME="cogstack-kibana"
KIBANA_PUBLIC_BASE_URL="https://elasticsearch-1:5601"

KIBANA_SERVER_HOST="0.0.0.0"
KIBANA_SERVER_OUTPUT_PORT=5601

KIBANA_DOCKER_SHM_SIZE=512m
KIBANA_DOCKER_CPU_MIN=1
KIBANA_DOCKER_CPU_MAX=1
KIBANA_DOCKER_RAM=1g


# this is used in Kibana
# it needs to be generated via the API 
# more about it : https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-service-token.html#security-api-create-service-token-path-params
ELASTICSEARCH_SERVICE_ACCOUNT_TOKEN="AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuX2VHNTZyNFFCWkR0YjFsT0NLVjBaOjBMaTFPZWNyUkNlZ2JseXhhNGJMU2c"


# You can generate values for the below strings by using openssl rand
# example, in bash:  openssl rand -base64 32
# the keys must be at least 32 characters long

# xpack.security.encryptionKey: "something_at_least_32_characters"
ELASTICSEARCH_XPACK_SECURITY_ENCRYPTION_KEY="ayBMcv1nLqUBnbH3QLDZhqVxHii9sikv57NoG16ZvM8="

# xpack.encryptedSavedObjects.encryptionKey: VALUE "something_at_least_32_characters"
ELASTICSEARCH_XPACK_SECURITY_SAVED_OBJECTS_ENCRYPTION_KEY="+tcwakgxUu+SJcMJbdGQekxPJtuoP6xCjzIMe2iSPvE="

# xpack.reporting.encryptionKey: VALUE "something_at_least_32_characters"
ELASTICSEARCH_XPACK_SECURITY_REPORTING_ENCRYPTION_KEY="e0Y1gTxHWOopIWMTtpjQsDS6Kv8wUxofg0xRTai0mNg="



######################################################################### METRICBEAT Env vars ##########################################################################

METRICBEAT_IMAGE="docker.elastic.co/beats/metricbeat:8.19.11"

METRICBEAT_DOCKER_SHM=512m
METRICBEAT_DOCKER_CPU_MIN=1
METRICBEAT_DOCKER_CPU_MAX=1
METRICBEAT_DOCKER_RAM=1g

########################################################################## FILEBEAT Env vars ###########################################################################

# Possible values:
#   - "filebeat setup --dashboards && -e --strict.perms=false" -- this is neccessary on the first startup to create the Kibana dashboard(s), use this only once.
#   - "-e --strict.perms=false" -- set this back to default after you are done initializing the dashboards, filebeat will crash after dashboard init
FILEBEAT_STARTUP_COMMAND="-e --strict.perms=false"


FILEBEAT_HOST="https://elasticsearch-1:9200"

FILEBEAT_IMAGE="docker.elastic.co/beats/filebeat:8.19.11"


FILEBEAT_DOCKER_SHM=512m
FILEBEAT_DOCKER_CPU_MIN=1
FILEBEAT_DOCKER_CPU_MAX=1
FILEBEAT_DOCKER_RAM=1g