ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Deployment: External and secure Kibana and Elasticsearch in can be configured in OpenVidu Pro Node

pull/546/head
cruizba 2020-09-22 18:19:51 +02:00
parent 71c5409b05
commit df92cca9de
9 changed files with 44 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
openvidu-server/deployments/pro/aws/cfn-openvidu-server-pro-no-market.yaml.template
View File

@ -63,21 +63,20 @@ Parameters:
Type: Number
Default: 1
# Kibana configuration
KibanaUser:
Description: "Username for Kibana Dashboard"
# Elasticsearch configuration
ElasticsearchUser:
Description: "Username for Elasticsearch and Kibana"
Type: String
AllowedPattern: ^((?!")(?! ).)+$
ConstraintDescription: Kibana user is mandatory (no whitespaces or quotations allowed)
Default: kibanaadmin
ConstraintDescription: Elasticsearch user is mandatory (no whitespaces or quotations allowed)
Default: elasticadmin
KibanaPassword:
Description: "Password for Kibana Dashboard"
ElasticsearchPassword:
Description: "Password for Elasticsearch and Kibana"
Type: String
AllowedPattern: ^((?!")(?! ).)+$
NoEcho: true
ConstraintDescription: Kibana password is mandatory (no whitespaces or quotations allowed)
ConstraintDescription: Elasticsearch password is mandatory (no whitespaces or quotations allowed)
# EC2 Instance configuration
@ -216,8 +215,8 @@ Metadata:
- Label:
default: Kibana configuration
Parameters:
- KibanaUser
- KibanaPassword
- ElasticsearchUser
- ElasticsearchPassword
- Label:
default: EC2 Instance configuration
Parameters:
@ -256,10 +255,10 @@ Metadata:
OpenViduSecret:
default: "Openvidu Secret"
# Kibana configuration
KibanaUser:
default: "Kibana username"
KibanaPassword:
default: "Kibana password"
ElasticsearchUser:
default: "Elasticsearch and Kibana username"
ElasticsearchPassword:
default: "Elasticsearch and Kibana password"
# EC2 instance configuration
AwsInstanceTypeOV:
default: "Instance type for Openvidu Server Pro Node"
@ -383,9 +382,9 @@ Resources:
sed -i "s/CERTIFICATE_TYPE=selfsigned/CERTIFICATE_TYPE=${WhichCert}/" $WORKINGDIR/.env
sed -i "s/LETSENCRYPT_EMAIL=user@example.com/LETSENCRYPT_EMAIL=${LetsEncryptEmail}/" $WORKINGDIR/.env
# Replace Kibana Conf
sed -i "s/KIBANA_USER=kibanaadmin/KIBANA_USER=${KibanaUser}/" $WORKINGDIR/.env
sed -i "s/KIBANA_PASSWORD=/KIBANA_PASSWORD=${KibanaPassword}/" $WORKINGDIR/.env
# Replace Elastic Search Conf
sed -i "s/ELASTICSEARCH_USERNAME=elasticadmin/ELASTICSEARCH_USERNAME=${ElasticsearchUser}/" $WORKINGDIR/.env
sed -i "s/ELASTICSEARCH_PASSWORD=/ELASTICSEARCH_PASSWORD=${ElasticsearchPassword}/" $WORKINGDIR/.env
# Replace vars AWS
sed -i "s/#AWS_DEFAULT_REGION=/AWS_DEFAULT_REGION=${AWS::Region}/" $WORKINGDIR/.env

7
openvidu-server/deployments/pro/docker-compose/openvidu-server-pro/.env
View File

@ -228,9 +228,10 @@ OPENVIDU_CDR_PATH=/opt/openvidu/cdr
# Kibana And ElasticSearch Configuration
# --------------------------
# Kibana dashboard configuration (Credentials)
KIBANA_USER=kibanaadmin
KIBANA_PASSWORD=
# Kibana And ElasticSeach Basic Auth configuration (Credentials)
# This credentials will aso be valid for Kibana dashboard
ELASTICSEARCH_USERNAME=elasticadmin
ELASTICSEARCH_PASSWORD=
# Cloudformation configuration
# --------------------------

4
openvidu-server/deployments/pro/docker-compose/openvidu-server-pro/beats/filebeat.yml
View File

@ -16,7 +16,9 @@ processors:
output:
elasticsearch:
hosts: ["elasticsearch:9200"]
hosts: ["${OPENVIDU_PRO_ELASTICSEARCH_HOST}"]
username: ${ELASTICSEARCH_USERNAME}
password: ${ELASTICSEARCH_PASSWORD}
indices:
- index: "filebeat-redis-%{+yyyy.MM.dd}"
when.or:

19
openvidu-server/deployments/pro/docker-compose/openvidu-server-pro/docker-compose.yml
View File

@ -42,9 +42,9 @@ services:
- COTURN_REDIS_IP=127.0.0.1
- COTURN_REDIS_PASSWORD=${OPENVIDU_SECRET}
- OPENVIDU_PRO_CLUSTER=true
- OPENVIDU_PRO_KIBANA_HOST=http://127.0.0.1/kibana
- OPENVIDU_PRO_ELASTICSEARCH_HOST=http://127.0.0.1:9200
- WAIT_KIBANA_URL=http://127.0.0.1:5601/api/status
- OPENVIDU_PRO_KIBANA_HOST=${OPENVIDU_PRO_KIBANA_HOST:-http://127.0.0.1/kibana}
- OPENVIDU_PRO_ELASTICSEARCH_HOST=${OPENVIDU_PRO_ELASTICSEARCH_HOST:-http://127.0.0.1:9200}
- WAIT_KIBANA_URL=${OPENVIDU_PRO_KIBANA_HOST:-http://127.0.0.1/kibana}
- DOTENV_PATH=${PWD}
redis:
@ -70,7 +70,6 @@ services:
image: openvidu/openvidu-proxy:3.0.0
restart: on-failure
network_mode: host
entrypoint: ['/bin/sh', '-c', 'htpasswd -bc /etc/nginx/kibana.htpasswd "${KIBANA_USER}" "${KIBANA_PASSWORD}" && /usr/local/bin/entrypoint.sh']
volumes:
- ./certificates:/etc/letsencrypt
- ./owncert:/owncert
@ -89,8 +88,13 @@ services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.8.0
restart: always
command:
- '/bin/bash'
- '-c'
- '/usr/share/elasticsearch/bin/elasticsearch-users useradd ${ELASTICSEARCH_USERNAME} -p ${ELASTICSEARCH_PASSWORD} -r superuser && /tini -- /usr/local/bin/docker-entrypoint.sh'
environment:
- discovery.type=single-node
- xpack.security.enabled=true
ports:
- 9200:9200
volumes:
@ -101,13 +105,20 @@ services:
restart: always
environment:
- SERVER_BASEPATH="/kibana"
- ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}
- ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD}
ports:
- 5601:5601
filebeat:
image: docker.elastic.co/beats/filebeat:7.8.0
network_mode: host
restart: always
user: root
environment:
- ELASTICSEARCH_USERNAME=${ELASTICSEARCH_USERNAME}
- ELASTICSEARCH_PASSWORD=${ELASTICSEARCH_PASSWORD}
- OPENVIDU_PRO_ELASTICSEARCH_HOST=${OPENVIDU_PRO_ELASTICSEARCH_HOST:-http://127.0.0.1:9200}
volumes:
- ./beats/filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
- /var/lib/docker:/var/lib/docker:ro

2
openvidu-server/deployments/pro/docker-compose/openvidu-server-pro/install_openvidu_pro.sh
View File

@ -105,7 +105,7 @@ new_ov_installation() {
printf '\n 1. Go to openvidu folder:'
printf '\n $ cd openvidu'
printf '\n'
printf '\n 2. Configure OPENVIDU_DOMAIN_OR_PUBLIC_IP, OPENVIDU_PRO_LICENSE, OPENVIDU_SECRET, and KIBANA_PASSWORD in .env file:'
printf '\n 2. Configure OPENVIDU_DOMAIN_OR_PUBLIC_IP, OPENVIDU_PRO_LICENSE, OPENVIDU_SECRET, and ELASTICSEARCH_PASSWORD in .env file:'
printf '\n $ nano .env'
printf '\n'
printf '\n 3. Start OpenVidu'

2
openvidu-server/deployments/pro/docker-compose/openvidu-server-pro/openvidu
View File

@ -120,7 +120,7 @@ generate_report() {
printf '\n'
printf '\n'
cat < "${OV_FOLDER}/.env" | sed -r -e "s/OPENVIDU_SECRET=.+/OPENVIDU_SECRET=****/" -e "s/OPENVIDU_PRO_LICENSE=.+/OPENVIDU_PRO_LICENSE=****/" -e "s/KIBANA_PASSWORD=.+/KIBANA_PASSWORD=****/"
cat < "${OV_FOLDER}/.env" | sed -r -e "s/OPENVIDU_SECRET=.+/OPENVIDU_SECRET=****/" -e "s/OPENVIDU_PRO_LICENSE=.+/OPENVIDU_PRO_LICENSE=****/" -e "s/ELASTICSEARCH_PASSWORD=.+/ELASTICSEARCH_PASSWORD=****/"
printf '\n'
printf '\n ========= docker-compose.yml =========='

2
openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default-app-without-demos.conf
View File

@ -89,8 +89,6 @@ server {
location /kibana {
{rules_access_dashboard}
deny all;
auth_basic "Openvidu Monitoring";
auth_basic_user_file /etc/nginx/kibana.htpasswd;
rewrite ^/kibana/(.*)$ /$1 break;
proxy_pass http://kibana/;

2
openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default.conf
View File

@ -99,8 +99,6 @@ server {
location /kibana {
{rules_access_dashboard}
deny all;
auth_basic "Openvidu Monitoring";
auth_basic_user_file /etc/nginx/kibana.htpasswd;
rewrite ^/kibana/(.*)$ /$1 break;
proxy_pass http://kibana/;

13
openvidu-server/docker/openvidu-server-pro/entrypoint.sh
View File

@ -8,19 +8,12 @@ if [ ! -z "${WAIT_KIBANA_URL}" ]; then
printf "\n ======================================="
printf "\n"
while true
do
HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" "${WAIT_KIBANA_URL}")
until $(curl --insecure --output /dev/null --silent --head --fail ${WAIT_KIBANA_URL})
do
printf "\n Waiting for kibana in '%s' URL..." "${WAIT_KIBANA_URL}"
if [ "$HTTP_STATUS" == "200" ]; then
printf "\n ==== Kibana is Ready ===="
break
fi
sleep 1
done
printf "\n ==== Kibana is Ready ===="
fi
# Launch Openvidu Pro