From b876d609498913b0de8425fb1df266540d675228 Mon Sep 17 00:00:00 2001 From: lcawl Date: Wed, 9 Oct 2019 15:24:50 -0700 Subject: [PATCH] [DOCS] Adds troubleshooting and production monitoring pages --- docs/reference/monitoring/collectors.asciidoc | 2 +- .../configuring-monitoring.asciidoc | 5 +- docs/reference/monitoring/index.asciidoc | 2 + docs/reference/monitoring/production.asciidoc | 147 ++++++++++++++++++ .../monitoring/troubleshooting.asciidoc | 15 ++ .../settings/monitoring-settings.asciidoc | 9 +- 6 files changed, 171 insertions(+), 9 deletions(-) create mode 100644 docs/reference/monitoring/production.asciidoc create mode 100644 docs/reference/monitoring/troubleshooting.asciidoc diff --git a/docs/reference/monitoring/collectors.asciidoc b/docs/reference/monitoring/collectors.asciidoc index 325e41cbac829..ee12dd548c827 100644 --- a/docs/reference/monitoring/collectors.asciidoc +++ b/docs/reference/monitoring/collectors.asciidoc @@ -140,4 +140,4 @@ related to monitoring data, which can be very useful when there are a large number of Logstash nodes or Beats. For more information about typical monitoring architectures, see -{xpack-ref}/how-monitoring-works.html[How Monitoring Works]. +<>. diff --git a/docs/reference/monitoring/configuring-monitoring.asciidoc b/docs/reference/monitoring/configuring-monitoring.asciidoc index 0ef7f6c1fa04b..c15a3c1229164 100644 --- a/docs/reference/monitoring/configuring-monitoring.asciidoc +++ b/docs/reference/monitoring/configuring-monitoring.asciidoc @@ -51,7 +51,8 @@ as {kib}, Beats, and Logstash to a monitoring cluster: .. Verify that `xpack.monitoring.collection.enabled` settings are `true` on each node in the cluster. -.. {stack-ov}/xpack-monitoring.html[Configure monitoring across the {stack}]. +.. Configure monitoring across the {stack}. For example, see +<>. . Identify where to store monitoring data. + @@ -68,7 +69,7 @@ cluster that stores the monitoring data must have at least one <>. For more information about typical monitoring architectures, -see {stack-ov}/how-monitoring-works.html[How Monitoring Works]. +see <>. -- . If {es} {security-features} are enabled and you are using an `http` exporter diff --git a/docs/reference/monitoring/index.asciidoc b/docs/reference/monitoring/index.asciidoc index 90cc054e95696..71cfcec0dd9bc 100644 --- a/docs/reference/monitoring/index.asciidoc +++ b/docs/reference/monitoring/index.asciidoc @@ -11,6 +11,7 @@ performance of your {es} cluster. include::overview.asciidoc[] include::how-monitoring-works.asciidoc[] +include::production.asciidoc[] include::configuring-monitoring.asciidoc[] include::pause-export.asciidoc[] include::indices.asciidoc[] @@ -19,3 +20,4 @@ include::collectors.asciidoc[] include::exporters.asciidoc[] include::local-export.asciidoc[] include::http-export.asciidoc[] +include::troubleshooting.asciidoc[] \ No newline at end of file diff --git a/docs/reference/monitoring/production.asciidoc b/docs/reference/monitoring/production.asciidoc new file mode 100644 index 0000000000000..55624cbb3e015 --- /dev/null +++ b/docs/reference/monitoring/production.asciidoc @@ -0,0 +1,147 @@ +[role="xpack"] +[testenv="gold"] +[[monitoring-production]] +== Monitoring in a production environment + +In production, you should send monitoring data to a separate _monitoring cluster_ +so that historical data is available even when the nodes you are monitoring are +not. For example, you can use {metricbeat} to ship monitoring data about {kib} +to a separate monitoring cluster. + +If you have an appropriate license, using a dedicated monitoring cluster also +enables you to monitor multiple clusters from a central location. + +To store monitoring data in a separate cluster: + +. <>. +For example, you might set up a two host cluster with the nodes `es-mon-1` and +`es-mon-2`. ++ +-- +[IMPORTANT] +=============================== +* To monitor an {es} 6.x cluster, you must run {es} +6.x on the monitoring cluster. +* There must be at least one <> in the monitoring +cluster; it does not need to be a dedicated ingest node. +=============================== + +-- + +. {kibana-ref}/monitoring-xpack-kibana.html[Configure {monitoring}] in {kib}. ++ +-- +NOTE: {kib} makes requests to the monitoring cluster as the logged in user. +The username and password credentials must therefore be valid on both the {kib} +server and the monitoring cluster. + +-- + +. Create a user on the monitoring cluster that has the +`remote_monitoring_agent` role. These credentials will be used when +data is shipped from the {es} cluster you are monitoring to +your dedicated monitoring cluster. For example, the following request +creates a `remote_monitor` user that has the `remote_monitoring_agent` role: ++ +-- +[source, sh] +--------------------------------------------------------------- +POST /_xpack/security/user/remote_monitor +{ + "password" : "changeme", + "roles" : [ "remote_monitoring_agent"], + "full_name" : "Internal Agent For Remote Monitoring" +} +--------------------------------------------------------------- +// CONSOLE +-- + +. Configure each {es} node in the cluster you are +monitoring to send metrics to your monitoring cluster by +configuring an HTTP exporter in the +`xpack.monitoring.exporters` settings in `elasticsearch.yml`. ++ +-- +[source,yaml] +-------------------------------------------------- +xpack.monitoring.exporters: + id1: + type: http + host: ["http://es-mon-1:9200", "http://es-mon2:9200"] <1> + auth.username: remote_monitor <2> + auth.password: changeme +-------------------------------------------------- +<1> If SSL/TLS is enabled on the monitoring cluster, you must +connect through HTTPS. +<2> If {security} is disabled on the monitoring cluster, you can +omit `auth.username` and `auth.password`. +-- + +. If SSL/TLS is enabled on the monitoring cluster, specify the trusted +CA certificate(s) that will be used to verify the identity of the nodes +in the monitoring cluster. ++ +-- +To add a CA certificate to an {es} node's trusted certificates, you +can specify the location of the PEM encoded certificate with the +`certificate_authorities` setting: + +[source,yaml] +-------------------------------------------------- +xpack.monitoring.exporters: + id1: + type: http + host: ["https://es-mon1:9200", "https://es-mon2:9200"] + auth: + username: agent-user + password: password + ssl: + certificate_authorities: [ "/path/to/ca.crt" ] +-------------------------------------------------- + +Alternatively, you can configure trusted certificates using a truststore +(a Java Keystore file that contains the certificates): + +[source,yaml] +-------------------------------------------------- +xpack.monitoring.exporters: + id1: + type: http + host: ["https://es-mon1:9200", "https://es-mon2:9200"] + auth: + username: remote_monitor + password: changeme + ssl: + truststore.path: /path/to/file + truststore.password: password +-------------------------------------------------- + +-- + +. Restart {es} on the nodes in your production cluster. ++ +-- +TIP: You may want to temporarily +<> before you restart your nodes to +avoid unnecessary shard reallocation during the install process. + +-- + +. To verify your {monitoring} installation, point your web browser at your {kib} +host, and select **Monitoring** from the side navigation. When security is enabled, +to view the monitoring dashboards you must log in to {kib} as a user who has +both the `kibana_user` and `monitoring_user` roles. For example: ++ +-- +[source,js] +-------------------------------------------------- +POST /_xpack/security/user/stack-monitor +{ + "password" : "changeme", + "roles" : [ "kibana_user", "monitoring_user" ] +} +-------------------------------------------------- +// CONSOLE + +//image:images/monitoring.jpg["Monitoring",link="images/monitoring.jpg"] +-- diff --git a/docs/reference/monitoring/troubleshooting.asciidoc b/docs/reference/monitoring/troubleshooting.asciidoc new file mode 100644 index 0000000000000..3c53f5cb8400a --- /dev/null +++ b/docs/reference/monitoring/troubleshooting.asciidoc @@ -0,0 +1,15 @@ +[[monitoring-troubleshooting]] +== Troubleshooting monitoring +++++ +Troubleshooting +++++ + +Use the information in this section to troubleshoot common problems and find +answers for frequently asked questions. See also +{logstash-ref}/monitoring-troubleshooting.html[Troubleshooting {monitoring} in {ls}]. + +For issues that you cannot fix yourself … we’re here to help. +If you are an existing Elastic customer with a support contract, please create +a ticket in the +https://support.elastic.co/customers/s/login/[Elastic Support portal]. +Or post in the https://discuss.elastic.co/[Elastic forum]. diff --git a/docs/reference/settings/monitoring-settings.asciidoc b/docs/reference/settings/monitoring-settings.asciidoc index bea2bd3c5db34..b15b545eeabf9 100644 --- a/docs/reference/settings/monitoring-settings.asciidoc +++ b/docs/reference/settings/monitoring-settings.asciidoc @@ -22,9 +22,6 @@ Logstash, configure {logstash-ref}/configuring-logstash.html#monitoring-settings[`xpack.monitoring` settings] in `logstash.yml`. -For more information, see -{xpack-ref}/xpack-monitoring.html[Monitoring the Elastic Stack]. - [float] [[general-monitoring-settings]] ==== General Monitoring Settings @@ -115,9 +112,9 @@ affect the {watcher} cleaner service too. For more information, see the Configures where the agent stores monitoring data. By default, the agent uses a local exporter that indexes monitoring data on the cluster where it is installed. Use an HTTP exporter to send data to a separate monitoring cluster. For more -information, see <>, -<>, and -{xpack-ref}/how-monitoring-works.html[How Monitoring Works]. +information, see <>, +<>, and +<>. [float] [[local-exporter-settings]]