Elasticsearch On-prem

prerequisite the resolve satellite should already be installed in your environment if you need assistance with installation, refer to the instructions provided in this resolve satellite docid\ flobwpcs4h5lxfb6ijsun section create a service account token to access your elasticsearch environment a service account token is needed if you don’t already have a service account, please create one how to create a service account once you have a service account to use, you can create an api key with read only permissions option 1 create the api key via the ui \[recommended] in the elastic ui, open stack management > api keys click on create api key enter a name for your key, ex resolve api access in the control security privileges section, add this block for permissions permissions { "resolveai role" { "cluster" \[ "cluster\ monitor/main", "cluster\ monitor/stats", "cluster\ monitor/state" ], "indices" \[ { "names" \[" "], "privileges" \["read", "view index metadata", "monitor"] } ] } } option 2 create the api key via the rest api official documentation access and authentication run the following command please ensure that you replace the following properties elastic password this is the password of the elastic user elastic hostname this is the fqdn of the elastic endpoint curl k x put user \[elastic\ elastic password] \\ \ header "content type application/json" https //\[elastic hostname] 9200/ security/api key d '{"name" "resolve ai api access"} the response will include the encoded token please copy it response { "id" " ", "name" "resolve ai api access", "api key" " ", "encoded" "skpdbujavxxxxxxxxxxxx " // this is your token } note you must copy the encoded token you will not be able to retrieve it after creation store this token in a secure manner, and do not check into source code this token will be used in your resolve ai configuration configure the elasticsearch integration in resolve satellite below is an example of how to setup the elasticsearch integration in the satellite with the url property as well as using the k8s secret (potentially backed by an aws secret manager or another mechanism) for authentication create a kubernetes secret create a kubernetes secret of the following form note that the structure of the secret is important and for a elasticsearch api key, it must have the top level key token ‘token value’ elastic resolve access token yml apiversion v1 kind secret type opaque metadata name elasticsearch resolve access token stringdata token "\<your elasticsearch api key>" to apply the secret run apply secret kubectl apply f elasticsearch resolve access token yml configure your elasticsearch api key in the resolve satellite update your helm values override file with the following information (e g resolve values yaml ) resolve values yaml integrations elasticsearchintegration type elasticsearch create true secretname "elastic resolve access token" connection url "\<your elastic server>" install the satellite and apply the values from the yaml file that you have just updated e g resolve values yaml to find the latest version, visit resolve ai's docker hub repository for the helm chart and satellite image apply config to satellite and redeploy helm upgrade install oci //registry 1 docker io/resolveaihq/satellite chart version \<latestchart> values resolve values yaml set image tag=\<latestimage> once your satellite is deployed, we will automatically create an integration instance for you verify your integration status in resolve ai login to https //app0 resolve ai/ https //app0 resolve ai/ go to the integrations page and and select “elasticsearch” you should see an automatically created integration based on the provided configuration