diff --git a/.gitignore b/.gitignore index 8e68d7d..355bf91 100644 --- a/.gitignore +++ b/.gitignore @@ -7,4 +7,5 @@ ror-cluster-elastic-cloud-demo/certs-generator/output ror-cluster-elastic-cloud-demo/certs-generator/input ror-cluster-elastic-cloud-demo/certs **/.env -**/subst-xpack \ No newline at end of file +**/__pycache__/** +**/subst-xpack diff --git a/ror-fleet-example/.env_showcase b/ror-fleet-example/.env_showcase new file mode 100644 index 0000000..017537b --- /dev/null +++ b/ror-fleet-example/.env_showcase @@ -0,0 +1,6 @@ +ES_VERSION=8.19.7 +ES_DOCKERFILE=Dockerfile-use-ror-binaries-from-file +ES_ROR_FILE=readonlyrest-1.69.0-pre7_es8.19.7.zip +KBN_VERSION=8.19.7 +KBN_DOCKERFILE=Dockerfile-use-ror-binaries-from-api +ROR_KBN_VERSION=1.68.0 diff --git a/ror-fleet-example/agent1/Dockerfile b/ror-fleet-example/agent1/Dockerfile new file mode 100644 index 0000000..f8e8138 --- /dev/null +++ b/ror-fleet-example/agent1/Dockerfile @@ -0,0 +1,12 @@ +FROM docker.elastic.co/elastic-agent/elastic-agent:8.15.0 + +USER root + +RUN apt-get update && \ + apt-get install -y curl jq net-tools + +COPY entrypoint.sh /entrypoint.sh + +USER elastic + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/ror-fleet-example/agent1/entrypoint.sh b/ror-fleet-example/agent1/entrypoint.sh new file mode 100755 index 0000000..6e0ad3a --- /dev/null +++ b/ror-fleet-example/agent1/entrypoint.sh @@ -0,0 +1,24 @@ +#!/bin/bash -ex + +echo "=== Agent1 Environment Variables ===" +echo "KIBANA_HOST: $KIBANA_HOST" +echo "KIBANA_FLEET_CA: $KIBANA_FLEET_CA" +echo "FLEET_URL: $FLEET_URL" +echo "FLEET_CA: $FLEET_CA" +echo "FLEET_ENROLL: $FLEET_ENROLL" +echo "====================================" + +POLICY_ID="elastic-policy" +FLEET_ENROLLMENT_TOKEN=$(curl -k -s \ + -u kibana:kibana \ + https://kibana:5601/api/fleet/enrollment_api_keys | \ + jq -r '.items[] | select(any(.; .policy_id == "'$POLICY_ID'")) | .api_key') + +if [[ -z "$FLEET_ENROLLMENT_TOKEN" ]]; then + echo "Failed to retrieve enrollment token for policy_id: $POLICY_ID" >&2 + exit 1 +fi + +export FLEET_ENROLLMENT_TOKEN + +/usr/local/bin/docker-entrypoint \ No newline at end of file diff --git a/ror-fleet-example/ca/ca.crt b/ror-fleet-example/ca/ca.crt new file mode 100644 index 0000000..c9da610 --- /dev/null +++ b/ror-fleet-example/ca/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFqTCCA5GgAwIBAgIUSBHERCB+3f8x+A/0YYx6FPCs0KYwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAxOTAyWhcNMzQxMTI5MTAxOTAyWjBkMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxEjAQBgNVBAMMCW1hcmlvbmV0ZTCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMxJcWSbqyzMZC2ayaOSlcf1 +lzZW1CKqFFEfM3IHP0neenZVD859nEQ9S12VpC29o2rM+aQfUKo4ZNIpXi1OT6kW +/uyholI/VOP9TAZqIyawUg/1l6onRiJ5DqSyqg7YTUMLsHupzXZ8+mIvx7aTrzzH ++DQ3rXuv/zc2Bkwu78q7HbItu2AujCF0KALxsu8BAMpcNs9lVulVnPHtGF00pRxF +wqBlw8/1Rzx+STnKxwwWCQ7SHXc3CmxIMzern15bBay2vF5hGCflKsAJLuuMWJAH +L2MD0GAynVhnKymz+b2RVlRrBbLn/1+XjLCsWLPmda+6K7wrR8TRgx53FLTSp6dN +gtnLkjGR9HY8T8ebPYL8Pb5P9wLLGLwADkSScmMwaeUK/xWZLQwqtOzF6R/cpkXd +t9ji1vjKZ8bvTDNj4DuqHwn4qeDk4bngfD0dyCj3r8Y3gfwQf237J0QUfUFeA3WK +AeFF4fKjjWvX15MWV4tIk0Mg3GhL9eUubYKtnsBEqYDhmiFSrVW2TfGTjXZhJBqn +xrlGCLT1aKFY6sVrbCaEn+SJ/jQDx+rBZiYMY7iz1+vqq4ie6q7LDmCZuUe4+Rlw +3u9ChA+avv95Y4lgqz+HQiWP9ejq2c21cb5pQIfs8QjKD5jPJr8+3XuGoIpo1lLY +GMRN9PzokkD1ARkMB4v5AgMBAAGjUzBRMB0GA1UdDgQWBBRSda45xZ5lPn0cpSjJ +IKfBmFcLyDAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcLyDAPBgNVHRMB +Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCvlKTppi+HxqRF2riaJ7LvxEde +M+qLHWzvRwcWlb3MdpTq7uZjQG2YEZY6YeyN+8AwKbUPSavS6+dUe8hfM2HgwtBb +zYaZiS2JdRnCPKQMRz+xEGlcyvXzEb5M99+zqU/5NYOOeFX5odT/nwIToWw82G61 +LXTY6WTmjQ1oRAabUdhMRyQTqL0pGYkBkLzusgh0ENWDVe0/tz/mCzi/DQD6agHy +ADaM6iqqUOIFzHXsI/N9iMNbJKSrllFy4v0AfCDpzgz4mbbUq6zV/E0KIpB/Tojh +xdl+a4Sw4tuIi8vU0TtVRs0UXCBd4I6yqrPDooIYfkh6w4OwSg07yZejuSq/dzo6 +04s8boJKQNZQo8RqVOXUG47vCZMwIj7dJEVXxM9aRkfLPWhK9iG8skh8WwcsG8mu +wL2h4FqH1IVOTv+RxhvUDY74ooUBd8eCywvS4k0iDssznQ7TbtZjTIJr54oTLiK9 +qrPVT+/eL+qFzSKVyFiDiKW+6rKdHO0KYQDXkkhGH1QqBP5rxIJiHl8drYilEw/Y +a9uWuGZZK0YFJA5RSKrIzuX10iQL80B7CXiH++zGE8KGkzxw55R9zjdWLXAsmxyr +vz1CbUsC9YXXqg4P/h4P5FYnqQyR1LWJjwhfPk1F+6POJBiwgeYtxFDlag/QGr6R +C6uLuBpvA9hPSOt4Ng== +-----END CERTIFICATE----- diff --git a/ror-fleet-example/ca/ca.key b/ror-fleet-example/ca/ca.key new file mode 100644 index 0000000..893ce78 --- /dev/null +++ b/ror-fleet-example/ca/ca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDMSXFkm6sszGQt +msmjkpXH9Zc2VtQiqhRRHzNyBz9J3np2VQ/OfZxEPUtdlaQtvaNqzPmkH1CqOGTS +KV4tTk+pFv7soaJSP1Tj/UwGaiMmsFIP9ZeqJ0YieQ6ksqoO2E1DC7B7qc12fPpi +L8e2k688x/g0N617r/83NgZMLu/Kux2yLbtgLowhdCgC8bLvAQDKXDbPZVbpVZzx +7RhdNKUcRcKgZcPP9Uc8fkk5yscMFgkO0h13NwpsSDM3q59eWwWstrxeYRgn5SrA +CS7rjFiQBy9jA9BgMp1YZysps/m9kVZUawWy5/9fl4ywrFiz5nWvuiu8K0fE0YMe +dxS00qenTYLZy5IxkfR2PE/Hmz2C/D2+T/cCyxi8AA5EknJjMGnlCv8VmS0MKrTs +xekf3KZF3bfY4tb4ymfG70wzY+A7qh8J+Kng5OG54Hw9Hcgo96/GN4H8EH9t+ydE +FH1BXgN1igHhReHyo41r19eTFleLSJNDINxoS/XlLm2CrZ7ARKmA4ZohUq1Vtk3x +k412YSQap8a5Rgi09WihWOrFa2wmhJ/kif40A8fqwWYmDGO4s9fr6quInuquyw5g +mblHuPkZcN7vQoQPmr7/eWOJYKs/h0Ilj/Xo6tnNtXG+aUCH7PEIyg+Yzya/Pt17 +hqCKaNZS2BjETfT86JJA9QEZDAeL+QIDAQABAoICACg1/J/1FEiJIt7nLPGJlPn7 +GXyUssTv/XfKUHINgyOjKy/HpojaqLu15PPS1LI8NcJ7/leT4mjfGNlVUzhPxdZe +tGcXmb/ev3LxFNneYnTnGAAUM3pGqMN4WK2KjXbGlM6xqldtIQhFqXNSPFlv0HqC +UhTVMMy749yWQb8VLhYVps6/ubZA80xSdN2/fZ0V8XXjmNZR+D2NoIruRHF0P1vF +T34LCfQRL6h0oy1BANUcMUQ9j5c7uk1+GLbIjWIhQIiyn3lkW0DfFv8dz6KFyZjw +ER/ITGfjDp2sEQ7wYiQyS2/qcQC6McY7KnJMOlmO73NbjehIDKRtKQYCIo1FOcKW +rtnemTyg8DghfghtQc4gxuNFOqEWPuDTu3u0LU/vrDSm6GEuFTWCZVl6cU7K6F6b +eHFNcFVD5RcxbRzv30XsoyRna37l/Kx+r7QTprK+E9buq/Fd2ns3e3jSZOwZdzTV +z7jcdac96IwBsYoq4sJ/2fpwQ5VdxUeMiCOX5cxCEYUzTV0MePTd5wVTXGogttaX +tYE8Pi6YCUqZzVkQwNTxT4KLMc+hK8ExOQdPEiwPjfhc38wPJs2Wz9cKZr96/fNt +v1w8Gf99kB7hNKuMtRyYPX6KRHN6ErQrtmcwXOyOUfrtTYMbMG2ynOhlu/JZcAWu +j8/m4+/g1oDzwHfDdU9RAoIBAQDpjEUybvWkohAp4Ies58O0C7uM5hCCfbqNXu7v +aevJWNsZpzE98n1ot2mDZKuUSG+U0+nzRmQ7AcKPUWY1z6ijd71f8HP7l2PDa8Ak +rGu8vuMQQIlQCjY5raPDGp7nfpfBV5IDow+1YnG6QahR3AmU5pNo/SR6qHbCwNaS +JmV+NWeCVg0m8VFsbo2D/2mCpIpZ2jdINcsj5JiVlR/mah61WkQGXUKPSrUWWXKE +7UfKH9GLH8zaaCxeSZXIzBVhDkTlM6WQElqnZeErW3ySjV70icVGsWhkinkim3Fu +KImn6FAkvVBhP6O/b+QfowSAnzUROtmKwVh/Pa0HF4vGYj3nAoIBAQDf7Qs+Bv19 +xr+UGSn09WRrlB+TFUQvrlA4afe8u2LnLszCK9WfSgt4qnvhsrVKXh/ffictxB+h +Da93yZ5ThyHVBRsDQQoiIoSQPZm4rR2U/GCaYPYW/CRtcBg5THArCuSrcUMH2gAm +nHPCqj22BFR7n3bCJsD5BO5sohy/H68onHBG2G7JQ33XfQ33Ouj3kCr3FJNrniYa +Y4P6gStP8c2pPXQqowfH7fYlF3yEVmOK+our06IRxNs4CDp1hlzG8PlN74PkpbVv +gYORMhs5lXoRIX/OAr2tKajoCjynL95LaduB/RmpIR3RnSjaZtvEw8t870CZDeHB +tlaadLbeWesfAoIBAQCCfQ4YjKiQ8L/JNht4PxI4YanLoquszSTTYixr9il4mT3p +ymGX9Amf3YKFmFTJh+NYK0L22uibk3MqcleCT2Ew3HEhzo5vDvn9sRFtLC0SCzGA +3h4aa2o6tcre8tvAChouO4hooc3gEX3rjE3IVwG/gUjxiya7pa6dR/NbOzrP1nTb +/MpibMiKpgZJrwY7qUVnyKXEodG7XzjlsqldKwO3XhTN3YOX3izprNZwcMcApuCE +NCNYEIZhtAmNZIG5daiGy2GA6tBd4W16tSYYGAbq6KMhyXPDYR8nd+RboSiwePt2 +W5QykcUi7BhwmLumRc33r4LmpPqWNVactMoy8KcXAoIBAFFNbL6JpTIsnlR0SoKR +MnPI5SnvF8HEJYZGG1fgJYnQuTFq3vYl2UJni/EnhKFKyYHI+Qqp4d4E7QeuIZks +QEFqyCMHU1mPdNg2NYETAeGdPKnwuIkh5UwC3hi3wyYtn1cMGY1ZPqLGPVWZoCxd +KBt2i5T0oy4G91ZkCdHu/BbfrfhbDuZuZdt+oTp5nip8oszxIJF7a1Q7e6jRi1tM +bSKcmHf+l42kvbE79M7L2vqT+3BYt8iB1CJlAmy3ayokRjBg3V+ANv8UZCOssKvY +tOhRZGj1H88miBgv11PQkoKJHdT1g4Kf7oaz7ChYHkUz3ccvyyGHI8fEn28XH2pd +9XsCggEAAfcPmOvEd6UVgxM89q8c7WOkAOSgcZS+jtvzPrRGq1PGG/b6xoFJ11j4 +UwZCA0j+8wbf7UGXUl8YhRUewnh3wccrhkDYAEixHOqAkqO2sL65g8bvUDrC9M57 +QXqXyAXzebnTLB4UKkBz65Bwg9+X3CYX1C+pan6NiJIBEPuA9aT6CMwr8ibpcSuY +OOXwvUA1j/QZbHs6P68eNxObpkLhMH6aHkpyR7K4KDg9ckemkH8o6yoWSboGNJTD +N+6zz/TYFJRh//S1BVNOS7PrqElmX8hknCh2VJ0WELK2qx0zrNv26ZV4aW3LPjC6 +Cqbq08317ZRzKwafJ9i2aIMGDdJ3lA== +-----END PRIVATE KEY----- diff --git a/ror-fleet-example/ca/ca.srl b/ror-fleet-example/ca/ca.srl new file mode 100644 index 0000000..1ae1bdf --- /dev/null +++ b/ror-fleet-example/ca/ca.srl @@ -0,0 +1 @@ +1172B84EC84A3D4FB10B00D71B21EC1BAEBC35AD diff --git a/ror-fleet-example/certs/agent1.crt b/ror-fleet-example/certs/agent1.crt new file mode 100644 index 0000000..7cad12a --- /dev/null +++ b/ror-fleet-example/certs/agent1.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE4TCCAsmgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NakwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAzMjEwNTQxWhcNMzQxMjAxMjEwNTQxWjBhMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxDzANBgNVBAMMBmFnZW50MTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrc7eaofRRY8hDZ/xHjDxage3js +RQhDBRVx1hYORRrCOOpNX71ukNOXbBGn9uv4EKzXkVpw2C4tbK45EMabhNziiiCc +ZvyW+HbxpeF5+y9l0P77EMHWrsyaavG7i72srwICA4WvgBpWzewrmNfWSOb1L2Be +iXmVOGIUpHQ4A2GksgvRioHxJvbGoYgrE5n0qgrZQLQwxggaea+T32NKQWzsuBLq +hxJnm32zHnGaS9DYs1IADN8mgxknAVeuJCIYTz5JE2losSCb4yT1galxlpw4nR39 +9rfOESG2Tes9ZFwu6gv91a7CX8kRmeqChPfkSF/bey2yjiXKPgeNffSLImUCAwEA +AaOBjTCBijAcBgNVHREEFTATggZhZ2VudDGCCWxvY2FsaG9zdDAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBRC9T95 +4NRmN9zhMZ6UxyDp5bCs6zAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcL +yDANBgkqhkiG9w0BAQsFAAOCAgEAXYOKSziZApfPEuDeghfjWACF/Se5YiQu9cln +uEyhqOx9jkOmL8GH8bjDD+hE7B92EO4Ci5vmy1Nupm9JXjnjnLZSUz25IJGQzqUI +2rjcZcGDnsqG+QYvDF/1HRgD7Nz2jERsBp+Ep1+e5kYFa0BAgwM6BTftokGXYq2M +yUw/m0eibqMA2PnX/bJq3oNVCoyXzZfUomwpmCIAcuvu+dcZk04GYFpqa7riXoh9 +qaCsjTMHc8pWONRROwmhFnBpHUDBMG8UWwBPVAzwsyagHS7E9xTF6Ou/R9AibCEZ +FYP8b04NpU3DGii2GKEtrk+sWtIkPHdMI4SgKwaTJBOmpplkhP4BzRH0CKRpKHVW +G90XZWeDJJkgeUrLQAPNSHVyVOZarYFz1dusWcH9gnixR4MC1eotLeh8Nw6Qd3OY +k3JdtcroQOu7Z0/fGtjwx3rR/d0BnvgfVrQKi6KF09ROKTbWuEIlYV4JOe6svhIY +TuZ2MQ5Q9GJUQX49i+9v3pg0/KGIfPdmR7Qbo/px5dOY0Jj7iIk9iG+eUSbobm7+ +im5RYxrbx4rgXKXknyaUuQfvki/l9l5rhYVUtSTQPfrx84K54cYPOXCTaP/7K7Vm +k+4dAym1l2bVlX5wwwpPw1JnKe75n2Z/O2ut2GmlhrdoPoZZe4HQyackkF4uQFhz +sYIMW+o= +-----END CERTIFICATE----- diff --git a/ror-fleet-example/certs/agent1.csr b/ror-fleet-example/certs/agent1.csr new file mode 100644 index 0000000..b7cd88c --- /dev/null +++ b/ror-fleet-example/certs/agent1.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpjCCAY4CAQAwYTELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0G +A1UEBwwGTGlzYm9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMQ8w +DQYDVQQDDAZhZ2VudDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq +3O3mqH0UWPIQ2f8R4w8WoHt47EUIQwUVcdYWDkUawjjqTV+9bpDTl2wRp/br+BCs +15FacNguLWyuORDGm4Tc4oognGb8lvh28aXhefsvZdD++xDB1q7Mmmrxu4u9rK8C +AgOFr4AaVs3sK5jX1kjm9S9gXol5lThiFKR0OANhpLIL0YqB8Sb2xqGIKxOZ9KoK +2UC0MMYIGnmvk99jSkFs7LgS6ocSZ5t9sx5xmkvQ2LNSAAzfJoMZJwFXriQiGE8+ +SRNpaLEgm+Mk9YGpcZacOJ0d/fa3zhEhtk3rPWRcLuoL/dWuwl/JEZnqgoT35Ehf +23stso4lyj4HjX30iyJlAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAmfyY1gYK +4GxGy+/IWIuutkG8jiT498tB5g1/AwaUgnNfxRzMLCebWvCKoGwcMKGMNerdeOYx +5Cu2j1Sk4CLuKO6ZYDXeKxTuFzUujpd/1Jg+chWxqcbgs3VdxE6kfvhWLjbZXzUi +a9oGvRBYBmTUpmeRkyfnvrHW6X0C2egTgCcq+ZptLlqwOuRQgetH2NHRHeAXu0KZ +/fOutLLAkOhSH3g2nukLCtRDz/3nCC9BZP4exD5+dOqxrmMY1TF+0USH4OqvMHh1 +j+vabYKLeIknnVG2IMP94TFH51ZwOpNMKjENlv2CbSEt330/NozVWr+YQSiUFkrf +emNtuOK5gPPjXw== +-----END CERTIFICATE REQUEST----- diff --git a/ror-fleet-example/certs/agent1.key b/ror-fleet-example/certs/agent1.key new file mode 100644 index 0000000..2e06a21 --- /dev/null +++ b/ror-fleet-example/certs/agent1.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCq3O3mqH0UWPIQ +2f8R4w8WoHt47EUIQwUVcdYWDkUawjjqTV+9bpDTl2wRp/br+BCs15FacNguLWyu +ORDGm4Tc4oognGb8lvh28aXhefsvZdD++xDB1q7Mmmrxu4u9rK8CAgOFr4AaVs3s +K5jX1kjm9S9gXol5lThiFKR0OANhpLIL0YqB8Sb2xqGIKxOZ9KoK2UC0MMYIGnmv +k99jSkFs7LgS6ocSZ5t9sx5xmkvQ2LNSAAzfJoMZJwFXriQiGE8+SRNpaLEgm+Mk +9YGpcZacOJ0d/fa3zhEhtk3rPWRcLuoL/dWuwl/JEZnqgoT35Ehf23stso4lyj4H +jX30iyJlAgMBAAECggEAFv4skI/nZxvSFWT0n4BV+TZG716iKoq0Ti63v9eTQpbU +6GjZo6kTmbnEi/q1ror/GXdX4tsRKGOp/qcExClM/5mHu3w4mrCpRn5d04IiBH6X +2ZxJJMCiXLvB/P4/P5rToTpKpYyYuVKpmujCBHecb2IaykXmi6NCR2aeO9qGz/aM +x1R8rFCvX6QMWHDRTxsy4DK56ASbnVz1ceECM+nllxEGvGJiZ0/Bvu2TnoTPhWxk +Nj2qsFxdy/B6dg1u+lgML9JAEOZ4qOH3MFmhJtNzS6rwj4PvQ6+QwdvBW1RjLZnu +k+7nDgETD2foBAL42p3rWc9HMkmy4N4pVXKW+Pb5uQKBgQDVTG2grTjfolywhQD3 +MTXOHiO9qvGbSG2xfNYcxaknPW3MVhnIZYhIhlvTjBeVB4/6zj+JSROOjiXjmucD ++O3MOpP/5rJYsCdOiS6ZxCnDtWyMF7vv5LLiiTOyU0pDMhzyeCP7zSuy3d77+Eg4 +Zj0OGe8JCoIdBQo1U8ytX85N3QKBgQDNEazfq3nbYcETK7JQmkfVK+fvy3RIhkGv +B2W9TlSuJYWAVNuFKLaRZDpbrcmKK+3TIt6JozyCu225oNPWuHz4ctzEaBJAc83u +myh9GuYDL2q5RMTCDEX6MjtTIaQ0K5zZznym1PrL4IYb/ixA9JXRwrOS3wdVkly9 +aL3GxoGyKQKBgHN1OoZWHcoYJho69KnZzmkzMV+Sr9PBYfdIPtI2QHkILG4GUVCD +fUDc0cnyNDWscUhu6j+S+e4ZjfLlP5WL4pTBRKmpo/KT78L4SOxdHcpdY1N16XpS +jm5HnF8z7Kfw8XBijf/YMIZSyUgVPmqhFP2UFisLsCCrQLpbERjsGk1VAoGAYSUM +ZfDPizOlyTUcBb7wZHWmLByPe4POPeIdOi6PQugXdBG+5DfDNODsHF4ZaVEiGrEc +BsvDcJLlidg8Qi2nVfLjzk8Wxl2VooDyD0Hc0Il330hKhTpXNAzzuY/oP6ahaTS+ +LDIclNRJ85zWzfaPuoynkN4ClXD+aePicvW6nvECgYAPbHwPew7VSz9I+z6Ud8l0 +jWAu7mohSG0rX5JaNWQPDEu/TVrrnJJ0NGCMrC9edJ0zmplJZ/O6h2iKraj/+tQ0 +qB2S67Wq5H3zrJYf+D5kRzE416v08FuTYE564u9epFe4f/fbj0MNZnS+ikayQGf3 +PZM4xKSVh2zQ4iHoJ5MT3g== +-----END PRIVATE KEY----- diff --git a/ror-fleet-example/certs/ca.crt b/ror-fleet-example/certs/ca.crt new file mode 100644 index 0000000..c9da610 --- /dev/null +++ b/ror-fleet-example/certs/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFqTCCA5GgAwIBAgIUSBHERCB+3f8x+A/0YYx6FPCs0KYwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAxOTAyWhcNMzQxMTI5MTAxOTAyWjBkMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxEjAQBgNVBAMMCW1hcmlvbmV0ZTCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMxJcWSbqyzMZC2ayaOSlcf1 +lzZW1CKqFFEfM3IHP0neenZVD859nEQ9S12VpC29o2rM+aQfUKo4ZNIpXi1OT6kW +/uyholI/VOP9TAZqIyawUg/1l6onRiJ5DqSyqg7YTUMLsHupzXZ8+mIvx7aTrzzH ++DQ3rXuv/zc2Bkwu78q7HbItu2AujCF0KALxsu8BAMpcNs9lVulVnPHtGF00pRxF +wqBlw8/1Rzx+STnKxwwWCQ7SHXc3CmxIMzern15bBay2vF5hGCflKsAJLuuMWJAH +L2MD0GAynVhnKymz+b2RVlRrBbLn/1+XjLCsWLPmda+6K7wrR8TRgx53FLTSp6dN +gtnLkjGR9HY8T8ebPYL8Pb5P9wLLGLwADkSScmMwaeUK/xWZLQwqtOzF6R/cpkXd +t9ji1vjKZ8bvTDNj4DuqHwn4qeDk4bngfD0dyCj3r8Y3gfwQf237J0QUfUFeA3WK +AeFF4fKjjWvX15MWV4tIk0Mg3GhL9eUubYKtnsBEqYDhmiFSrVW2TfGTjXZhJBqn +xrlGCLT1aKFY6sVrbCaEn+SJ/jQDx+rBZiYMY7iz1+vqq4ie6q7LDmCZuUe4+Rlw +3u9ChA+avv95Y4lgqz+HQiWP9ejq2c21cb5pQIfs8QjKD5jPJr8+3XuGoIpo1lLY +GMRN9PzokkD1ARkMB4v5AgMBAAGjUzBRMB0GA1UdDgQWBBRSda45xZ5lPn0cpSjJ +IKfBmFcLyDAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcLyDAPBgNVHRMB +Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCvlKTppi+HxqRF2riaJ7LvxEde +M+qLHWzvRwcWlb3MdpTq7uZjQG2YEZY6YeyN+8AwKbUPSavS6+dUe8hfM2HgwtBb +zYaZiS2JdRnCPKQMRz+xEGlcyvXzEb5M99+zqU/5NYOOeFX5odT/nwIToWw82G61 +LXTY6WTmjQ1oRAabUdhMRyQTqL0pGYkBkLzusgh0ENWDVe0/tz/mCzi/DQD6agHy +ADaM6iqqUOIFzHXsI/N9iMNbJKSrllFy4v0AfCDpzgz4mbbUq6zV/E0KIpB/Tojh +xdl+a4Sw4tuIi8vU0TtVRs0UXCBd4I6yqrPDooIYfkh6w4OwSg07yZejuSq/dzo6 +04s8boJKQNZQo8RqVOXUG47vCZMwIj7dJEVXxM9aRkfLPWhK9iG8skh8WwcsG8mu +wL2h4FqH1IVOTv+RxhvUDY74ooUBd8eCywvS4k0iDssznQ7TbtZjTIJr54oTLiK9 +qrPVT+/eL+qFzSKVyFiDiKW+6rKdHO0KYQDXkkhGH1QqBP5rxIJiHl8drYilEw/Y +a9uWuGZZK0YFJA5RSKrIzuX10iQL80B7CXiH++zGE8KGkzxw55R9zjdWLXAsmxyr +vz1CbUsC9YXXqg4P/h4P5FYnqQyR1LWJjwhfPk1F+6POJBiwgeYtxFDlag/QGr6R +C6uLuBpvA9hPSOt4Ng== +-----END CERTIFICATE----- diff --git a/ror-fleet-example/certs/elasticsearch.crt b/ror-fleet-example/certs/elasticsearch.crt new file mode 100644 index 0000000..f54407a --- /dev/null +++ b/ror-fleet-example/certs/elasticsearch.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE6zCCAtOgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NaowDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjE4MTAyMDU4WhcNMzQxMjE2MTAyMDU4WjBkMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEWMBQGA1UEAwwNZWxhc3RpY3NlYXJjaDCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoRfc1RJ7tCtbx4aBC8rO6N +bD3YGtUX0vn9TIqiz8vgPshJXzOtU16++wJ7z/hd6G5zStL4Js/2v8L3kvZO2k/r +u9NxBNpTFoOry6G5GfuxurJdAHv0/go01y+EO1DWgQ04xie1ia8o21UUVdShhq2Y +ip8vYZu1DggLkMA6yfdzv3qNBEQs8eqrGlk5+1QYl919YQ6MfQ8INkw+IICl/yrv +NVxVhYzqzCU47s7O1Yn7CHwZbTii9QI+qV04YDnLG5RUQKnP+1WL7KaEUSjdw2Gk +NVYFrfbVj1pY9TJJKe4xRssWgQGtu1kV/mZ2T4hhqv9N1IKbeS0BbwrJvvBTx9sC +AwEAAaOBlDCBkTAjBgNVHREEHDAagg1lbGFzdGljc2VhcmNogglsb2NhbGhvc3Qw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAsGA1UdDwQEAwIDqDAdBgNV +HQ4EFgQU7hNF4y6M9w8zOZfEksKFKJYGZ8QwHwYDVR0jBBgwFoAUUnWuOcWeZT59 +HKUoySCnwZhXC8gwDQYJKoZIhvcNAQELBQADggIBABc0+0vlE+y89Tf0LFBde9dy +e9Xbi7DFVOqggOBnaXbWNweoD8awYVmecCV+TRg7Gcgz7hXvpFh/EZvdb3TxvK9P +b6WN33cX/+IzDmByqFWN61FF2uz6FNlN/Je6fcHVWCV9tfvT1lo8sP8yw8lAiNBw +vH1ieW1hhhRXRMgkMTtjIvNZk54768RJIzBFTKJvG/Bnyv9G8fY/y9Q5dEI/zL3V +wbqYyPLCtZQSIKUe1ouNWhbe32RkJH6PW9XSv235mwKOGVzRWHaINMTO1+WOBsdL +fpKRuyg/pvjUesA/GnEIOApOlVC/MhefyP2cdQsm8RMm19MXhxhw0ltur2X8jG+z +w5jxQqxI5tn1cE5nKucAtMOk4MpChGzFVttBLIDbsz4JApDVZn+/Yh89fXq1vPs2 +U6nweb8mVGHnFdFOng5bvpGroG0kL3dFkTIJ7TURd/voMTe7xY5i/6WPQV1Wmoe9 +G8TGeOxTl+J5J7MLOcof8qmTdmFZj9us37RYkJ0U0w0HQCieVAfp4mv2CMhrwAlm +WRJwGmt9hSUNKt38NcJTuK5m81NeSbznfBzXI1NC+hEAfkVHoVgrtciJvKTNvRlW +OyyCWlNndcGZS8vZsz579fLIxPrbTuZmg0p7w3HF1JKEZVANvA5jYdZjm3cPkeED +ZMQNQLO+lZw1JjUbApoZ +-----END CERTIFICATE----- diff --git a/ror-fleet-example/certs/elasticsearch.csr b/ror-fleet-example/certs/elasticsearch.csr new file mode 100644 index 0000000..c00cff1 --- /dev/null +++ b/ror-fleet-example/certs/elasticsearch.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqTCCAZECAQAwZDELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0G +A1UEBwwGTG9uZG9uMQ4wDAYDVQQKDAVCZXNodTELMAkGA1UECwwCSVQxFjAUBgNV +BAMMDWVsYXN0aWNzZWFyY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDaEX3NUSe7QrW8eGgQvKzujWw92BrVF9L5/UyKos/L4D7ISV8zrVNevvsCe8/4 +Xehuc0rS+CbP9r/C95L2TtpP67vTcQTaUxaDq8uhuRn7sbqyXQB79P4KNNcvhDtQ +1oENOMYntYmvKNtVFFXUoYatmIqfL2GbtQ4IC5DAOsn3c796jQRELPHqqxpZOftU +GJfdfWEOjH0PCDZMPiCApf8q7zVcVYWM6swlOO7OztWJ+wh8GW04ovUCPqldOGA5 +yxuUVECpz/tVi+ymhFEo3cNhpDVWBa321Y9aWPUySSnuMUbLFoEBrbtZFf5mdk+I +Yar/TdSCm3ktAW8Kyb7wU8fbAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAcOiM +XEBC9QNyFMO5DvU12moVjsge+I5DWHVbDHgha0puRLoJkzNVNT4ReaMXlX2nuaSy +dvk339m/irru7XpgYSVOBnbIyJq1TpE0P0c0pI0DCkFlP9n8utEPRS+2ZlW0rcWu +PySRxWxfdhUz+oMXjKDQ9Y7PR7AqSq5SAtOwRzQGWv0lRlfHS5aAnD7qrwcYhcBJ +gE/v7laHZUDgbgQsw1JZC7TPo0L84vTxOxUapl8Uy73z84MlQpaI2JO7bVSBWher +kP6A3HK1+L0YLVP9TXBtBStyI17+Ih/XlozZaw4k/HbedXopwnx3Hc93Z08TGxkq +3MmGB5A1Q4Cu1FZTsg== +-----END CERTIFICATE REQUEST----- diff --git a/ror-fleet-example/certs/elasticsearch.key b/ror-fleet-example/certs/elasticsearch.key new file mode 100644 index 0000000..094527c --- /dev/null +++ b/ror-fleet-example/certs/elasticsearch.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaEX3NUSe7QrW8 +eGgQvKzujWw92BrVF9L5/UyKos/L4D7ISV8zrVNevvsCe8/4Xehuc0rS+CbP9r/C +95L2TtpP67vTcQTaUxaDq8uhuRn7sbqyXQB79P4KNNcvhDtQ1oENOMYntYmvKNtV +FFXUoYatmIqfL2GbtQ4IC5DAOsn3c796jQRELPHqqxpZOftUGJfdfWEOjH0PCDZM +PiCApf8q7zVcVYWM6swlOO7OztWJ+wh8GW04ovUCPqldOGA5yxuUVECpz/tVi+ym +hFEo3cNhpDVWBa321Y9aWPUySSnuMUbLFoEBrbtZFf5mdk+IYar/TdSCm3ktAW8K +yb7wU8fbAgMBAAECggEAY0+8+cEAdbVbW+KADkNHBHtOtNmS2sI3WJdlgOvF88UE +AqX7n+bLRaZ3XTmyzJtD6+1AwdS2pFZtHacvfFIL9YLXruNVQPK/GacnHVdVwH1A +F9PoEQvRmCdZaq/vbZDLBBD7mYEBG87hGJ2iuyv20F9cnkNvUgDCS6KswQblDPaH +2krrI/WLQgjjXOXGtUUv3lUiFLq4h63KSggBWCid60Iz8SCpr0t52kj1GeTot8Cy +2CnCVG/6E9ysgwLDaGRXHuECbu9P0emzza4uGXDiEgUKE0dBqD877sCF+efQpPIO +lQfr5oi0y0ZRV2MFVAhuRsaJRaxWE4ctueHk1Zf+BQKBgQD4ySMT6ikt1LOxsqaS +EZ6doTaD4HC9mgQ98Ec3zOwmx3Chg0AIwwsIGBBkeOKLX1xecmudys9syvQapTVg +e6hNd94Xjr+MfkJi75bf/zRaAH2Ek3F2++IK1Wi5g/WJKfmiClT8mcR+RCbLTZXK +hyfLDyP1j+EXfb8WwQmP4T/V/QKBgQDgZFLgE9AYTPH2kAigZd8LxGJpFH1sTCnr +mz+9PoF2Vb5+RgA4ywNzOMMlT2QwkP5w3y+/I6F2YqSENuNMXJf7kqZ2/MNX0ED1 +eJ9qvd0Ilh5qu6Dp9PGe3CxkTIs6ua/lXUkvBjuYIQ6sNt9sknZAXrvulSdopWxW +Nj2lLzoQtwKBgQCnaYpeS1N8kMZ/DG4EmzC2eBacNbsIC41RNNBn31EGY20Kcqzz +eHSC9NaLFcG08e3RbIO4ghKE7inHiGbbzzqZLtFX3upNG2WG+Bz6DNzot62/Ogy/ +eY5JpgQ72m2u6H0gqn04Ii1Unn3Qjxv+VmbTwRN8ml5pFWgyYqIRnQz87QKBgBpQ +6b9J04/mBkKKZdiZ2ezBXWFBe+wlio0NKg6BtCEysSKSBxiiBoeO0qQfiXqApraK +FkluXlNKAk1XOpUMDu78JfWycx5rWBLx0JBuL+v/3xVZZ+fISEX/QF2K9JEwkcZu +iFSxgG+5AMWFsfJDwwaNlbDHYVXOgMQjnFsxDLhFAoGBANrPzTOz7mWHVRus8y55 +cd19IqKuxt9L+mfhdF91Wqi44YK4Pt1vSb2FGhJvN+qgYj4jPHvUzUJibKKoJNRx +R6lbK3O+cWjFcDaD9OTTiTuOLlcBby/9Ew7b/RaeYgDpDgviEvVYpKoPBxNnu8+G +XZZHb7SsYO88UYl8YqiGc3pO +-----END PRIVATE KEY----- diff --git a/ror-fleet-example/certs/fleet-server.crt b/ror-fleet-example/certs/fleet-server.crt new file mode 100644 index 0000000..c4d80de --- /dev/null +++ b/ror-fleet-example/certs/fleet-server.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE7TCCAtWgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NagwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAyMzE4WhcNMzQxMTI5MTAyMzE4WjBnMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxFTATBgNVBAMMDGZsZWV0LXNlcnZl +cjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJNv3e+7HtPg6ShWuFz4 +f8K70VjWTKLgwuXW3VO4VbIg2+x5pMT29dwfeyMwwP7ZCQrGxoyR65JHH+mnGygP +/axxxpkduxSMqTdQrRdUQ30gXTWbmhf33mOLQ5sMBYUVmaXy6V7eNsFHDlD5WuN/ +6ro/MC2eyg7g9eAuFMKPmnaEWMBYGPY/iXGWC5O+r3JyyzGaVAfWzSJdMyJ/WmqO +2heBt5p8z2eUqM7uNorl7nKq4L2p4fczOYvjbiw94vwWd3n7OpKL85Y4Bs3PaHoG +bJWf3kjXnrREh7iOHzk4wMzb1URxuasWIau3vT6V7IwrFgLUdiaAkBOsAbgV5ib3 +DA0CAwEAAaOBkzCBkDAiBgNVHREEGzAZggxmbGVldC1zZXJ2ZXKCCWxvY2FsaG9z +dDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0G +A1UdDgQWBBTxU9yWEFMble7G8EPxm38YfdPd7jAfBgNVHSMEGDAWgBRSda45xZ5l +Pn0cpSjJIKfBmFcLyDANBgkqhkiG9w0BAQsFAAOCAgEAfIHR6rIuVpTeQRwB3ry/ +TUjZ8hSQ/3NnDOTrOOCW0kkkJm1VVFgk6SSXXdFG1f3OFNESikKQscl9Oh4G3eUJ +Cek8l8haDoPmDnuYrwBj3nOB9OJfLKfaKQY44YKd6VRYC8QFewMlH9wwh7xzfiQc +Bh5Gm3QNIc1kOwVy12EIPFH7AE4z4yQA3PyHZvSIFXn7y7e/TCcRK7Q1d6hQMtXP +KQEA0fHADnGK4SWfJwOD+kx6S3HQHV995i14PyITs0N29ZYwC/y3DRP98Wbw7gzA +RUBld6WzNAXTjNqRiQq6hHdvzn3Cdqgi1NnPs0jSqIGFs9Wjyj/EzAHMj0MzxXTK +kN7Dakx6uZ0zxHaK2d7A7P1LpCSioQ9S1erVRt6UBi0ybCm9OAsRcuanVDj25lc2 +z5qGla24aIHn3Op3JDaSOD/hZoanLK2P+EFS564dWDnK8lyjQnPlEMXRKnWHepgD +IhnmoOvBiKA8xkaIAqSAUtFpgFNa8ndLPTPDfyzd93XHwEesXhLO1Yc/enOJW+GX +L31rTxQ42U4y/LkDD6DAOHBK341rrY57NlZwqAWKPzyKZ3XCoeWOmoVoXGJLWC4b +pEnGGJ2Q/F82dYnnED0Nt9rzefQrMo2fq75gNcodKI3m8m8fBaGEZ/9bTZDqvL3H +95xkHgpW2k9aqdCI9MMsOUY= +-----END CERTIFICATE----- diff --git a/ror-fleet-example/certs/fleet-server.csr b/ror-fleet-example/certs/fleet-server.csr new file mode 100644 index 0000000..7fafc19 --- /dev/null +++ b/ror-fleet-example/certs/fleet-server.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0G +A1UEBwwGTGlzYm9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRUw +EwYDVQQDDAxmbGVldC1zZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCTb93vux7T4OkoVrhc+H/Cu9FY1kyi4MLl1t1TuFWyINvseaTE9vXcH3sj +MMD+2QkKxsaMkeuSRx/ppxsoD/2sccaZHbsUjKk3UK0XVEN9IF01m5oX995ji0Ob +DAWFFZml8ule3jbBRw5Q+Vrjf+q6PzAtnsoO4PXgLhTCj5p2hFjAWBj2P4lxlguT +vq9ycssxmlQH1s0iXTMif1pqjtoXgbeafM9nlKjO7jaK5e5yquC9qeH3MzmL424s +PeL8Fnd5+zqSi/OWOAbNz2h6BmyVn95I1560RIe4jh85OMDM29VEcbmrFiGrt70+ +leyMKxYC1HYmgJATrAG4FeYm9wwNAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA +JPDMBYTL4IFPz4k9rRF58LtK+af9SUrjdMKPv5wHWpsZbvmBlD5ghZ5yg9lPMszr +XNjLo70C9dLoZ7/nkpOoWoKYSRW1T+Zv3IuG9MhtUvs45IZ/8VXllm8awFBpasFA +QQQrW/VxtZ4ZysI7Nw6l8kafZCJLlqzT1hNWFaMPfsN8SbjV8Nws7SkKT0BCF7Ds +mAYkWcOIJava805xEnZ2cqS96EFq9wFharNFdDl3AZoXi3yufrTnUfl8hW5QNTkk +GgHHCco6wxBVGoeJO9Ngu/ZfMOnbsVRp8S3C0nwbGWjfUetudBNy+UMGyHcjIazP +JlxfO+2WQqE4pCB+vNusvg== +-----END CERTIFICATE REQUEST----- diff --git a/ror-fleet-example/certs/fleet-server.key b/ror-fleet-example/certs/fleet-server.key new file mode 100644 index 0000000..ae2b71a --- /dev/null +++ b/ror-fleet-example/certs/fleet-server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEuAIBADANBgkqhkiG9w0BAQEFAASCBKIwggSeAgEAAoIBAQCTb93vux7T4Oko +Vrhc+H/Cu9FY1kyi4MLl1t1TuFWyINvseaTE9vXcH3sjMMD+2QkKxsaMkeuSRx/p +pxsoD/2sccaZHbsUjKk3UK0XVEN9IF01m5oX995ji0ObDAWFFZml8ule3jbBRw5Q ++Vrjf+q6PzAtnsoO4PXgLhTCj5p2hFjAWBj2P4lxlguTvq9ycssxmlQH1s0iXTMi +f1pqjtoXgbeafM9nlKjO7jaK5e5yquC9qeH3MzmL424sPeL8Fnd5+zqSi/OWOAbN +z2h6BmyVn95I1560RIe4jh85OMDM29VEcbmrFiGrt70+leyMKxYC1HYmgJATrAG4 +FeYm9wwNAgMBAAECgf8DArJw1QQcOzTf40Jdcz/m7mHTBBCZMZ+Cr0dB89zicpCR +Iqxv4uNuf+HSj5bKQ/ddCE7UETCuB1Dwmrnpfd0yTM3M/ok+LBZC9mlceHII4mLD +l5BBQYE3EwpFE246cHUBXRBqoSTtrN2wOIEOmmhWjuMX5fiNF+wYJLUPJtt3f9VR +5t+XtrRJOBCfYB9DZexiIofui5Bc219mC8vbsb1FTB9QExBBY1kSyjhAzDGNu7mx +KaOLUrNUuwf2MUFdQVqtDNtVg7uwX10PwhfK526lHqjnH6OnbschC/3NlZ+ymDqz +p0i7KV5T7WGnjfUcpMKUlnQlfmCfG9h5wPikNhECgYEAwudGsSh3omix5A12g6Wa +gBCFp9vAK1669e6U9lXiN0agYfJ1sKV8FN9Ym9lnqGHY7YcKsHL4cVDkxpBGoPMx +yxJ4eGv1FdD0FmqjLq+xuOoJfA+kYcCpmyONg3RncMkWUdY8Rr/2YiYyiK3NImOS +HIalkHbVouMOjlUyV+xaXAcCgYEAwad52bIXVuhukQ4qzl+ED5+RgvanlCPCCf9T +kS8eLuHly4oEn+2XeQj+bdQ+HtXxRZQrpDGru1ZVPdO8j/ztxH3KiRgcnv/ALSJm +3v3fWGHSAoycgNMdAISDgkm1Gi0r0iHnABKbQUwE79ecYCVVOUIMaY3sSS595xeX +XtsXuksCgYBBpx5M9tC1yIaDx3Uwi0wr72TWUlO9SD+6MA/FmtCEximoVMAILPZL +IaD7fpRISA2GlYKoRVIi+ZjWuirQdJtFSIeEKPl5y9Us5+boBw7atxtSywIYW4nG +VIeKzF87wsDd+Eh9nJQmI6/KEqGS/+9r5H9I1n7IS6vPjitTKq6VaQKBgCUByDtd +2S/2gwqdVnjRr/78U2ZflG6u1qnqbSHVi0MSUEOxQGj/km7C1TxPzv89iznsstpR +06udN/T0vZgWkal3EHlabj3ESglWBaqfgUr2hpeOH2pO7b/nkuoXA9DYyQMDD43o +AFteF6Nt5KhK+hpTEOQrBviFNfIvg/HQlJw5An827nC8osm5QMTVzvLDHDF91181 +58om1+L5k5DHkGmRr2ewAiYKdKlS7GmZVrKbsFbn3oOYGFQKA3yMQbzupOqSSl3N +rk+uMFvoNxtiWGLWUlrNwPXVXYhJw1/w8f7FDJi88I1YoxCNgMzyifabEozJkYtc +T7sw9f/q9SXbJ9jW +-----END PRIVATE KEY----- diff --git a/ror-fleet-example/certs/kibana.crt b/ror-fleet-example/certs/kibana.crt new file mode 100644 index 0000000..51478c1 --- /dev/null +++ b/ror-fleet-example/certs/kibana.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE4TCCAsmgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NacwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAyMjEyWhcNMzQxMTI5MTAyMjEyWjBhMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxDzANBgNVBAMMBmtpYmFuYTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqDU9XG+zhLp4AjP4dNNsrXoX0e +Me7i53bLbLa6GtD1bXeHG4x6MXQeOSJbRQIShf5d6rhF8lTVyd8TWLaKLNjU3Kfy +Rou05GjWfVfXUCgAazLfTiwuGfzV0/rk/vg6JbVNEbgSidzfD+HUI/F7+Qep9jxL +JMaIiJaAi1mRSI0v0CM4a8WGz8vK1Xnc5RfgA8zoMZEQQtW2nFWZ2xk4hIz7/dx7 ++oAUJXeMZkmhPYxzd7EWH2RYo9os9L6qoHbGuCc06Omke2cpK3Ww2/zgxWZVlrQe +mgUFNsMUPhJw8rTQ0YqWS8TdhF5GZqZEwwCvhgcfEKbhVkVzOXAxNOu/TS0CAwEA +AaOBjTCBijAcBgNVHREEFTATggZraWJhbmGCCWxvY2FsaG9zdDAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBTvgvO5 +HxrsRvGd8XNnD7wePFqu/TAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcL +yDANBgkqhkiG9w0BAQsFAAOCAgEAfPgV7710k/uAXpnbsfApL/2FBWQstnM9le9b +bp5azngYAEAItbhDmZInoERe0AEWpynaLgV+2wg2ZAki1E+TE49sywtbxZtbs0Pf +uyjX/M3JbFFeSjAxhaKGTO1gmLG1nxZMVRegSeE9kxf7WWgDR69cBSF2w7ZXUaep +/+xTNo6rj5c3m+euAIH+wvxalCPN2OFIpoq6LmWqLyQ2GtBnLuNN9u4hGuGKscca +o+2eC6Gnh159f3FXKxUFD+ICFY6AncvryBI2B3bgy3x1M/HW8G7iHJF47RVbQa+y +Cy1IXm1U6PrdxjOJcY03CUjxRbsMreCCVHMoeij3NbZMU3FxZi2kZ6TvqkxSK5xb +nYc7kcObLCCMJMnpekIlNxENPvvx4cXBfOJhGPVVFIBNt5D3AMrVb9+TSox8zHwt +GGmtqTYvQVDfO2xkp145AskES9Z5UEW00syPzVLVZ0V+KBtCDEMq9Sw1viyUB9w4 +PvAEUR6H6ZU8BmSbWbeAP2LcIweYV13A8oJIYcNUJh62ZzTTsojzTPUrF2JozxDG +Ep9pCJiH8XF1Gea8nXdcGv4sGbm+JFlnXienjxuyY5+SpH2wD0MKGFX80QoEhtFY +JoOfMm9puhSSqWkCwgeKGunvoRKSVpYP+8d0c9lBQR9hx2JkUKClxOVK0PN1wI0O +sGfWbXY= +-----END CERTIFICATE----- diff --git a/ror-fleet-example/certs/kibana.csr b/ror-fleet-example/certs/kibana.csr new file mode 100644 index 0000000..8c9126f --- /dev/null +++ b/ror-fleet-example/certs/kibana.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpjCCAY4CAQAwYTELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0G +A1UEBwwGTGlzYm9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMQ8w +DQYDVQQDDAZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6 +g1PVxvs4S6eAIz+HTTbK16F9HjHu4ud2y2y2uhrQ9W13hxuMejF0HjkiW0UCEoX+ +Xeq4RfJU1cnfE1i2iizY1Nyn8kaLtORo1n1X11AoAGsy304sLhn81dP65P74OiW1 +TRG4Eonc3w/h1CPxe/kHqfY8SyTGiIiWgItZkUiNL9AjOGvFhs/LytV53OUX4APM +6DGREELVtpxVmdsZOISM+/3ce/qAFCV3jGZJoT2Mc3exFh9kWKPaLPS+qqB2xrgn +NOjppHtnKSt1sNv84MVmVZa0HpoFBTbDFD4ScPK00NGKlkvE3YReRmamRMMAr4YH +HxCm4VZFczlwMTTrv00tAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAs1SVsYUE +38e0JQT+kO2rV5jiqObBFhDAmiv7Pcj0POD+yM4NHK9rffGFJq+skgjMKvmbFg1s +KGztYPFwsr/9VnYtQbvB87iEpX4v9bUy3/JvoII0Uq4CTxGk2DKFr8XTAPy32j+y +huMDIM6n38oFKP7inARVWmHfyrbnZVQJJmLukKSDg3PMgo4VwfKhccetauGxNSoI +btr8KgvJ/zonMfcfRK9sTzeK9HCeHgW3meRU2/Uc1cuYGPeubri3CHcsU1FOjVz5 +f2CV2/il/fYd2e+FDlyBb2ozZe189lqCb1R6fJRFzadtSHnSAYpcj1ctnXIweLr5 +xOHUyXQKFlLTYQ== +-----END CERTIFICATE REQUEST----- diff --git a/ror-fleet-example/certs/kibana.key b/ror-fleet-example/certs/kibana.key new file mode 100644 index 0000000..02baeda --- /dev/null +++ b/ror-fleet-example/certs/kibana.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6g1PVxvs4S6eA +Iz+HTTbK16F9HjHu4ud2y2y2uhrQ9W13hxuMejF0HjkiW0UCEoX+Xeq4RfJU1cnf +E1i2iizY1Nyn8kaLtORo1n1X11AoAGsy304sLhn81dP65P74OiW1TRG4Eonc3w/h +1CPxe/kHqfY8SyTGiIiWgItZkUiNL9AjOGvFhs/LytV53OUX4APM6DGREELVtpxV +mdsZOISM+/3ce/qAFCV3jGZJoT2Mc3exFh9kWKPaLPS+qqB2xrgnNOjppHtnKSt1 +sNv84MVmVZa0HpoFBTbDFD4ScPK00NGKlkvE3YReRmamRMMAr4YHHxCm4VZFczlw +MTTrv00tAgMBAAECggEAESymI92IhQjMYft87lXRGZENDQMiiHOK6lC1kEbnUL4E +yDif9AnNc3qT+sKqQlRX09Ismq7QL3knN1wl81saYZYKQonH7rXnwXKcxKGuPxy4 +wky3O1C8cmBzPltnUg6yqbTw0IEegkDlCr+41pP6nLbNFoS53HE2mJs6GbOL2Xo4 +rzImowG4BEBwu4O+xbaku/FUHSJBHD6r7VtCJr3qoSeMkJgxkX5KahwWzYS9LTsU +9D+lzKmREFsAgZnaCc4HXx7pSKThd7VBB3BqMwfh2zP8xscNI9MB262tiNihk8To +XTQJPJSzHII0cz8YV+jQO3FYyDduSVloAz80xY8iOQKBgQD95a61kA90yJ6a/EjT +ng641kx6xuABuqknLU2bdb8hh1m9P6X4zFWFBNDQxLqIAdkhjNspkRlnGEHyBIXm +/ogiewqJSTZjWN0MDTeqMsiUuelYW8ZMp9zSOk/hePUbH0y+AhACB2TH6yS7R9vR +SCYshRZLOZi6o1ljGEd4RTpSJQKBgQC8DsaagwoDs17AphdkNYixCP6+T33M1G5O +3FXQbpU7JK2qOWPl3bR4iMUyNQKXuIM6/Rpuku6QcmA5xkrgUhg1GEYkYijhIKVI +Ei5QynZTuxi09tDYTEHj/aVagmDlvwv0pWgpPZ4UY+OT08QB9RCKDvmALrxHerRy +RsQDZbxsaQKBgQCgleQhrCNKfxVp+4Voa0DugYRP53eJQHF6ePnsCNZBs6T7wMUO +DtdMUdZtJPDB00FtKfT4XnDNtxcGpvu2NWkPPflVCbxfq7XryHRbrtEU2F2RaEKM ++2L8iKs7ddC5PdvBFfbgAaMpmz1ZQsLypIqYf/iwzZYe/fAscA/MLyULDQKBgQCu +73/IE8WpE548z0RLL5FsPdXa6s83TxUdvtEFBxlC3ye9hY1sMwTCa1glEDLNOBK7 +ON7xpTTOodbpZ5AXg8aI/X+iML2eTmPx2xfCh9Pyp8Sf8kjsLGPO1hCPVWEV1tYk +SgnO80at6Q22YfOfbnxoMO3fU5pJU9evxixojKbuoQKBgHJB9Lt6833zNbCoJ9hT +Nx8kmGvCJSeq5Wbe5ZyI89MkkmAKg6CzRBnb/grubpHD/v5tSN/548pYJm6vgJRt +RqIHkX+F/UNC4k5akUzYZUCBQva2YQUNlZeX6fRhfN2z3gUX4tZzEkadKwy5+oEG +7FBjTY7N5U9FLNBPD4Bu2o04 +-----END PRIVATE KEY----- diff --git a/ror-fleet-example/clean.sh b/ror-fleet-example/clean.sh new file mode 100755 index 0000000..5444366 --- /dev/null +++ b/ror-fleet-example/clean.sh @@ -0,0 +1,3 @@ +#!/bin/bash -e + +docker compose --env-file .env_showcase down -v --remove-orphans \ No newline at end of file diff --git a/ror-fleet-example/docker-compose.yml b/ror-fleet-example/docker-compose.yml new file mode 100644 index 0000000..1a12720 --- /dev/null +++ b/ror-fleet-example/docker-compose.yml @@ -0,0 +1,224 @@ +services: + + elasticsearch: + build: + context: . + dockerfile: elasticsearch/image/${ES_DOCKERFILE:-ES_DOCKERFILE_NOT_CONFIGURED} + args: + ES_VERSION: ${ES_VERSION:-ES_VERSION_NOT_CONFIGURED} + ROR_VERSION: ${ROR_ES_VERSION:-ROR_ES_VERSION_NOT_CONFIGURED} + ROR_FILE: ${ES_ROR_FILE:-ES_ROR_FILE_NOT_CONFIGURED} + ports: + - "9200:9200" + - "9300:9300" + - "5005:5000" + hostname: elasticsearch + volumes: + - ./certs:/usr/share/elasticsearch/config/certs:z + environment: + - cluster.name=ror-es-cluster + - node.name=es-ror-single + - discovery.type=single-node + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5000" + - ES_VERSION=${ES_VERSION:-ES_VERSION_NOT_CONFIGURED} + - xpack.security.enabled=true + - xpack.security.http.ssl.enabled=true + - xpack.security.http.ssl.key=certs/elasticsearch.key + - xpack.security.http.ssl.certificate=certs/elasticsearch.crt + - xpack.security.http.ssl.certificate_authorities=certs/ca.crt + - xpack.security.http.ssl.verification_mode=certificate + - xpack.security.http.ssl.client_authentication=optional + - xpack.security.transport.ssl.enabled=true + - xpack.security.transport.ssl.key=certs/elasticsearch.key + - xpack.security.transport.ssl.certificate=certs/elasticsearch.crt + - xpack.security.transport.ssl.certificate_authorities=certs/ca.crt + - xpack.security.transport.ssl.verification_mode=certificate + - xpack.security.transport.ssl.client_authentication=optional + mem_limit: 2147483648 # ~ 2gb + healthcheck: + test: [ "CMD", "curl", "-f", "--cacert", "/usr/share/elasticsearch/config/certs/ca.crt", "-u", "kibana:kibana", "https://localhost:9200/_cluster/health" ] + interval: 10s + timeout: 10s + retries: 30 + start_period: 60s + ulimits: + memlock: + soft: -1 + hard: -1 + networks: + - fleet-example-network + + kibana: + build: + context: . + dockerfile: kibana/image/${KBN_DOCKERFILE:-KBN_DOCKERFILE_NOT_CONFIGURED} + args: + KBN_VERSION: ${KBN_VERSION:-KBN_VERSION_NOT_CONFIGURED} + ROR_VERSION: ${ROR_KBN_VERSION:-ROR_KBN_VERSION_NOT_CONFIGURED} + ROR_FILE: ${KBN_ROR_FILE:-KBN_ROR_FILE_NOT_CONFIGURED} + depends_on: + elasticsearch: + condition: service_healthy + ports: + - "5601:5601" + hostname: kibana + volumes: + - ./certs:/usr/share/kibana/config/certs:z + environment: + - ROR_ACTIVATION_KEY=$ROR_ACTIVATION_KEY + - SERVER_NAME=kibana + - SERVER_PUBLICBASEURL=https://kibana:5601 + - ELASTICSEARCH_HOSTS=https://elasticsearch:9200 + - ELASTICSEARCH_USERNAME=kibana + - ELASTICSEARCH_PASSWORD=kibana + - ELASTICSEARCH_SSL_VERIFICATIONMODE=none + # - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca.crt + - SERVER_SSL_ENABLED=true + - SERVER_SSL_CERTIFICATE=config/certs/kibana.crt + - SERVER_SSL_KEY=config/certs/kibana.key + - SERVER_SSL_CERTIFICATEAUTHORITIES=config/certs/ca.crt + healthcheck: + test: + [ + "CMD-SHELL", + "curl -f -i --cacert config/certs/ca.crt -u kibana:kibana https://localhost:5601/api/features | grep -q 'content-type: application/json'" + ] + interval: 10s + timeout: 10s + retries: 30 + start_period: 60s + ulimits: + memlock: + soft: -1 + hard: -1 + networks: + - fleet-example-network + + fleet-server: + depends_on: + kibana: + condition: service_healthy + elasticsearch: + condition: service_healthy + image: elastic/elastic-agent:${ES_VERSION} + hostname: fleet-server + volumes: + - ./certs:/certs:z + ports: + - 8220:8220 + restart: always + user: "1000" + environment: + - FLEET_ENROLL=1 + - FLEET_SERVER_POLICY_ID=fleet-server-policy + - FLEET_SERVER_ENABLE=1 + - KIBANA_FLEET_SETUP=1 + - KIBANA_HOST=https://kibana:5601 + - KIBANA_FLEET_CA=/certs/ca.crt + - FLEET_URL=https://fleet-server:8220 + - FLEET_SERVER_ELASTICSEARCH_HOST=https://elasticsearch:9200 + - FLEET_CA=/certs/ca.crt + - ELASTICSEARCH_USERNAME=kibana + - ELASTICSEARCH_PASSWORD=kibana + - FLEET_SERVER_CERT=/certs/fleet-server.crt + - FLEET_SERVER_CERT_KEY=/certs/fleet-server.key + - FLEET_SERVER_ELASTICSEARCH_CA=/certs/ca.crt + - ELASTIC_AGENT_LOG_LEVEL=debug + - ELASTIC_AGENT_LOG_SELECTORS=* + healthcheck: + test: + [ + "CMD-SHELL", + "curl -f -k --cacert /certs/ca.crt https://localhost:8220/api/status | grep -q '\"status\":\"HEALTHY\"'" + ] + interval: 10s + timeout: 5s + retries: 30 + start_period: 90s + networks: + - fleet-example-network + + fleet-initializer: + build: + context: fleet-initializer + dockerfile: Dockerfile + hostname: fleet-initializer + volumes: + - ./certs:/certs:z + depends_on: + elasticsearch: + condition: service_healthy + kibana: + condition: service_healthy + fleet-server: + condition: service_healthy + networks: + - fleet-example-network + + agent1: + build: + context: agent1 + dockerfile: Dockerfile + hostname: agent1 + restart: always + depends_on: + elasticsearch: + condition: service_healthy + kibana: + condition: service_healthy + fleet-initializer: + condition: service_completed_successfully + volumes: + - ./certs:/certs:z + expose: + - 8200 + ports: + - 8201:8200 + user: root + environment: + - FLEET_ENROLL=1 + - FLEET_URL=https://fleet-server:8220 + - FLEET_CA=/certs/ca.crt + - KIBANA_HOST=https://kibana:5601 + - KIBANA_FLEET_CA=/certs/ca.crt + networks: + - fleet-example-network + + service1: + build: + context: service1 + dockerfile: Dockerfile + hostname: service1 + depends_on: + elasticsearch: + condition: service_healthy + kibana: + condition: service_healthy + agent1: + condition: service_started + expose: + - 3000 + ports: + - "3001:3000" + volumes: + - ./certs:/certs:z + environment: + - ELASTIC_APM_SERVER_CA_CERT_FILE=/certs/ca.crt + networks: + - fleet-example-network + + traffic-simulator: + build: + context: traffic-simulator + dockerfile: Dockerfile + hostname: traffic-simulator + depends_on: + service1: + condition: service_started + networks: + - fleet-example-network + +networks: + fleet-example-network: + driver: bridge diff --git a/ror-fleet-example/elasticsearch/conf/log4j2.properties b/ror-fleet-example/elasticsearch/conf/log4j2.properties new file mode 100644 index 0000000..b3517e1 --- /dev/null +++ b/ror-fleet-example/elasticsearch/conf/log4j2.properties @@ -0,0 +1,85 @@ +# +# This file is part of ReadonlyREST. +# +# ReadonlyREST is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# ReadonlyREST is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with ReadonlyREST. If not, see http://www.gnu.org/licenses/ +# +# +status=error +# log actionPost execution errors for easier debugging +logger.action.name=org.elasticsearch.action +logger.action.level=info +appender.console.type=Console +appender.console.name=console +appender.console.layout.type=PatternLayout +appender.console.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n +appender.rolling.type=RollingFile +appender.rolling.name=rolling +appender.rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log +appender.rolling.layout.type=PatternLayout +appender.rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n +appender.rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}.log +appender.rolling.policies.type=Policies +appender.rolling.policies.time.type=TimeBasedTriggeringPolicy +appender.rolling.policies.time.interval=1 +appender.rolling.policies.time.modulate=true +rootLogger.level=info +rootLogger.appenderRef.console.ref=console +rootLogger.appenderRef.rolling.ref=rolling +appender.deprecation_rolling.type=RollingFile +appender.deprecation_rolling.name=deprecation_rolling +appender.deprecation_rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.log +appender.deprecation_rolling.layout.type=PatternLayout +appender.deprecation_rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n +appender.deprecation_rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.log.gz +appender.deprecation_rolling.policies.type=Policies +appender.deprecation_rolling.policies.size.type=SizeBasedTriggeringPolicy +appender.deprecation_rolling.policies.size.size=1GB +appender.deprecation_rolling.strategy.type=DefaultRolloverStrategy +appender.deprecation_rolling.strategy.max=4 +logger.deprecation.name = org.elasticsearch.deprecation +logger.deprecation.level = deprecation +logger.deprecation.appenderRef.header_warning.ref = header_warning +logger.deprecation.appenderRef.deprecation_rolling.ref=deprecation_rolling +logger.deprecation.additivity=false +appender.index_search_slowlog_rolling.type=RollingFile +appender.index_search_slowlog_rolling.name=index_search_slowlog_rolling +appender.index_search_slowlog_rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog.log +appender.index_search_slowlog_rolling.layout.type=PatternLayout +appender.index_search_slowlog_rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n +appender.index_search_slowlog_rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog-%d{yyyy-MM-dd}.log +appender.index_search_slowlog_rolling.policies.type=Policies +appender.index_search_slowlog_rolling.policies.time.type=TimeBasedTriggeringPolicy +appender.index_search_slowlog_rolling.policies.time.interval=1 +appender.index_search_slowlog_rolling.policies.time.modulate=true +logger.index_search_slowlog_rolling.name=index.search.slowlog +logger.index_search_slowlog_rolling.level=trace +logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref=index_search_slowlog_rolling +logger.index_search_slowlog_rolling.additivity=false +appender.index_indexing_slowlog_rolling.type=RollingFile +appender.index_indexing_slowlog_rolling.name=index_indexing_slowlog_rolling +appender.index_indexing_slowlog_rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog.log +appender.index_indexing_slowlog_rolling.layout.type=PatternLayout +appender.index_indexing_slowlog_rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n +appender.index_indexing_slowlog_rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog-%d{yyyy-MM-dd}.log +appender.index_indexing_slowlog_rolling.policies.type=Policies +appender.index_indexing_slowlog_rolling.policies.time.type=TimeBasedTriggeringPolicy +appender.index_indexing_slowlog_rolling.policies.time.interval=1 +appender.index_indexing_slowlog_rolling.policies.time.modulate=true +logger.index_indexing_slowlog.name=index.indexing.slowlog.index +logger.index_indexing_slowlog.level=trace +logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref=index_indexing_slowlog_rolling +logger.index_indexing_slowlog.additivity=false + +logger.ror.name=tech.beshu.ror.accesscontrol +logger.ror.level=debug \ No newline at end of file diff --git a/ror-fleet-example/elasticsearch/conf/readonlyrest.yml b/ror-fleet-example/elasticsearch/conf/readonlyrest.yml new file mode 100644 index 0000000..6cc298e --- /dev/null +++ b/ror-fleet-example/elasticsearch/conf/readonlyrest.yml @@ -0,0 +1,75 @@ +readonlyrest: + + audit: + enabled: true + outputs: [index] + + access_control_rules: + + - name: "KIBANA" + type: allow + auth_key: kibana:kibana + + - name: "Fleet server" + type: allow + token_authentication: + type: "service-token" + username: "fleet" + indices: [".fleet-servers", ".fleet-agents", ".fleet-actions", ".fleet-policies", ".fleet-policies-leader", ".fleet-enrollment-api-keys"] + + - name: "Agents" + type: allow + token_authentication: + type: "api-key" + username: "fleet" + indices: [".apm-agent-configuration", "metrics-*", "traces-*", "logs-*"] + + - name: "Forbid access to service accounts and api keys" + type: forbid + actions: ["cluster:admin/xpack/security/service_account/*", "cluster:admin/xpack/security/api_key/*"] + + - name: "Admins" + groups: [Administrators] + kibana: + access: admin + + - name: "End users" + groups: ["EndUsers"] + indices: ["frontend_logs", "kibana_sample_data_*"] + kibana: + index: .kibana_end_@{user} + access: rw + hide_apps: ["Security", "Observability"] + + - name: "Business users" + groups: ["BusinessUsers"] + indices: ["business_logs", "kibana_sample_data_*"] + kibana: + index: .kibana_business_@{user} + access: rw + hide_apps: ["Security", "Observability"] + + users: + - username: admin + auth_key: admin:admin + groups: + - id: "Administrators" + name: "Administrators" + - id: "EndUsers" + name: "End Users" + - id: "BusinessUsers" + name: "Business Users" + + - username: user1 + auth_key: user1:test + groups: + - id: "EndUsers" + name: "End Users" + - id: "BusinessUsers" + name: "Business Users" + + - username: user2 + auth_key: user2:test + groups: + - id: "EndUsers" + name: "End Users" diff --git a/ror-fleet-example/elasticsearch/image/Dockerfile-use-ror-binaries-from-api b/ror-fleet-example/elasticsearch/image/Dockerfile-use-ror-binaries-from-api new file mode 100644 index 0000000..b5219e1 --- /dev/null +++ b/ror-fleet-example/elasticsearch/image/Dockerfile-use-ror-binaries-from-api @@ -0,0 +1,23 @@ +ARG ES_VERSION=please_set_es_version_arg + +FROM docker.elastic.co/elasticsearch/elasticsearch:${ES_VERSION} + +ARG ES_VERSION=please_set_es_version_arg +ARG ROR_VERSION=please_set_ror_version_arg + +COPY elasticsearch/conf/readonlyrest.yml /usr/share/elasticsearch/config/readonlyrest.yml +COPY elasticsearch/conf/log4j2.properties /usr/share/elasticsearch/config/log4j2.properties +COPY elasticsearch/images/install-ror-es-using-api.sh /tmp/install-ror.sh + +USER root + +# RUN echo "" | /usr/share/elasticsearch/bin/elasticsearch-keystore create &&\ +# echo 'elastic' | /usr/share/elasticsearch/bin/elasticsearch-keystore add --stdin bootstrap.password -f &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.http.ssl.truststore.secure_password &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password + +RUN /tmp/install-ror.sh + +USER elasticsearch diff --git a/ror-fleet-example/elasticsearch/image/Dockerfile-use-ror-binaries-from-file b/ror-fleet-example/elasticsearch/image/Dockerfile-use-ror-binaries-from-file new file mode 100644 index 0000000..f779d44 --- /dev/null +++ b/ror-fleet-example/elasticsearch/image/Dockerfile-use-ror-binaries-from-file @@ -0,0 +1,24 @@ +ARG ES_VERSION=please_set_es_version_arg + +FROM docker.elastic.co/elasticsearch/elasticsearch:${ES_VERSION} + +ARG ES_VERSION=please_set_es_version_arg +ARG ROR_FILE=please_set_ror_file_path + +COPY elasticsearch/conf/readonlyrest.yml /usr/share/elasticsearch/config/readonlyrest.yml +COPY elasticsearch/conf/log4j2.properties /usr/share/elasticsearch/config/log4j2.properties +COPY elasticsearch/image/install-ror-es-using-file.sh /tmp/install-ror.sh +COPY $ROR_FILE /tmp/ror.zip + +USER root + +# RUN echo "" | /usr/share/elasticsearch/bin/elasticsearch-keystore create &&\ +# echo 'elastic' | /usr/share/elasticsearch/bin/elasticsearch-keystore add --stdin bootstrap.password -f &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.http.ssl.truststore.secure_password &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password &&\ +# printf 'readonlyrest' | /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password + +RUN /tmp/install-ror.sh + +USER elasticsearch \ No newline at end of file diff --git a/ror-fleet-example/elasticsearch/image/install-ror-es-using-api.sh b/ror-fleet-example/elasticsearch/image/install-ror-es-using-api.sh new file mode 100755 index 0000000..5a612dc --- /dev/null +++ b/ror-fleet-example/elasticsearch/image/install-ror-es-using-api.sh @@ -0,0 +1,27 @@ +#!/bin/bash -e + +function greater_than_or_equal() { + [ "$1" = "$(echo -e "$1\n$2" | sort -V | tail -n 1)" ]; +} + +if [[ -z "$ES_VERSION" ]]; then + echo "No ES_VERSION variable is set" + exit 1 +fi + +if [[ -z "$ROR_VERSION" ]]; then + echo "No $ROR_VERSION variable is set" + exit 2 +fi + +echo "Installing ES ROR $ROR_VERSION..." +/usr/share/elasticsearch/bin/elasticsearch-plugin install --batch "https://api.beshu.tech/download/es?esVersion=$ES_VERSION&pluginVersion=$ROR_VERSION&email=ror-sandbox%40readonlyrest.com" + +echo "Patching ES ROR $ROR_VERSION..." +if greater_than_or_equal "$ES_VERSION" "7.0.0"; then + /usr/share/elasticsearch/jdk/bin/java -jar /usr/share/elasticsearch/plugins/readonlyrest/ror-tools.jar patch --I_UNDERSTAND_AND_ACCEPT_ES_PATCHING yes +elif greater_than_or_equal "$ES_VERSION" "6.7.0"; then + "$JAVA_HOME"/bin/java -jar /usr/share/elasticsearch/plugins/readonlyrest/ror-tools.jar patch --I_UNDERSTAND_AND_ACCEPT_ES_PATCHING yes +fi + +echo "DONE!" diff --git a/ror-fleet-example/elasticsearch/image/install-ror-es-using-file.sh b/ror-fleet-example/elasticsearch/image/install-ror-es-using-file.sh new file mode 100755 index 0000000..1680601 --- /dev/null +++ b/ror-fleet-example/elasticsearch/image/install-ror-es-using-file.sh @@ -0,0 +1,23 @@ +#!/bin/bash -e + +function greater_than_or_equal() { + [ "$1" = "$(echo -e "$1\n$2" | sort -V | tail -n 1)" ]; +} + + +if [[ -z "$ES_VERSION" ]]; then + echo "No ES_VERSION variable is set" + exit 1 +fi + +echo "Installing ES ROR from file..." +/usr/share/elasticsearch/bin/elasticsearch-plugin install --batch file:///tmp/ror.zip + +echo "Patching ES ROR $ROR_VERSION..." +if greater_than_or_equal "$ES_VERSION" "7.0.0"; then + /usr/share/elasticsearch/jdk/bin/java -jar /usr/share/elasticsearch/plugins/readonlyrest/ror-tools.jar patch --I_UNDERSTAND_AND_ACCEPT_ES_PATCHING yes +elif greater_than_or_equal "$ES_VERSION" "6.7.0"; then + "$JAVA_HOME"/bin/java -jar /usr/share/elasticsearch/plugins/readonlyrest/ror-tools.jar patch --I_UNDERSTAND_AND_ACCEPT_ES_PATCHING yes +fi + +echo "DONE!" \ No newline at end of file diff --git a/ror-fleet-example/fleet-initializer/Dockerfile b/ror-fleet-example/fleet-initializer/Dockerfile new file mode 100644 index 0000000..fffa8b2 --- /dev/null +++ b/ror-fleet-example/fleet-initializer/Dockerfile @@ -0,0 +1,9 @@ +FROM ubuntu:24.04 + +RUN apt-get update \ + && apt-get install -y --no-install-recommends ca-certificates curl jq \ + && rm -rf /var/lib/apt/lists/* + +COPY entrypoint.sh /entrypoint.sh + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/ror-fleet-example/fleet-initializer/entrypoint.sh b/ror-fleet-example/fleet-initializer/entrypoint.sh new file mode 100755 index 0000000..ef0d7c2 --- /dev/null +++ b/ror-fleet-example/fleet-initializer/entrypoint.sh @@ -0,0 +1,156 @@ +#!/bin/bash -x + +# Helper function to execute curl and check for 2xx status code +check_curl() { + local description="$1" + shift + + echo "Executing: $description" + + # Execute curl and capture both output and HTTP status code + local http_code + local response + response=$(curl -w "\n%{http_code}" "$@") + http_code=$(echo "$response" | tail -n1) + local body=$(echo "$response" | sed '$d') + + echo "Response body: $body" + echo "HTTP Status: $http_code" + + # Check if status code is in 2xx range + if [[ "$http_code" =~ ^2[0-9][0-9]$ ]]; then + echo "✓ Success: $description (HTTP $http_code)" + return 0 + else + echo "✗ Failed: $description (HTTP $http_code)" + return 1 + fi +} + +while true; do + if curl -f -i --cacert /certs/ca.crt -u kibana:kibana https://kibana:5601/api/features | grep -q 'content-type: application/json'; then + + set -x + + # Check Kibana status and publicBaseUrl + echo "=== Checking Kibana Info ===" + curl -s -u "kibana:kibana" --cacert /certs/ca.crt https://kibana:5601/api/status | jq '.version, .status' + + # Detect Kibana major version for API compatibility + KBN_MAJOR_VERSION=$(curl -s -u "kibana:kibana" --cacert /certs/ca.crt https://kibana:5601/api/status | jq -r '.version.number' | cut -d. -f1) + echo "Detected Kibana major version: $KBN_MAJOR_VERSION" + + # First, check current Fleet settings + echo "=== Current Fleet settings BEFORE our changes ===" + curl -s -u "kibana:kibana" --cacert /certs/ca.crt https://kibana:5601/api/fleet/settings | jq . + + # Create agent policy + if ! check_curl "Create Elastic Agent Policy" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/agent_policies" \ + -d '{"id":"elastic-policy","name":"Elastic-Policy","namespace":"default","monitoring_enabled":["logs","metrics"]}'; then + echo "Failed to create agent policy, exiting..." + exit 1 + fi + + # Create system package policy + if ! check_curl "Create System Package Policy" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/package_policies" \ + -d '{"name":"Elastic-System-package","namespace":"default","policy_id":"elastic-policy", "package":{"name": "system", "version":"1.54.0"}}'; then + echo "Failed to create system package policy, exiting..." + exit 1 + fi + + # Get the latest available APM package version + echo "=== Detecting APM package version ===" + APM_VERSION=$(curl -s -u "kibana:kibana" --cacert /certs/ca.crt \ + "https://kibana:5601/api/fleet/epm/packages/apm" | jq -r '.item.version') + + if [ -z "$APM_VERSION" ] || [ "$APM_VERSION" = "null" ]; then + echo "ERROR: Could not detect APM package version" + exit 1 + fi + + echo "Detected APM package version: $APM_VERSION" + echo "======================================" + + # Create APM package policy + if ! check_curl "Create APM Package Policy" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/package_policies" \ + -d "{\"name\":\"apm2\",\"namespace\":\"default\",\"policy_id\":\"elastic-policy\", \"package\":{\"name\": \"apm\", \"version\":\"$APM_VERSION\"},\"inputs\":[{\"type\":\"apm\",\"enabled\":true,\"streams\":[],\"policy_template\":\"apmserver\",\"vars\":{\"host\":{\"value\":\"0.0.0.0:8200\",\"type\":\"text\"},\"url\":{\"value\":\"https://agent1:8200\",\"type\":\"text\"},\"tls_enabled\":{\"value\":true,\"type\":\"bool\"},\"tls_certificate\":{\"value\":\"/certs/agent1.crt\",\"type\":\"text\"},\"tls_key\":{\"value\":\"/certs/agent1.key\",\"type\":\"text\"}}}]}"; then + echo "Failed to create APM package policy, exiting..." + exit 1 + fi + + # Update fleet server hosts (API changed in Kibana 9.x) + if [ "$KBN_MAJOR_VERSION" -ge 9 ]; then + # In Kibana 9.x, fleet_server_hosts was removed from the settings endpoint. + # Fleet server hosts are now managed as separate resources. + EXISTING_HOST_ID=$(curl -s -u "kibana:kibana" --cacert /certs/ca.crt \ + "https://kibana:5601/api/fleet/fleet_server_hosts" | jq -r '.items[0].id // empty') + + if [ -n "$EXISTING_HOST_ID" ]; then + if ! check_curl "Update Fleet Server Host" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPUT -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/fleet_server_hosts/$EXISTING_HOST_ID" \ + -d '{"host_urls":["https://fleet-server:8220"],"is_default":true}'; then + echo "Failed to update fleet server host, exiting..." + exit 1 + fi + else + if ! check_curl "Create Fleet Server Host" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/fleet_server_hosts" \ + -d '{"name":"Default","host_urls":["https://fleet-server:8220"],"is_default":true}'; then + echo "Failed to create fleet server host, exiting..." + exit 1 + fi + fi + else + # In Kibana 8.x, fleet server hosts are set via the settings endpoint + if ! check_curl "Update Fleet Settings" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPUT -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/settings" \ + -d '{"fleet_server_hosts": ["https://fleet-server:8220"]}'; then + echo "Failed to update fleet settings, exiting..." + exit 1 + fi + fi + + # Update fleet output + if ! check_curl "Update Fleet Output" \ + -s -u "kibana:kibana" --cacert /certs/ca.crt \ + -XPUT -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/outputs/fleet-default-output" \ + -d '{"hosts": ["https://elasticsearch:9200"], "config_yaml": "ssl.verification_mode: certificate\nssl.certificate_authorities: [\"/certs/ca.crt\"]"}'; then + echo "Failed to update fleet output, exiting..." + exit 1 + fi + + # Check Fleet settings AFTER our changes + echo "=== Fleet settings AFTER our changes ===" + curl -s -u "kibana:kibana" --cacert /certs/ca.crt https://kibana:5601/api/fleet/settings | jq . + + # Check the agent policy details + echo "=== Agent Policy Details ===" + curl -s -u "kibana:kibana" --cacert /certs/ca.crt https://kibana:5601/api/fleet/agent_policies/elastic-policy | jq . + + # Check enrollment tokens + echo "=== Enrollment Tokens ===" + curl -s -u "kibana:kibana" --cacert /certs/ca.crt https://kibana:5601/api/fleet/enrollment_api_keys | jq '.items[] | select(.policy_id == "elastic-policy")' + + echo "✓ All fleet configuration completed successfully!" + break + else + echo "Waiting for Kibana to be ready..." + sleep 5 + fi +done diff --git a/ror-fleet-example/gen-cert.sh b/ror-fleet-example/gen-cert.sh new file mode 100755 index 0000000..183af85 --- /dev/null +++ b/ror-fleet-example/gen-cert.sh @@ -0,0 +1,20 @@ +#!/bin/bash -e + +if [ "$#" -ne 1 ]; then + echo "Usage: $0 " + exit 1 +fi + +SERVICE=$1 + +openssl genrsa -out "certs/$SERVICE.key" 2048 +openssl req -new -key "certs/$SERVICE.key" -out "certs/$SERVICE.csr" -subj "/C=GB/ST=London/L=London/O=Beshu/OU=IT/CN=$SERVICE" +openssl x509 -req \ + -in "certs/$SERVICE.csr" \ + -CAkey ca/ca.key \ + -CA ca/ca.crt \ + -CAcreateserial \ + -out "certs/$SERVICE.crt" \ + -days 3650 \ + -sha256 \ + -extfile <(printf "subjectAltName=DNS:$SERVICE,DNS:localhost\nextendedKeyUsage=serverAuth,clientAuth\nkeyUsage=digitalSignature,keyEncipherment,keyAgreement\nsubjectKeyIdentifier=hash") \ No newline at end of file diff --git a/ror-fleet-example/kibana/conf/ror-newplatform-kibana.yml b/ror-fleet-example/kibana/conf/ror-newplatform-kibana.yml new file mode 100644 index 0000000..1244b90 --- /dev/null +++ b/ror-fleet-example/kibana/conf/ror-newplatform-kibana.yml @@ -0,0 +1,30 @@ +server.name: kibana-ror +server.host: 0.0.0.0 +server.publicBaseUrl: "https://kibana:5601" + +xpack.fleet.agents.kibana.host: "https://kibana:5601" + +xpack.encryptedSavedObjects.encryptionKey: "random-string-above-32-or-more-characters" +xpack.fleet.packages: + - name: fleet_server + version: latest + - name: system + version: latest +xpack.fleet.agentPolicies: + - name: Fleet-Server-Policy + id: fleet-server-policy + namespace: default + monitoring_enabled: [] + package_policies: + - name: fleet_server-1 + package: + name: fleet_server + +readonlyrest_kbn.logLevel: trace +readonlyrest_kbn.cookiePass: '12312313123213123213123abcdefghijklm' + +#logging.loggers: +# - name: elasticsearch.query +# level: warn +# - name: http.server.response +# level: debug \ No newline at end of file diff --git a/ror-fleet-example/kibana/image/Dockerfile-use-ror-binaries-from-api b/ror-fleet-example/kibana/image/Dockerfile-use-ror-binaries-from-api new file mode 100644 index 0000000..b35bdd4 --- /dev/null +++ b/ror-fleet-example/kibana/image/Dockerfile-use-ror-binaries-from-api @@ -0,0 +1,16 @@ +ARG KBN_VERSION=please_set_kbn_version_arg + +FROM docker.elastic.co/kibana/kibana:${KBN_VERSION} + +ARG KBN_VERSION=please_set_kbn_version_arg +ARG ROR_VERSION=please_set_ror_version_arg + +COPY kibana/conf/ror-newplatform-kibana.yml /usr/share/kibana/config/ror-newplatform-kibana.yml +COPY kibana/image/install-ror-kbn-using-api.sh /tmp/install-ror.sh + +USER root + +RUN /tmp/install-ror.sh && \ + chown -R kibana:kibana /usr/share/kibana/config + +USER kibana diff --git a/ror-fleet-example/kibana/image/Dockerfile-use-ror-binaries-from-file b/ror-fleet-example/kibana/image/Dockerfile-use-ror-binaries-from-file new file mode 100644 index 0000000..cecc232 --- /dev/null +++ b/ror-fleet-example/kibana/image/Dockerfile-use-ror-binaries-from-file @@ -0,0 +1,17 @@ +ARG KBN_VERSION=please_set_kbn_version_arg + +FROM docker.elastic.co/kibana/kibana:${KBN_VERSION} + +ARG KBN_VERSION=please_set_kbn_version_arg +ARG ROR_FILE=please_set_ror_file_path + +COPY kibana/conf/ror-newplatform-kibana.yml /usr/share/kibana/config/ror-newplatform-kibana.yml +COPY kibana/images/install-ror-kbn-using-file.sh /tmp/install-ror.sh +COPY $ROR_FILE /tmp/ror.zip + +USER root + +RUN /tmp/install-ror.sh && \ + chown -R kibana:kibana /usr/share/kibana/config + +USER kibana diff --git a/ror-fleet-example/kibana/image/install-ror-kbn-using-api.sh b/ror-fleet-example/kibana/image/install-ror-kbn-using-api.sh new file mode 100755 index 0000000..2a6e885 --- /dev/null +++ b/ror-fleet-example/kibana/image/install-ror-kbn-using-api.sh @@ -0,0 +1,54 @@ +#!/bin/bash -e + +function greater_than_or_equal() { + [ "$1" = "$(echo -e "$1\n$2" | sort -V | tail -n 1)" ]; +} + +if [[ -z "$KBN_VERSION" ]]; then + echo "No KBN_VERSION variable is set" + exit 1 +fi + +if [[ -z "$ROR_VERSION" ]]; then + echo "No ROR_VERSION variable is set" + exit 3 +fi + +ROR_KBN_EDITION="" +if greater_than_or_equal "$ROR_VERSION" "1.43.0" && greater_than_or_equal "$KBN_VERSION" "7.9.0"; then + ROR_KBN_EDITION="kbn_universal" +else + ROR_KBN_EDITION="kbn_free" +fi +ROR_DOWNLOAD_URL="https://api.beshu.tech/download/kbn?esVersion=$KBN_VERSION&pluginVersion=$ROR_VERSION&edition=$ROR_KBN_EDITION&email=ror-sandbox%40readonlyrest.com" + +echo "Installing KBN ROR $ROR_VERSION..." +if ! greater_than_or_equal "$KBN_VERSION" "7.0.0"; then + export NODE_OPTIONS="--max-old-space-size=8192" +fi + +if greater_than_or_equal "$KBN_VERSION" "7.11.0" ; then + /usr/share/kibana/bin/kibana-plugin install "$ROR_DOWNLOAD_URL" +elif greater_than_or_equal "$KBN_VERSION" "7.2.0" ; then + /usr/share/kibana/bin/kibana-plugin install --allow-root "$ROR_DOWNLOAD_URL" +else + /usr/share/kibana/bin/kibana-plugin install "$ROR_DOWNLOAD_URL" +fi + +if greater_than_or_equal "$KBN_VERSION" "8.15.0" ; then + echo "Patching KBN $KBN_VERSION (ROR $ROR_VERSION)..." + /usr/share/kibana/node/glibc-217/bin/node plugins/readonlyrestkbn/ror-tools.js patch --I_UNDERSTAND_AND_ACCEPT_KBN_PATCHING=yes +elif greater_than_or_equal "$KBN_VERSION" "7.9.0" ; then + echo "Patching KBN $KBN_VERSION (ROR $ROR_VERSION)..." + /usr/share/kibana/node/bin/node plugins/readonlyrestkbn/ror-tools.js patch --I_UNDERSTAND_AND_ACCEPT_KBN_PATCHING=yes +fi + +if greater_than_or_equal "$KBN_VERSION" "7.9.0"; then + mv /usr/share/kibana/config/ror-newplatform-kibana.yml /usr/share/kibana/config/kibana.yml +else + echo "OLD platform not supported" + exit 1 +fi + +echo "DONE!" + diff --git a/ror-fleet-example/kibana/image/install-ror-kbn-using-file.sh b/ror-fleet-example/kibana/image/install-ror-kbn-using-file.sh new file mode 100755 index 0000000..f55b8bb --- /dev/null +++ b/ror-fleet-example/kibana/image/install-ror-kbn-using-file.sh @@ -0,0 +1,38 @@ +#!/bin/bash -e + +function greater_than_or_equal() { + [ "$1" = "$(echo -e "$1\n$2" | sort -V | tail -n 1)" ]; +} + +if [[ -z "$KBN_VERSION" ]]; then + echo "No KBN_VERSION variable is set" + exit 1 +fi + +echo "Installing KBN ROR $ROR_VERSION..." +if ! greater_than_or_equal "$KBN_VERSION" "7.0.0"; then + export NODE_OPTIONS="--max-old-space-size=8192" +fi + +if greater_than_or_equal "$KBN_VERSION" "7.11.0" ; then + /usr/share/kibana/bin/kibana-plugin install file:///tmp/ror.zip +else + /usr/share/kibana/bin/kibana-plugin install --allow-root file:///tmp/ror.zip +fi + +if greater_than_or_equal "$KBN_VERSION" "8.15.0" ; then + echo "Patching KBN $KBN_VERSION (ROR $ROR_VERSION)..." + /usr/share/kibana/node/glibc-217/bin/node plugins/readonlyrestkbn/ror-tools.js patch --I_UNDERSTAND_AND_ACCEPT_KBN_PATCHING=yes +elif greater_than_or_equal "$KBN_VERSION" "7.9.0" ; then + echo "Patching KBN $KBN_VERSION (ROR $ROR_VERSION)..." + /usr/share/kibana/node/bin/node plugins/readonlyrestkbn/ror-tools.js patch --I_UNDERSTAND_AND_ACCEPT_KBN_PATCHING=yes +fi + +if greater_than_or_equal "$KBN_VERSION" "7.9.0"; then + mv /usr/share/kibana/config/ror-newplatform-kibana.yml /usr/share/kibana/config/kibana.yml +else + echo "OLD platform not supported" + exit 1 +fi + +echo "DONE!" \ No newline at end of file diff --git a/ror-fleet-example/readonlyrest-1.69.0-pre7_es8.19.7.zip b/ror-fleet-example/readonlyrest-1.69.0-pre7_es8.19.7.zip new file mode 100644 index 0000000..179ce63 Binary files /dev/null and b/ror-fleet-example/readonlyrest-1.69.0-pre7_es8.19.7.zip differ diff --git a/ror-fleet-example/run.sh b/ror-fleet-example/run.sh new file mode 100755 index 0000000..afc5440 --- /dev/null +++ b/ror-fleet-example/run.sh @@ -0,0 +1,42 @@ +#!/bin/bash -e + +if ! docker version &>/dev/null; then + echo "No Docker found. Docker is required to run this Sandbox. See https://docs.docker.com/engine/install/" + exit 1 +fi + +if ! docker compose version &>/dev/null; then + echo "No docker compose found. It seems you have to upgrade your Docker installation. See https://docs.docker.com/engine/install/" + exit 2 +fi + +if ! docker compose config > /dev/null; then + echo "Cannot validate docker compose configuration. It seems you have to upgrade your Docker installation. See https://docs.docker.com/engine/install/" + exit 3 +fi + +echo -e " + + _____ _ ____ _ _____ ______ _____ _______ + | __ \ | |/ __ \ | | | __ \| ____|/ ____|__ __| + | |__) |___ __ _ __| | | | |_ __ | |_ _| |__) | |__ | (___ | | + | _ // _ \/ _| |/ _| | | | | '_ \| | | | | _ /| __| \___ \ | | + | | \ \ __/ (_| | (_| | |__| | | | | | |_| | | \ \| |____ ____) | | | + |_| \_\___|\__,_|\__,_|\____/|_| |_|_|\__, |_| \_\______|_____/ |_| + __/ | +" + +echo "Starting Elasticsearch and Kibana with installed ROR plugins ..." + +docker compose --env-file .env_showcase up -d --build --wait --remove-orphans --force-recreate +docker compose --env-file .env_showcase logs -f > ror-cluster.log 2>&1 & + +echo -e " +*********************************************************************** +*** *** +*** TIME TO PLAY!!! *** +*** *** +*********************************************************************** +" + +echo -e "You can access ROR KBN here: https://localhost:5601 (users: 'user1:test', 'user2:test' or admin user: 'admin:admin')" diff --git a/ror-fleet-example/service1/Dockerfile b/ror-fleet-example/service1/Dockerfile new file mode 100644 index 0000000..152a75d --- /dev/null +++ b/ror-fleet-example/service1/Dockerfile @@ -0,0 +1,15 @@ +FROM node:20-bookworm-slim + +WORKDIR /example-app +COPY app.js . +COPY entrypoint.sh /entrypoint.sh + +RUN npm init -y \ + && npm i --omit=dev elastic-apm-node express \ + && apt-get update \ + && apt-get install -y curl jq net-tools netcat-traditional \ + && chmod +x /entrypoint.sh + +ENV NODE_ENV=production +EXPOSE 3000 +CMD ["/entrypoint.sh"] \ No newline at end of file diff --git a/ror-fleet-example/service1/app.js b/ror-fleet-example/service1/app.js new file mode 100644 index 0000000..3fc18fb --- /dev/null +++ b/ror-fleet-example/service1/app.js @@ -0,0 +1,40 @@ +// Import and start the Elastic APM agent at the very top of your application +var apm = require('elastic-apm-node').start({ + serverUrl: 'https://agent1:8200', + serviceName: 'service1', + environment: 'ror-test-env', + serverCaCertFile: '/certs/ca.crt', + // secretToken: 'myverysecrettoken', + logLevel: 'debug' + }); + + const express = require('express'); + const app = express(); + + // Sample route that triggers some APM instrumentation + app.get('/', (req, res) => { + // Start a custom transaction + const transaction = apm.startTransaction('MyCustomTransaction', 'custom'); + + // Simulate some processing + setTimeout(() => { + // End the transaction + transaction.end(); + + res.send('Hello World!'); + }, 1000); + }); + + // Another route to simulate an error + app.get('/error', (req, res) => { + // Capture an error + apm.captureError(new Error('Something went wrong!')); + + res.status(500).send('Internal Server Error'); + }); + + const PORT = process.env.PORT || 3000; + app.listen(PORT, () => { + console.log(`Server running on port ${PORT}`); + }); + \ No newline at end of file diff --git a/ror-fleet-example/service1/entrypoint.sh b/ror-fleet-example/service1/entrypoint.sh new file mode 100644 index 0000000..ba62439 --- /dev/null +++ b/ror-fleet-example/service1/entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/bash -e + +echo "=== Service1 Starting ===" +echo "Waiting 10 seconds for APM Server to be fully ready..." +sleep 10 + +echo "Starting Node.js application..." +exec node /example-app/app.js + diff --git a/ror-fleet-example/traffic-simulator/Dockerfile b/ror-fleet-example/traffic-simulator/Dockerfile new file mode 100644 index 0000000..377f3ff --- /dev/null +++ b/ror-fleet-example/traffic-simulator/Dockerfile @@ -0,0 +1,8 @@ +FROM ubuntu:24.04 + +RUN apt-get update && \ + apt-get install -y curl + +COPY entrypoint.sh /entrypoint.sh + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/ror-fleet-example/traffic-simulator/entrypoint.sh b/ror-fleet-example/traffic-simulator/entrypoint.sh new file mode 100755 index 0000000..807196e --- /dev/null +++ b/ror-fleet-example/traffic-simulator/entrypoint.sh @@ -0,0 +1,20 @@ +#!/bin/bash -x + +make_request() { + local url=$1 + curl -s -o /dev/null -w "%{http_code}" "$url" +} + +while true; do + RAND=$(( RANDOM % 10 + 1 )) + + if [ "$RAND" -le 1 ]; then + URL="http://service1:3000/error" + else + URL="http://service1:3000" + fi + + make_request "$URL" + + sleep 5 +done diff --git a/xpack-fleet-example/agent1/Dockerfile b/xpack-fleet-example/agent1/Dockerfile new file mode 100644 index 0000000..0db4c35 --- /dev/null +++ b/xpack-fleet-example/agent1/Dockerfile @@ -0,0 +1,12 @@ +FROM docker.elastic.co/elastic-agent/elastic-agent:8.12.2 + +USER root + +RUN apt-get update && \ + apt-get install -y curl jq + +COPY entrypoint.sh /entrypoint.sh + +USER elastic + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/xpack-fleet-example/agent1/entrypoint.sh b/xpack-fleet-example/agent1/entrypoint.sh new file mode 100755 index 0000000..385c471 --- /dev/null +++ b/xpack-fleet-example/agent1/entrypoint.sh @@ -0,0 +1,16 @@ +#!/bin/bash -ex + +POLICY_ID="elastic-policy" +FLEET_ENROLLMENT_TOKEN=$(curl -k -s \ + -u elastic:elastic \ + https://kibana:5601/api/fleet/enrollment_api_keys | \ + jq -r '.items[] | select(any(.; .policy_id == "'$POLICY_ID'")) | .api_key') + +if [[ -z "$FLEET_ENROLLMENT_TOKEN" ]]; then + echo "Failed to retrieve enrollment token for policy_id: $POLICY_ID" >&2 + exit 1 +fi + +export FLEET_ENROLLMENT_TOKEN + +/usr/local/bin/docker-entrypoint \ No newline at end of file diff --git a/xpack-fleet-example/ca/ca.crt b/xpack-fleet-example/ca/ca.crt new file mode 100644 index 0000000..c9da610 --- /dev/null +++ b/xpack-fleet-example/ca/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFqTCCA5GgAwIBAgIUSBHERCB+3f8x+A/0YYx6FPCs0KYwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAxOTAyWhcNMzQxMTI5MTAxOTAyWjBkMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxEjAQBgNVBAMMCW1hcmlvbmV0ZTCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMxJcWSbqyzMZC2ayaOSlcf1 +lzZW1CKqFFEfM3IHP0neenZVD859nEQ9S12VpC29o2rM+aQfUKo4ZNIpXi1OT6kW +/uyholI/VOP9TAZqIyawUg/1l6onRiJ5DqSyqg7YTUMLsHupzXZ8+mIvx7aTrzzH ++DQ3rXuv/zc2Bkwu78q7HbItu2AujCF0KALxsu8BAMpcNs9lVulVnPHtGF00pRxF +wqBlw8/1Rzx+STnKxwwWCQ7SHXc3CmxIMzern15bBay2vF5hGCflKsAJLuuMWJAH +L2MD0GAynVhnKymz+b2RVlRrBbLn/1+XjLCsWLPmda+6K7wrR8TRgx53FLTSp6dN +gtnLkjGR9HY8T8ebPYL8Pb5P9wLLGLwADkSScmMwaeUK/xWZLQwqtOzF6R/cpkXd +t9ji1vjKZ8bvTDNj4DuqHwn4qeDk4bngfD0dyCj3r8Y3gfwQf237J0QUfUFeA3WK +AeFF4fKjjWvX15MWV4tIk0Mg3GhL9eUubYKtnsBEqYDhmiFSrVW2TfGTjXZhJBqn +xrlGCLT1aKFY6sVrbCaEn+SJ/jQDx+rBZiYMY7iz1+vqq4ie6q7LDmCZuUe4+Rlw +3u9ChA+avv95Y4lgqz+HQiWP9ejq2c21cb5pQIfs8QjKD5jPJr8+3XuGoIpo1lLY +GMRN9PzokkD1ARkMB4v5AgMBAAGjUzBRMB0GA1UdDgQWBBRSda45xZ5lPn0cpSjJ +IKfBmFcLyDAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcLyDAPBgNVHRMB +Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCvlKTppi+HxqRF2riaJ7LvxEde +M+qLHWzvRwcWlb3MdpTq7uZjQG2YEZY6YeyN+8AwKbUPSavS6+dUe8hfM2HgwtBb +zYaZiS2JdRnCPKQMRz+xEGlcyvXzEb5M99+zqU/5NYOOeFX5odT/nwIToWw82G61 +LXTY6WTmjQ1oRAabUdhMRyQTqL0pGYkBkLzusgh0ENWDVe0/tz/mCzi/DQD6agHy +ADaM6iqqUOIFzHXsI/N9iMNbJKSrllFy4v0AfCDpzgz4mbbUq6zV/E0KIpB/Tojh +xdl+a4Sw4tuIi8vU0TtVRs0UXCBd4I6yqrPDooIYfkh6w4OwSg07yZejuSq/dzo6 +04s8boJKQNZQo8RqVOXUG47vCZMwIj7dJEVXxM9aRkfLPWhK9iG8skh8WwcsG8mu +wL2h4FqH1IVOTv+RxhvUDY74ooUBd8eCywvS4k0iDssznQ7TbtZjTIJr54oTLiK9 +qrPVT+/eL+qFzSKVyFiDiKW+6rKdHO0KYQDXkkhGH1QqBP5rxIJiHl8drYilEw/Y +a9uWuGZZK0YFJA5RSKrIzuX10iQL80B7CXiH++zGE8KGkzxw55R9zjdWLXAsmxyr +vz1CbUsC9YXXqg4P/h4P5FYnqQyR1LWJjwhfPk1F+6POJBiwgeYtxFDlag/QGr6R +C6uLuBpvA9hPSOt4Ng== +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/ca/ca.key b/xpack-fleet-example/ca/ca.key new file mode 100644 index 0000000..893ce78 --- /dev/null +++ b/xpack-fleet-example/ca/ca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDMSXFkm6sszGQt +msmjkpXH9Zc2VtQiqhRRHzNyBz9J3np2VQ/OfZxEPUtdlaQtvaNqzPmkH1CqOGTS +KV4tTk+pFv7soaJSP1Tj/UwGaiMmsFIP9ZeqJ0YieQ6ksqoO2E1DC7B7qc12fPpi +L8e2k688x/g0N617r/83NgZMLu/Kux2yLbtgLowhdCgC8bLvAQDKXDbPZVbpVZzx +7RhdNKUcRcKgZcPP9Uc8fkk5yscMFgkO0h13NwpsSDM3q59eWwWstrxeYRgn5SrA +CS7rjFiQBy9jA9BgMp1YZysps/m9kVZUawWy5/9fl4ywrFiz5nWvuiu8K0fE0YMe +dxS00qenTYLZy5IxkfR2PE/Hmz2C/D2+T/cCyxi8AA5EknJjMGnlCv8VmS0MKrTs +xekf3KZF3bfY4tb4ymfG70wzY+A7qh8J+Kng5OG54Hw9Hcgo96/GN4H8EH9t+ydE +FH1BXgN1igHhReHyo41r19eTFleLSJNDINxoS/XlLm2CrZ7ARKmA4ZohUq1Vtk3x +k412YSQap8a5Rgi09WihWOrFa2wmhJ/kif40A8fqwWYmDGO4s9fr6quInuquyw5g +mblHuPkZcN7vQoQPmr7/eWOJYKs/h0Ilj/Xo6tnNtXG+aUCH7PEIyg+Yzya/Pt17 +hqCKaNZS2BjETfT86JJA9QEZDAeL+QIDAQABAoICACg1/J/1FEiJIt7nLPGJlPn7 +GXyUssTv/XfKUHINgyOjKy/HpojaqLu15PPS1LI8NcJ7/leT4mjfGNlVUzhPxdZe +tGcXmb/ev3LxFNneYnTnGAAUM3pGqMN4WK2KjXbGlM6xqldtIQhFqXNSPFlv0HqC +UhTVMMy749yWQb8VLhYVps6/ubZA80xSdN2/fZ0V8XXjmNZR+D2NoIruRHF0P1vF +T34LCfQRL6h0oy1BANUcMUQ9j5c7uk1+GLbIjWIhQIiyn3lkW0DfFv8dz6KFyZjw +ER/ITGfjDp2sEQ7wYiQyS2/qcQC6McY7KnJMOlmO73NbjehIDKRtKQYCIo1FOcKW +rtnemTyg8DghfghtQc4gxuNFOqEWPuDTu3u0LU/vrDSm6GEuFTWCZVl6cU7K6F6b +eHFNcFVD5RcxbRzv30XsoyRna37l/Kx+r7QTprK+E9buq/Fd2ns3e3jSZOwZdzTV +z7jcdac96IwBsYoq4sJ/2fpwQ5VdxUeMiCOX5cxCEYUzTV0MePTd5wVTXGogttaX +tYE8Pi6YCUqZzVkQwNTxT4KLMc+hK8ExOQdPEiwPjfhc38wPJs2Wz9cKZr96/fNt +v1w8Gf99kB7hNKuMtRyYPX6KRHN6ErQrtmcwXOyOUfrtTYMbMG2ynOhlu/JZcAWu +j8/m4+/g1oDzwHfDdU9RAoIBAQDpjEUybvWkohAp4Ies58O0C7uM5hCCfbqNXu7v +aevJWNsZpzE98n1ot2mDZKuUSG+U0+nzRmQ7AcKPUWY1z6ijd71f8HP7l2PDa8Ak +rGu8vuMQQIlQCjY5raPDGp7nfpfBV5IDow+1YnG6QahR3AmU5pNo/SR6qHbCwNaS +JmV+NWeCVg0m8VFsbo2D/2mCpIpZ2jdINcsj5JiVlR/mah61WkQGXUKPSrUWWXKE +7UfKH9GLH8zaaCxeSZXIzBVhDkTlM6WQElqnZeErW3ySjV70icVGsWhkinkim3Fu +KImn6FAkvVBhP6O/b+QfowSAnzUROtmKwVh/Pa0HF4vGYj3nAoIBAQDf7Qs+Bv19 +xr+UGSn09WRrlB+TFUQvrlA4afe8u2LnLszCK9WfSgt4qnvhsrVKXh/ffictxB+h +Da93yZ5ThyHVBRsDQQoiIoSQPZm4rR2U/GCaYPYW/CRtcBg5THArCuSrcUMH2gAm +nHPCqj22BFR7n3bCJsD5BO5sohy/H68onHBG2G7JQ33XfQ33Ouj3kCr3FJNrniYa +Y4P6gStP8c2pPXQqowfH7fYlF3yEVmOK+our06IRxNs4CDp1hlzG8PlN74PkpbVv +gYORMhs5lXoRIX/OAr2tKajoCjynL95LaduB/RmpIR3RnSjaZtvEw8t870CZDeHB +tlaadLbeWesfAoIBAQCCfQ4YjKiQ8L/JNht4PxI4YanLoquszSTTYixr9il4mT3p +ymGX9Amf3YKFmFTJh+NYK0L22uibk3MqcleCT2Ew3HEhzo5vDvn9sRFtLC0SCzGA +3h4aa2o6tcre8tvAChouO4hooc3gEX3rjE3IVwG/gUjxiya7pa6dR/NbOzrP1nTb +/MpibMiKpgZJrwY7qUVnyKXEodG7XzjlsqldKwO3XhTN3YOX3izprNZwcMcApuCE +NCNYEIZhtAmNZIG5daiGy2GA6tBd4W16tSYYGAbq6KMhyXPDYR8nd+RboSiwePt2 +W5QykcUi7BhwmLumRc33r4LmpPqWNVactMoy8KcXAoIBAFFNbL6JpTIsnlR0SoKR +MnPI5SnvF8HEJYZGG1fgJYnQuTFq3vYl2UJni/EnhKFKyYHI+Qqp4d4E7QeuIZks +QEFqyCMHU1mPdNg2NYETAeGdPKnwuIkh5UwC3hi3wyYtn1cMGY1ZPqLGPVWZoCxd +KBt2i5T0oy4G91ZkCdHu/BbfrfhbDuZuZdt+oTp5nip8oszxIJF7a1Q7e6jRi1tM +bSKcmHf+l42kvbE79M7L2vqT+3BYt8iB1CJlAmy3ayokRjBg3V+ANv8UZCOssKvY +tOhRZGj1H88miBgv11PQkoKJHdT1g4Kf7oaz7ChYHkUz3ccvyyGHI8fEn28XH2pd +9XsCggEAAfcPmOvEd6UVgxM89q8c7WOkAOSgcZS+jtvzPrRGq1PGG/b6xoFJ11j4 +UwZCA0j+8wbf7UGXUl8YhRUewnh3wccrhkDYAEixHOqAkqO2sL65g8bvUDrC9M57 +QXqXyAXzebnTLB4UKkBz65Bwg9+X3CYX1C+pan6NiJIBEPuA9aT6CMwr8ibpcSuY +OOXwvUA1j/QZbHs6P68eNxObpkLhMH6aHkpyR7K4KDg9ckemkH8o6yoWSboGNJTD +N+6zz/TYFJRh//S1BVNOS7PrqElmX8hknCh2VJ0WELK2qx0zrNv26ZV4aW3LPjC6 +Cqbq08317ZRzKwafJ9i2aIMGDdJ3lA== +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/ca/ca.srl b/xpack-fleet-example/ca/ca.srl new file mode 100644 index 0000000..2f3e95d --- /dev/null +++ b/xpack-fleet-example/ca/ca.srl @@ -0,0 +1 @@ +1172B84EC84A3D4FB10B00D71B21EC1BAEBC35AB diff --git a/xpack-fleet-example/certs/__pycache__/showbody.cpython-313.pyc b/xpack-fleet-example/certs/__pycache__/showbody.cpython-313.pyc new file mode 100644 index 0000000..e09d08e Binary files /dev/null and b/xpack-fleet-example/certs/__pycache__/showbody.cpython-313.pyc differ diff --git a/xpack-fleet-example/certs/agent1.crt b/xpack-fleet-example/certs/agent1.crt new file mode 100644 index 0000000..7cad12a --- /dev/null +++ b/xpack-fleet-example/certs/agent1.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE4TCCAsmgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NakwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAzMjEwNTQxWhcNMzQxMjAxMjEwNTQxWjBhMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxDzANBgNVBAMMBmFnZW50MTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrc7eaofRRY8hDZ/xHjDxage3js +RQhDBRVx1hYORRrCOOpNX71ukNOXbBGn9uv4EKzXkVpw2C4tbK45EMabhNziiiCc +ZvyW+HbxpeF5+y9l0P77EMHWrsyaavG7i72srwICA4WvgBpWzewrmNfWSOb1L2Be +iXmVOGIUpHQ4A2GksgvRioHxJvbGoYgrE5n0qgrZQLQwxggaea+T32NKQWzsuBLq +hxJnm32zHnGaS9DYs1IADN8mgxknAVeuJCIYTz5JE2losSCb4yT1galxlpw4nR39 +9rfOESG2Tes9ZFwu6gv91a7CX8kRmeqChPfkSF/bey2yjiXKPgeNffSLImUCAwEA +AaOBjTCBijAcBgNVHREEFTATggZhZ2VudDGCCWxvY2FsaG9zdDAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBRC9T95 +4NRmN9zhMZ6UxyDp5bCs6zAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcL +yDANBgkqhkiG9w0BAQsFAAOCAgEAXYOKSziZApfPEuDeghfjWACF/Se5YiQu9cln +uEyhqOx9jkOmL8GH8bjDD+hE7B92EO4Ci5vmy1Nupm9JXjnjnLZSUz25IJGQzqUI +2rjcZcGDnsqG+QYvDF/1HRgD7Nz2jERsBp+Ep1+e5kYFa0BAgwM6BTftokGXYq2M +yUw/m0eibqMA2PnX/bJq3oNVCoyXzZfUomwpmCIAcuvu+dcZk04GYFpqa7riXoh9 +qaCsjTMHc8pWONRROwmhFnBpHUDBMG8UWwBPVAzwsyagHS7E9xTF6Ou/R9AibCEZ +FYP8b04NpU3DGii2GKEtrk+sWtIkPHdMI4SgKwaTJBOmpplkhP4BzRH0CKRpKHVW +G90XZWeDJJkgeUrLQAPNSHVyVOZarYFz1dusWcH9gnixR4MC1eotLeh8Nw6Qd3OY +k3JdtcroQOu7Z0/fGtjwx3rR/d0BnvgfVrQKi6KF09ROKTbWuEIlYV4JOe6svhIY +TuZ2MQ5Q9GJUQX49i+9v3pg0/KGIfPdmR7Qbo/px5dOY0Jj7iIk9iG+eUSbobm7+ +im5RYxrbx4rgXKXknyaUuQfvki/l9l5rhYVUtSTQPfrx84K54cYPOXCTaP/7K7Vm +k+4dAym1l2bVlX5wwwpPw1JnKe75n2Z/O2ut2GmlhrdoPoZZe4HQyackkF4uQFhz +sYIMW+o= +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/agent1.csr b/xpack-fleet-example/certs/agent1.csr new file mode 100644 index 0000000..b7cd88c --- /dev/null +++ b/xpack-fleet-example/certs/agent1.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpjCCAY4CAQAwYTELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0G +A1UEBwwGTGlzYm9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMQ8w +DQYDVQQDDAZhZ2VudDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq +3O3mqH0UWPIQ2f8R4w8WoHt47EUIQwUVcdYWDkUawjjqTV+9bpDTl2wRp/br+BCs +15FacNguLWyuORDGm4Tc4oognGb8lvh28aXhefsvZdD++xDB1q7Mmmrxu4u9rK8C +AgOFr4AaVs3sK5jX1kjm9S9gXol5lThiFKR0OANhpLIL0YqB8Sb2xqGIKxOZ9KoK +2UC0MMYIGnmvk99jSkFs7LgS6ocSZ5t9sx5xmkvQ2LNSAAzfJoMZJwFXriQiGE8+ +SRNpaLEgm+Mk9YGpcZacOJ0d/fa3zhEhtk3rPWRcLuoL/dWuwl/JEZnqgoT35Ehf +23stso4lyj4HjX30iyJlAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAmfyY1gYK +4GxGy+/IWIuutkG8jiT498tB5g1/AwaUgnNfxRzMLCebWvCKoGwcMKGMNerdeOYx +5Cu2j1Sk4CLuKO6ZYDXeKxTuFzUujpd/1Jg+chWxqcbgs3VdxE6kfvhWLjbZXzUi +a9oGvRBYBmTUpmeRkyfnvrHW6X0C2egTgCcq+ZptLlqwOuRQgetH2NHRHeAXu0KZ +/fOutLLAkOhSH3g2nukLCtRDz/3nCC9BZP4exD5+dOqxrmMY1TF+0USH4OqvMHh1 +j+vabYKLeIknnVG2IMP94TFH51ZwOpNMKjENlv2CbSEt330/NozVWr+YQSiUFkrf +emNtuOK5gPPjXw== +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/agent1.key b/xpack-fleet-example/certs/agent1.key new file mode 100644 index 0000000..2e06a21 --- /dev/null +++ b/xpack-fleet-example/certs/agent1.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCq3O3mqH0UWPIQ +2f8R4w8WoHt47EUIQwUVcdYWDkUawjjqTV+9bpDTl2wRp/br+BCs15FacNguLWyu +ORDGm4Tc4oognGb8lvh28aXhefsvZdD++xDB1q7Mmmrxu4u9rK8CAgOFr4AaVs3s +K5jX1kjm9S9gXol5lThiFKR0OANhpLIL0YqB8Sb2xqGIKxOZ9KoK2UC0MMYIGnmv +k99jSkFs7LgS6ocSZ5t9sx5xmkvQ2LNSAAzfJoMZJwFXriQiGE8+SRNpaLEgm+Mk +9YGpcZacOJ0d/fa3zhEhtk3rPWRcLuoL/dWuwl/JEZnqgoT35Ehf23stso4lyj4H +jX30iyJlAgMBAAECggEAFv4skI/nZxvSFWT0n4BV+TZG716iKoq0Ti63v9eTQpbU +6GjZo6kTmbnEi/q1ror/GXdX4tsRKGOp/qcExClM/5mHu3w4mrCpRn5d04IiBH6X +2ZxJJMCiXLvB/P4/P5rToTpKpYyYuVKpmujCBHecb2IaykXmi6NCR2aeO9qGz/aM +x1R8rFCvX6QMWHDRTxsy4DK56ASbnVz1ceECM+nllxEGvGJiZ0/Bvu2TnoTPhWxk +Nj2qsFxdy/B6dg1u+lgML9JAEOZ4qOH3MFmhJtNzS6rwj4PvQ6+QwdvBW1RjLZnu +k+7nDgETD2foBAL42p3rWc9HMkmy4N4pVXKW+Pb5uQKBgQDVTG2grTjfolywhQD3 +MTXOHiO9qvGbSG2xfNYcxaknPW3MVhnIZYhIhlvTjBeVB4/6zj+JSROOjiXjmucD ++O3MOpP/5rJYsCdOiS6ZxCnDtWyMF7vv5LLiiTOyU0pDMhzyeCP7zSuy3d77+Eg4 +Zj0OGe8JCoIdBQo1U8ytX85N3QKBgQDNEazfq3nbYcETK7JQmkfVK+fvy3RIhkGv +B2W9TlSuJYWAVNuFKLaRZDpbrcmKK+3TIt6JozyCu225oNPWuHz4ctzEaBJAc83u +myh9GuYDL2q5RMTCDEX6MjtTIaQ0K5zZznym1PrL4IYb/ixA9JXRwrOS3wdVkly9 +aL3GxoGyKQKBgHN1OoZWHcoYJho69KnZzmkzMV+Sr9PBYfdIPtI2QHkILG4GUVCD +fUDc0cnyNDWscUhu6j+S+e4ZjfLlP5WL4pTBRKmpo/KT78L4SOxdHcpdY1N16XpS +jm5HnF8z7Kfw8XBijf/YMIZSyUgVPmqhFP2UFisLsCCrQLpbERjsGk1VAoGAYSUM +ZfDPizOlyTUcBb7wZHWmLByPe4POPeIdOi6PQugXdBG+5DfDNODsHF4ZaVEiGrEc +BsvDcJLlidg8Qi2nVfLjzk8Wxl2VooDyD0Hc0Il330hKhTpXNAzzuY/oP6ahaTS+ +LDIclNRJ85zWzfaPuoynkN4ClXD+aePicvW6nvECgYAPbHwPew7VSz9I+z6Ud8l0 +jWAu7mohSG0rX5JaNWQPDEu/TVrrnJJ0NGCMrC9edJ0zmplJZ/O6h2iKraj/+tQ0 +qB2S67Wq5H3zrJYf+D5kRzE416v08FuTYE564u9epFe4f/fbj0MNZnS+ikayQGf3 +PZM4xKSVh2zQ4iHoJ5MT3g== +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/ca.crt b/xpack-fleet-example/certs/ca.crt new file mode 100644 index 0000000..c9da610 --- /dev/null +++ b/xpack-fleet-example/certs/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFqTCCA5GgAwIBAgIUSBHERCB+3f8x+A/0YYx6FPCs0KYwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAxOTAyWhcNMzQxMTI5MTAxOTAyWjBkMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxEjAQBgNVBAMMCW1hcmlvbmV0ZTCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMxJcWSbqyzMZC2ayaOSlcf1 +lzZW1CKqFFEfM3IHP0neenZVD859nEQ9S12VpC29o2rM+aQfUKo4ZNIpXi1OT6kW +/uyholI/VOP9TAZqIyawUg/1l6onRiJ5DqSyqg7YTUMLsHupzXZ8+mIvx7aTrzzH ++DQ3rXuv/zc2Bkwu78q7HbItu2AujCF0KALxsu8BAMpcNs9lVulVnPHtGF00pRxF +wqBlw8/1Rzx+STnKxwwWCQ7SHXc3CmxIMzern15bBay2vF5hGCflKsAJLuuMWJAH +L2MD0GAynVhnKymz+b2RVlRrBbLn/1+XjLCsWLPmda+6K7wrR8TRgx53FLTSp6dN +gtnLkjGR9HY8T8ebPYL8Pb5P9wLLGLwADkSScmMwaeUK/xWZLQwqtOzF6R/cpkXd +t9ji1vjKZ8bvTDNj4DuqHwn4qeDk4bngfD0dyCj3r8Y3gfwQf237J0QUfUFeA3WK +AeFF4fKjjWvX15MWV4tIk0Mg3GhL9eUubYKtnsBEqYDhmiFSrVW2TfGTjXZhJBqn +xrlGCLT1aKFY6sVrbCaEn+SJ/jQDx+rBZiYMY7iz1+vqq4ie6q7LDmCZuUe4+Rlw +3u9ChA+avv95Y4lgqz+HQiWP9ejq2c21cb5pQIfs8QjKD5jPJr8+3XuGoIpo1lLY +GMRN9PzokkD1ARkMB4v5AgMBAAGjUzBRMB0GA1UdDgQWBBRSda45xZ5lPn0cpSjJ +IKfBmFcLyDAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcLyDAPBgNVHRMB +Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCvlKTppi+HxqRF2riaJ7LvxEde +M+qLHWzvRwcWlb3MdpTq7uZjQG2YEZY6YeyN+8AwKbUPSavS6+dUe8hfM2HgwtBb +zYaZiS2JdRnCPKQMRz+xEGlcyvXzEb5M99+zqU/5NYOOeFX5odT/nwIToWw82G61 +LXTY6WTmjQ1oRAabUdhMRyQTqL0pGYkBkLzusgh0ENWDVe0/tz/mCzi/DQD6agHy +ADaM6iqqUOIFzHXsI/N9iMNbJKSrllFy4v0AfCDpzgz4mbbUq6zV/E0KIpB/Tojh +xdl+a4Sw4tuIi8vU0TtVRs0UXCBd4I6yqrPDooIYfkh6w4OwSg07yZejuSq/dzo6 +04s8boJKQNZQo8RqVOXUG47vCZMwIj7dJEVXxM9aRkfLPWhK9iG8skh8WwcsG8mu +wL2h4FqH1IVOTv+RxhvUDY74ooUBd8eCywvS4k0iDssznQ7TbtZjTIJr54oTLiK9 +qrPVT+/eL+qFzSKVyFiDiKW+6rKdHO0KYQDXkkhGH1QqBP5rxIJiHl8drYilEw/Y +a9uWuGZZK0YFJA5RSKrIzuX10iQL80B7CXiH++zGE8KGkzxw55R9zjdWLXAsmxyr +vz1CbUsC9YXXqg4P/h4P5FYnqQyR1LWJjwhfPk1F+6POJBiwgeYtxFDlag/QGr6R +C6uLuBpvA9hPSOt4Ng== +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/elasticsearch.crt b/xpack-fleet-example/certs/elasticsearch.crt new file mode 100644 index 0000000..f54407a --- /dev/null +++ b/xpack-fleet-example/certs/elasticsearch.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE6zCCAtOgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NaowDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjE4MTAyMDU4WhcNMzQxMjE2MTAyMDU4WjBkMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEWMBQGA1UEAwwNZWxhc3RpY3NlYXJjaDCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoRfc1RJ7tCtbx4aBC8rO6N +bD3YGtUX0vn9TIqiz8vgPshJXzOtU16++wJ7z/hd6G5zStL4Js/2v8L3kvZO2k/r +u9NxBNpTFoOry6G5GfuxurJdAHv0/go01y+EO1DWgQ04xie1ia8o21UUVdShhq2Y +ip8vYZu1DggLkMA6yfdzv3qNBEQs8eqrGlk5+1QYl919YQ6MfQ8INkw+IICl/yrv +NVxVhYzqzCU47s7O1Yn7CHwZbTii9QI+qV04YDnLG5RUQKnP+1WL7KaEUSjdw2Gk +NVYFrfbVj1pY9TJJKe4xRssWgQGtu1kV/mZ2T4hhqv9N1IKbeS0BbwrJvvBTx9sC +AwEAAaOBlDCBkTAjBgNVHREEHDAagg1lbGFzdGljc2VhcmNogglsb2NhbGhvc3Qw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAsGA1UdDwQEAwIDqDAdBgNV +HQ4EFgQU7hNF4y6M9w8zOZfEksKFKJYGZ8QwHwYDVR0jBBgwFoAUUnWuOcWeZT59 +HKUoySCnwZhXC8gwDQYJKoZIhvcNAQELBQADggIBABc0+0vlE+y89Tf0LFBde9dy +e9Xbi7DFVOqggOBnaXbWNweoD8awYVmecCV+TRg7Gcgz7hXvpFh/EZvdb3TxvK9P +b6WN33cX/+IzDmByqFWN61FF2uz6FNlN/Je6fcHVWCV9tfvT1lo8sP8yw8lAiNBw +vH1ieW1hhhRXRMgkMTtjIvNZk54768RJIzBFTKJvG/Bnyv9G8fY/y9Q5dEI/zL3V +wbqYyPLCtZQSIKUe1ouNWhbe32RkJH6PW9XSv235mwKOGVzRWHaINMTO1+WOBsdL +fpKRuyg/pvjUesA/GnEIOApOlVC/MhefyP2cdQsm8RMm19MXhxhw0ltur2X8jG+z +w5jxQqxI5tn1cE5nKucAtMOk4MpChGzFVttBLIDbsz4JApDVZn+/Yh89fXq1vPs2 +U6nweb8mVGHnFdFOng5bvpGroG0kL3dFkTIJ7TURd/voMTe7xY5i/6WPQV1Wmoe9 +G8TGeOxTl+J5J7MLOcof8qmTdmFZj9us37RYkJ0U0w0HQCieVAfp4mv2CMhrwAlm +WRJwGmt9hSUNKt38NcJTuK5m81NeSbznfBzXI1NC+hEAfkVHoVgrtciJvKTNvRlW +OyyCWlNndcGZS8vZsz579fLIxPrbTuZmg0p7w3HF1JKEZVANvA5jYdZjm3cPkeED +ZMQNQLO+lZw1JjUbApoZ +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/elasticsearch.csr b/xpack-fleet-example/certs/elasticsearch.csr new file mode 100644 index 0000000..c00cff1 --- /dev/null +++ b/xpack-fleet-example/certs/elasticsearch.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqTCCAZECAQAwZDELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0G +A1UEBwwGTG9uZG9uMQ4wDAYDVQQKDAVCZXNodTELMAkGA1UECwwCSVQxFjAUBgNV +BAMMDWVsYXN0aWNzZWFyY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDaEX3NUSe7QrW8eGgQvKzujWw92BrVF9L5/UyKos/L4D7ISV8zrVNevvsCe8/4 +Xehuc0rS+CbP9r/C95L2TtpP67vTcQTaUxaDq8uhuRn7sbqyXQB79P4KNNcvhDtQ +1oENOMYntYmvKNtVFFXUoYatmIqfL2GbtQ4IC5DAOsn3c796jQRELPHqqxpZOftU +GJfdfWEOjH0PCDZMPiCApf8q7zVcVYWM6swlOO7OztWJ+wh8GW04ovUCPqldOGA5 +yxuUVECpz/tVi+ymhFEo3cNhpDVWBa321Y9aWPUySSnuMUbLFoEBrbtZFf5mdk+I +Yar/TdSCm3ktAW8Kyb7wU8fbAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAcOiM +XEBC9QNyFMO5DvU12moVjsge+I5DWHVbDHgha0puRLoJkzNVNT4ReaMXlX2nuaSy +dvk339m/irru7XpgYSVOBnbIyJq1TpE0P0c0pI0DCkFlP9n8utEPRS+2ZlW0rcWu +PySRxWxfdhUz+oMXjKDQ9Y7PR7AqSq5SAtOwRzQGWv0lRlfHS5aAnD7qrwcYhcBJ +gE/v7laHZUDgbgQsw1JZC7TPo0L84vTxOxUapl8Uy73z84MlQpaI2JO7bVSBWher +kP6A3HK1+L0YLVP9TXBtBStyI17+Ih/XlozZaw4k/HbedXopwnx3Hc93Z08TGxkq +3MmGB5A1Q4Cu1FZTsg== +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/elasticsearch.key b/xpack-fleet-example/certs/elasticsearch.key new file mode 100644 index 0000000..094527c --- /dev/null +++ b/xpack-fleet-example/certs/elasticsearch.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaEX3NUSe7QrW8 +eGgQvKzujWw92BrVF9L5/UyKos/L4D7ISV8zrVNevvsCe8/4Xehuc0rS+CbP9r/C +95L2TtpP67vTcQTaUxaDq8uhuRn7sbqyXQB79P4KNNcvhDtQ1oENOMYntYmvKNtV +FFXUoYatmIqfL2GbtQ4IC5DAOsn3c796jQRELPHqqxpZOftUGJfdfWEOjH0PCDZM +PiCApf8q7zVcVYWM6swlOO7OztWJ+wh8GW04ovUCPqldOGA5yxuUVECpz/tVi+ym +hFEo3cNhpDVWBa321Y9aWPUySSnuMUbLFoEBrbtZFf5mdk+IYar/TdSCm3ktAW8K +yb7wU8fbAgMBAAECggEAY0+8+cEAdbVbW+KADkNHBHtOtNmS2sI3WJdlgOvF88UE +AqX7n+bLRaZ3XTmyzJtD6+1AwdS2pFZtHacvfFIL9YLXruNVQPK/GacnHVdVwH1A +F9PoEQvRmCdZaq/vbZDLBBD7mYEBG87hGJ2iuyv20F9cnkNvUgDCS6KswQblDPaH +2krrI/WLQgjjXOXGtUUv3lUiFLq4h63KSggBWCid60Iz8SCpr0t52kj1GeTot8Cy +2CnCVG/6E9ysgwLDaGRXHuECbu9P0emzza4uGXDiEgUKE0dBqD877sCF+efQpPIO +lQfr5oi0y0ZRV2MFVAhuRsaJRaxWE4ctueHk1Zf+BQKBgQD4ySMT6ikt1LOxsqaS +EZ6doTaD4HC9mgQ98Ec3zOwmx3Chg0AIwwsIGBBkeOKLX1xecmudys9syvQapTVg +e6hNd94Xjr+MfkJi75bf/zRaAH2Ek3F2++IK1Wi5g/WJKfmiClT8mcR+RCbLTZXK +hyfLDyP1j+EXfb8WwQmP4T/V/QKBgQDgZFLgE9AYTPH2kAigZd8LxGJpFH1sTCnr +mz+9PoF2Vb5+RgA4ywNzOMMlT2QwkP5w3y+/I6F2YqSENuNMXJf7kqZ2/MNX0ED1 +eJ9qvd0Ilh5qu6Dp9PGe3CxkTIs6ua/lXUkvBjuYIQ6sNt9sknZAXrvulSdopWxW +Nj2lLzoQtwKBgQCnaYpeS1N8kMZ/DG4EmzC2eBacNbsIC41RNNBn31EGY20Kcqzz +eHSC9NaLFcG08e3RbIO4ghKE7inHiGbbzzqZLtFX3upNG2WG+Bz6DNzot62/Ogy/ +eY5JpgQ72m2u6H0gqn04Ii1Unn3Qjxv+VmbTwRN8ml5pFWgyYqIRnQz87QKBgBpQ +6b9J04/mBkKKZdiZ2ezBXWFBe+wlio0NKg6BtCEysSKSBxiiBoeO0qQfiXqApraK +FkluXlNKAk1XOpUMDu78JfWycx5rWBLx0JBuL+v/3xVZZ+fISEX/QF2K9JEwkcZu +iFSxgG+5AMWFsfJDwwaNlbDHYVXOgMQjnFsxDLhFAoGBANrPzTOz7mWHVRus8y55 +cd19IqKuxt9L+mfhdF91Wqi44YK4Pt1vSb2FGhJvN+qgYj4jPHvUzUJibKKoJNRx +R6lbK3O+cWjFcDaD9OTTiTuOLlcBby/9Ew7b/RaeYgDpDgviEvVYpKoPBxNnu8+G +XZZHb7SsYO88UYl8YqiGc3pO +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-es-proxy.crt b/xpack-fleet-example/certs/fleet-es-proxy.crt new file mode 100644 index 0000000..6626e65 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-es-proxy.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE7TCCAtWgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NaswDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjIwMTM1NDI3WhcNMzQxMjE4MTM1NDI3WjBlMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEXMBUGA1UEAwwOZmxlZXQtZXMtcHJveHkw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC22X1nE3iO0su0zadFZmb/ +c6y+2Yvn66dEl+h9Joz7nz71gC8/B2nYb6stljptGIj0wMagveZxYQpHu/8UGHDd +Q5SGRFzzRiUCQ1/wbxtIKcMWKIahRYjnYoNIYv2oSIz1oboLn8Rzgq4PIExo2Op6 +V9jgQZ0on161iNuN3NunLaQVcNip9RDEUj41ploTPLv8BCnM4Sy0jFC6QNVURKf1 +JNLFs2Uukmbc2kSGXKManuIplkncAPNxNCZY9FWOKA78mIwZCgmXSfVyeiOPTvRP +td/9dYfn01aFR8bA9FBjJzAXW7BBbgyZCuytc87OjKBDkVMrdHW6Q6S3W9+zEwSN +AgMBAAGjgZUwgZIwJAYDVR0RBB0wG4IOZmxlZXQtZXMtcHJveHmCCWxvY2FsaG9z +dDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0G +A1UdDgQWBBREw9WH1K+VWc3wZfzzmCkWKH3kIzAfBgNVHSMEGDAWgBRSda45xZ5l +Pn0cpSjJIKfBmFcLyDANBgkqhkiG9w0BAQsFAAOCAgEATmLxSblMZODumpJN9493 +dZAn4ZhUczmXPH0leKZ8WuKVJSKt6A/kWLW8aDO9W67TW7aH44abALBpCtgZSSWy +rR01wESbvbyvvjKFH+3UaxLUzK3apFjB7ygyn9ndE9KGGbjjHqhayq3V7CNu6mSi +xXPYj2/emvUNJOEX/SIisb79k9GOkyAm4X24cIAZHnx8bUBb1HlWT8fofi06aQ3k +O4pjao/s0waMwWAtGmFm4Npldwp5B/QZAUcYSvagN9aNBYNFZYoCYsJ3JwnM0iww +hnUwRJTINJnxPsrkGgqhOWK6G7QDHNpuDAPFgvhlPMtdcaiWPT/C7ZjO0WgxX49Z +00dknpBLtw+CWZpTw3fIR2O5j7Q+QZgG7E82sx4F1ssbyozVHG2y4iRCpq9k0VRR +5VXxrZKsHd8R6aDYckEZq2NEqiR5CXTN4CYOEv09EXJcU2+oaYosIAmLAYE/pHOQ +q1jNqnUwcRd57Oj6er2KTM4QSKvcbNiK62r53MvxQq6YaYVuHRPyQJAqk2iGRV6i +/BH2ZZSfFpclYZuI4EqcWOUm6OYPZLkP66jl+2x0NXa6sCCi1P5vLhZfaFSysiL9 +GKbTLLLWuOFa+M5/1bWV5oUltI/yaSaT0ITCM+AT7MRp26Reyswtd+u4cPyAwmfj +WOfp2uKptq8aQBg+3+JeC0Y= +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/fleet-es-proxy.csr b/xpack-fleet-example/certs/fleet-es-proxy.csr new file mode 100644 index 0000000..e8c7823 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-es-proxy.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwZTELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0G +A1UEBwwGTG9uZG9uMQ4wDAYDVQQKDAVCZXNodTELMAkGA1UECwwCSVQxFzAVBgNV +BAMMDmZsZWV0LWVzLXByb3h5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEAttl9ZxN4jtLLtM2nRWZm/3OsvtmL5+unRJfofSaM+58+9YAvPwdp2G+rLZY6 +bRiI9MDGoL3mcWEKR7v/FBhw3UOUhkRc80YlAkNf8G8bSCnDFiiGoUWI52KDSGL9 +qEiM9aG6C5/Ec4KuDyBMaNjqelfY4EGdKJ9etYjbjdzbpy2kFXDYqfUQxFI+NaZa +Ezy7/AQpzOEstIxQukDVVESn9STSxbNlLpJm3NpEhlyjGp7iKZZJ3ADzcTQmWPRV +jigO/JiMGQoJl0n1cnojj070T7Xf/XWH59NWhUfGwPRQYycwF1uwQW4MmQrsrXPO +zoygQ5FTK3R1ukOkt1vfsxMEjQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAGMa +LANzWNVdpULwwSTWXrjQtVV/oeSP/AOXu+jkDiI0MLJdwr5gF8415LEGYfdRm/YW +MLMzPnvzRikakOE20qzkG89hRp+GiGx4RI6oPdf4bcn0GsPJWPESkJDE2F15SqEn +5jLkviup2FDOpCRHN/iWVEvBlTbQo0JE2ee8+S3z5An3Nd5ke/Jyzu9pksLtbcUK +86UQeZLGiIIpSIJ2JRMISp2oNmNDjk8c6YWz/sKZ18U4TJXlkEdLuT1r5j92IIV3 +Chdv9TOEp93DKGLBdrPB1rAoKxGJjK1I0i9viCN21WaKW3NPf4priGNzrWk5Eloe +tGirSPLTe2qIbsPY9Gc= +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/fleet-es-proxy.key b/xpack-fleet-example/certs/fleet-es-proxy.key new file mode 100644 index 0000000..fe5f980 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-es-proxy.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC22X1nE3iO0su0 +zadFZmb/c6y+2Yvn66dEl+h9Joz7nz71gC8/B2nYb6stljptGIj0wMagveZxYQpH +u/8UGHDdQ5SGRFzzRiUCQ1/wbxtIKcMWKIahRYjnYoNIYv2oSIz1oboLn8Rzgq4P +IExo2Op6V9jgQZ0on161iNuN3NunLaQVcNip9RDEUj41ploTPLv8BCnM4Sy0jFC6 +QNVURKf1JNLFs2Uukmbc2kSGXKManuIplkncAPNxNCZY9FWOKA78mIwZCgmXSfVy +eiOPTvRPtd/9dYfn01aFR8bA9FBjJzAXW7BBbgyZCuytc87OjKBDkVMrdHW6Q6S3 +W9+zEwSNAgMBAAECggEACysfqMMcswSXIrUJCYkms2W6YHHjRMg1EFCDB9np9JiW +fOJWgHAQfALeHsu1R+KewuxfdYQD5lr6CMWn3+9aPXmaQdU9JDLdodTBsGro7LB4 +VQsmpgUcRp3SzQIW4keELKCzP3CDzFZoEU50vFa7g7uH6LK5SbjqTQZN+s1JsV1S +3afhwJzcTFps6ZLwXr5l8L/n+S6nRdztvZ4Oe73Q+lmOoTp2fp+f78TFIOhQej5N +Bhxy5juYPchxtktFMNkhrc4yWvwXvJBLEpdMHOjmO9fZLBxL038+rzS8H1QuenvB +XAR/iGF1Kf7pfidxBDe00TLzLcKGZqbnhcaU8zf/VQKBgQDfhAdTJLnCaPjPAqiO +rWBA3OEgJ3FXemA1K8dm0Av2IsHoG4FrsSr5LKFHjyquFa2t4HFOsL/lyFlKPCfW +1RKSbJ7XA428+4hOrn1FG1ug2MZbif4GjkpvYPqTt4QqJoUuK2sQe8PiLSRhx+9d +xoeFNpIUiqW5XpqCUN+jBqm8UwKBgQDRbHbMJ+LuGGjEEEZiN5Ml7ZV3ML+NT+cx +VEp8BfYCteS9l6SohWPwcfO8Ey2FEUyTGals1QPiiCGv39qIkGPLSphtD/T+m+Ho +EWj3gkZj+w4mQJhRFEUqhLbkHbECUTXf6ecPYE0lBUCvBnT0SF+Yd335Md6mSIT9 +hT1TY6MfnwKBgQCb/L9D5iiBpdKmXduWnybCfaPbVcuC2lPUJ7ZkaSM/5mfe/Xsn +1iAAf4Yas658iYKJC07oNO/nhBfUeADxrAfnCkkcE03SqtQo3RttpDchHMfp0Hbo +ylrmOg8GEhf5dqKRYxm4CjfdW9W9K9RAZLHlZP0zusMHiB9afOhmFNtWIwKBgEFg +ddmX3gzsC9ChMAe7R7GAcLeLvVC1D/xjTvlWtwzzkZvqOhntwlwuhqNA7WXsF5aY +XT6/ZP4T90g7PrKBONYezGTHpXjSWvyiar1Rqv3NQwaIBcTR6iGy2pFt/3M0vPfQ +wjQXoR2cfSvmfR5Bda5YJzhi7BnG69VlAdcFdMgLAoGAFA5hRNalKyJlguB+WzQy +n55KfxzEuuF6hWA3uWYRKzIcrGcSBNk70IddhRQWKOqIx1Omhseo9sEmw/J0bWde +80vPtsHV+O60P6Bvvul27WJ7kN8WBIQ2swR1MJm/G/slkDw5O2d9VJYRNcqvuoGP +Mf7m35dXfSJlY+UjMLg/Jkk= +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-es-proxy.pem b/xpack-fleet-example/certs/fleet-es-proxy.pem new file mode 100644 index 0000000..bcdf364 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-es-proxy.pem @@ -0,0 +1,57 @@ +-----BEGIN CERTIFICATE----- +MIIE7TCCAtWgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NaswDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjIwMTM1NDI3WhcNMzQxMjE4MTM1NDI3WjBlMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEXMBUGA1UEAwwOZmxlZXQtZXMtcHJveHkw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC22X1nE3iO0su0zadFZmb/ +c6y+2Yvn66dEl+h9Joz7nz71gC8/B2nYb6stljptGIj0wMagveZxYQpHu/8UGHDd +Q5SGRFzzRiUCQ1/wbxtIKcMWKIahRYjnYoNIYv2oSIz1oboLn8Rzgq4PIExo2Op6 +V9jgQZ0on161iNuN3NunLaQVcNip9RDEUj41ploTPLv8BCnM4Sy0jFC6QNVURKf1 +JNLFs2Uukmbc2kSGXKManuIplkncAPNxNCZY9FWOKA78mIwZCgmXSfVyeiOPTvRP +td/9dYfn01aFR8bA9FBjJzAXW7BBbgyZCuytc87OjKBDkVMrdHW6Q6S3W9+zEwSN +AgMBAAGjgZUwgZIwJAYDVR0RBB0wG4IOZmxlZXQtZXMtcHJveHmCCWxvY2FsaG9z +dDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0G +A1UdDgQWBBREw9WH1K+VWc3wZfzzmCkWKH3kIzAfBgNVHSMEGDAWgBRSda45xZ5l +Pn0cpSjJIKfBmFcLyDANBgkqhkiG9w0BAQsFAAOCAgEATmLxSblMZODumpJN9493 +dZAn4ZhUczmXPH0leKZ8WuKVJSKt6A/kWLW8aDO9W67TW7aH44abALBpCtgZSSWy +rR01wESbvbyvvjKFH+3UaxLUzK3apFjB7ygyn9ndE9KGGbjjHqhayq3V7CNu6mSi +xXPYj2/emvUNJOEX/SIisb79k9GOkyAm4X24cIAZHnx8bUBb1HlWT8fofi06aQ3k +O4pjao/s0waMwWAtGmFm4Npldwp5B/QZAUcYSvagN9aNBYNFZYoCYsJ3JwnM0iww +hnUwRJTINJnxPsrkGgqhOWK6G7QDHNpuDAPFgvhlPMtdcaiWPT/C7ZjO0WgxX49Z +00dknpBLtw+CWZpTw3fIR2O5j7Q+QZgG7E82sx4F1ssbyozVHG2y4iRCpq9k0VRR +5VXxrZKsHd8R6aDYckEZq2NEqiR5CXTN4CYOEv09EXJcU2+oaYosIAmLAYE/pHOQ +q1jNqnUwcRd57Oj6er2KTM4QSKvcbNiK62r53MvxQq6YaYVuHRPyQJAqk2iGRV6i +/BH2ZZSfFpclYZuI4EqcWOUm6OYPZLkP66jl+2x0NXa6sCCi1P5vLhZfaFSysiL9 +GKbTLLLWuOFa+M5/1bWV5oUltI/yaSaT0ITCM+AT7MRp26Reyswtd+u4cPyAwmfj +WOfp2uKptq8aQBg+3+JeC0Y= +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC22X1nE3iO0su0 +zadFZmb/c6y+2Yvn66dEl+h9Joz7nz71gC8/B2nYb6stljptGIj0wMagveZxYQpH +u/8UGHDdQ5SGRFzzRiUCQ1/wbxtIKcMWKIahRYjnYoNIYv2oSIz1oboLn8Rzgq4P +IExo2Op6V9jgQZ0on161iNuN3NunLaQVcNip9RDEUj41ploTPLv8BCnM4Sy0jFC6 +QNVURKf1JNLFs2Uukmbc2kSGXKManuIplkncAPNxNCZY9FWOKA78mIwZCgmXSfVy +eiOPTvRPtd/9dYfn01aFR8bA9FBjJzAXW7BBbgyZCuytc87OjKBDkVMrdHW6Q6S3 +W9+zEwSNAgMBAAECggEACysfqMMcswSXIrUJCYkms2W6YHHjRMg1EFCDB9np9JiW +fOJWgHAQfALeHsu1R+KewuxfdYQD5lr6CMWn3+9aPXmaQdU9JDLdodTBsGro7LB4 +VQsmpgUcRp3SzQIW4keELKCzP3CDzFZoEU50vFa7g7uH6LK5SbjqTQZN+s1JsV1S +3afhwJzcTFps6ZLwXr5l8L/n+S6nRdztvZ4Oe73Q+lmOoTp2fp+f78TFIOhQej5N +Bhxy5juYPchxtktFMNkhrc4yWvwXvJBLEpdMHOjmO9fZLBxL038+rzS8H1QuenvB +XAR/iGF1Kf7pfidxBDe00TLzLcKGZqbnhcaU8zf/VQKBgQDfhAdTJLnCaPjPAqiO +rWBA3OEgJ3FXemA1K8dm0Av2IsHoG4FrsSr5LKFHjyquFa2t4HFOsL/lyFlKPCfW +1RKSbJ7XA428+4hOrn1FG1ug2MZbif4GjkpvYPqTt4QqJoUuK2sQe8PiLSRhx+9d +xoeFNpIUiqW5XpqCUN+jBqm8UwKBgQDRbHbMJ+LuGGjEEEZiN5Ml7ZV3ML+NT+cx +VEp8BfYCteS9l6SohWPwcfO8Ey2FEUyTGals1QPiiCGv39qIkGPLSphtD/T+m+Ho +EWj3gkZj+w4mQJhRFEUqhLbkHbECUTXf6ecPYE0lBUCvBnT0SF+Yd335Md6mSIT9 +hT1TY6MfnwKBgQCb/L9D5iiBpdKmXduWnybCfaPbVcuC2lPUJ7ZkaSM/5mfe/Xsn +1iAAf4Yas658iYKJC07oNO/nhBfUeADxrAfnCkkcE03SqtQo3RttpDchHMfp0Hbo +ylrmOg8GEhf5dqKRYxm4CjfdW9W9K9RAZLHlZP0zusMHiB9afOhmFNtWIwKBgEFg +ddmX3gzsC9ChMAe7R7GAcLeLvVC1D/xjTvlWtwzzkZvqOhntwlwuhqNA7WXsF5aY +XT6/ZP4T90g7PrKBONYezGTHpXjSWvyiar1Rqv3NQwaIBcTR6iGy2pFt/3M0vPfQ +wjQXoR2cfSvmfR5Bda5YJzhi7BnG69VlAdcFdMgLAoGAFA5hRNalKyJlguB+WzQy +n55KfxzEuuF6hWA3uWYRKzIcrGcSBNk70IddhRQWKOqIx1Omhseo9sEmw/J0bWde +80vPtsHV+O60P6Bvvul27WJ7kN8WBIQ2swR1MJm/G/slkDw5O2d9VJYRNcqvuoGP +Mf7m35dXfSJlY+UjMLg/Jkk= +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-kbn-proxy.crt b/xpack-fleet-example/certs/fleet-kbn-proxy.crt new file mode 100644 index 0000000..efb0f33 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-kbn-proxy.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE7zCCAtegAwIBAgIUEXK4TshKPU+xCwDXGyHsG668Na0wDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjIwMTM1NDM3WhcNMzQxMjE4MTM1NDM3WjBmMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPZmxlZXQta2JuLXByb3h5 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TEaRk51CQX7DG7pe5aN +WuHIMDHgKTAeltG8HnHqpNFxdtc32k8Nd+WuFIrqPFMLcIXQXf8IgmYsKS+aQ+tD +UraRssf6DkxX5G76aevWxlbbDLYbd6x2jePfCryRK/Ue8mWeacHYolDflWhtZTW+ +6F0lw8MrR2qLrL0dacHRy7qRRv6lamNct0H5fLgCMpLPiAYDoFtE8/eBxmI6a4sD +UyGYMWd1wKvYc0638IJBBWidMftNA0SY+tcMnVzDEjxmZCtBODQSMvFrXLIGe2fq +wgxGbaBpQxH58ACp7uuGI1No6Lr+5A/l7BZB36OmHx1e+5ZA6tlDdN05t40I4SZL +FwIDAQABo4GWMIGTMCUGA1UdEQQeMByCD2ZsZWV0LWtibi1wcm94eYIJbG9jYWxo +b3N0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgNVHQ8EBAMCA6gw +HQYDVR0OBBYEFDZaFzs403B8qgD4+VCCKejDlz+yMB8GA1UdIwQYMBaAFFJ1rjnF +nmU+fRylKMkgp8GYVwvIMA0GCSqGSIb3DQEBCwUAA4ICAQCc0Eer/OWa3anWc8b5 +0sWpv/1yrAW+Jul4nwYb2WeMbbpLytKxAZYD7L8VwIOG0DbV7CTOrpmLlKJtcZnd +2ts+bjxxvreaEoVjrFer40Pec4XDH/wlATbu6PUUKRGS9gxj7POichj7isZQhXhl +tsc0k63Fh7hGmZ9hQ66tBE7At4ccv6kUTXW1QIDrdPDPCXBTAexxyQ8I9+U4fa7f +lvJ81ZWdlmZ9uRXfc/FC4PmhsA/y4ALIvE1uLvSIOgL1YPnTtFNQAPIV0/MiZ9RP +5Q7Y/ycP/DulPzFXPRgoDRNkFav1r3Na2wBOwHsR6/qAihAn3/rEzA554bb9aMhT +Ba+i0Tqi2BB7L9z/0G6ZXeP9QqO5Ycir53gnsJf/RY6MwpLxWsE50NWv7K3sUrgs +VhtlWaFWgsiSpvX5LkbTEAyIbzZ/SQshS2shZN5kL3lhM0npVPDu+VzFuMyIQTBQ +77F2eElxjOcUusZHrW47oapUSOK22DZJBs76qhSKMw+KeyQuBqq94nhOSzkrUdAX +lux2jpHVi40cxEMFm9jVdwgqTNLfBOKJTW+0kkX/9QdpFC1IAv8AaTvzAOwl+STL +djxKXVD5MLJZ9iGJZ00pfT3OwmSEIZlnzAtNcHo/U9+7kkQKqC0HdGWcFxfJECU3 +qcrptNONw3EYSjZnMw/FuGcHBw== +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/fleet-kbn-proxy.csr b/xpack-fleet-example/certs/fleet-kbn-proxy.csr new file mode 100644 index 0000000..a3311f0 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-kbn-proxy.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqzCCAZMCAQAwZjELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0G +A1UEBwwGTG9uZG9uMQ4wDAYDVQQKDAVCZXNodTELMAkGA1UECwwCSVQxGDAWBgNV +BAMMD2ZsZWV0LWtibi1wcm94eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBANExGkZOdQkF+wxu6XuWjVrhyDAx4CkwHpbRvB5x6qTRcXbXN9pPDXflrhSK +6jxTC3CF0F3/CIJmLCkvmkPrQ1K2kbLH+g5MV+Ru+mnr1sZW2wy2G3esdo3j3wq8 +kSv1HvJlnmnB2KJQ35VobWU1vuhdJcPDK0dqi6y9HWnB0cu6kUb+pWpjXLdB+Xy4 +AjKSz4gGA6BbRPP3gcZiOmuLA1MhmDFndcCr2HNOt/CCQQVonTH7TQNEmPrXDJ1c +wxI8ZmQrQTg0EjLxa1yyBntn6sIMRm2gaUMR+fAAqe7rhiNTaOi6/uQP5ewWQd+j +ph8dXvuWQOrZQ3TdObeNCOEmSxcCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQB6 +NU1Q4OmekIOA3r2ryWXZxQ1LiFuvpJwGcTmpcuuHaeW2e+O+sBes1BU23iG5Fc3j +JGCTJg0BspxvHdGAk948JCcNCD+bAnxPbwmW5wu/SbzqQ8oICQUQPsqVJt+vHsaO +fn8mfI3WpOFt/pzjqPOC+bC/dNWAF9G/gATYcLK+Owk0R+Cp+PWOl8DfetDu3Vkd +dtvWnLfzOIjENB8k+ERtIowlfikwWSi1DY83u201SsTZc262ex416NfmeOAb7VvR +XGxt8vnReN9otFQSzepjitu+8mhg+3TWpIGc54rXI7O/xT+aoNGZrhYEz2UBDqLt +vGVW/zUVQFcRAatM5QNC +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/fleet-kbn-proxy.key b/xpack-fleet-example/certs/fleet-kbn-proxy.key new file mode 100644 index 0000000..c2886a4 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-kbn-proxy.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDRMRpGTnUJBfsM +bul7lo1a4cgwMeApMB6W0bweceqk0XF21zfaTw135a4Uiuo8UwtwhdBd/wiCZiwp +L5pD60NStpGyx/oOTFfkbvpp69bGVtsMtht3rHaN498KvJEr9R7yZZ5pwdiiUN+V +aG1lNb7oXSXDwytHaousvR1pwdHLupFG/qVqY1y3Qfl8uAIyks+IBgOgW0Tz94HG +YjpriwNTIZgxZ3XAq9hzTrfwgkEFaJ0x+00DRJj61wydXMMSPGZkK0E4NBIy8Wtc +sgZ7Z+rCDEZtoGlDEfnwAKnu64YjU2jouv7kD+XsFkHfo6YfHV77lkDq2UN03Tm3 +jQjhJksXAgMBAAECggEAM2h/Pf7i6QxEtTn+e+Y0J7zrrtha75RJOCQjuFGjacyk +tyFNswMRWsEhZh/7T0bTPVxNKARYKX+FY7u0i/NhcI64QHi/fUsKoHMba/NOrSBE +JZwNJPxHiDgTJHbRsD1FVSle5DuEiuMYBwYKOECcgUr+0FyCosLOv20cMNS2Q3vM +a2rsLXFJgpnDfCFsSnuH0mGCJpoMBXwEsxWij2JiO4XFkm1lT4txqv9N0PROsspN +EBOo/mcacfywBYnNjchZf61TTwh7OjHTB8iKXQAEipgpdhADbEJM1SJayU/Nr5bg +0xvJuIWIq+YOfAIjAugMgTb1UciWGSGsIZ8nUPHE1QKBgQD164N+Ytk52c/ELMQq +ZGq9D20DR/LGljsdi8/Rh0vmzRxGqAaWgCHauQL1tV0Y7a9C+lL198wnLgOddvpv +dBKwR4Aaq/Exu1ztUymdOqijbU0VpoFIlcqsifo7SptsFdXV5YJ+gQvUkCdiILrN +vmay/tx+s3UlZyN+IpXRzCtNXQKBgQDZxDFx5+iiREqm1mM2wbisfzRula5Vyw3w +WelzEnh7tp7I+laNZI+51RRsLaXt19tvHRPIThPm4/21Eb0wpaSl9D/4MyPmobOU +anwEvTFJRsOHb1EkYElgDXZLvcaLeXs/Oq9of9RvTwfQv2JtXuSBzBQ3t70BU9nO +GFnOWty/AwKBgCiDtXUj+d+zB6ytJ2BIjOE64l3RA6k95N1YRFOjs5iBoC/vzK4M +zAcJxfgO+hh6SA6DyRkmyuaFiSjvChFEkTOjg/Jg82qbEJM0yT1TBadvAW0YsmHv +86T7UlNkVji3XDRSDG6k+fr6CNL8y2nL/YVtwYvKKvmPhWRpdD9NILEtAoGBAKDL +LBNGQNDoChMsw+9flUPRXV62KRbyKuWpDiZIoiv/CTmvFw+qDDIUMtM51YZMV5uw +5bWGaU2YVPJJGd/8vxlGw6E56a1XAql5Av/gzq6jkKbFPC3W5vcEma+NfjfoSGfE +plZL5QkXWtb5Ke1GHwX0MY1+nxGG35E9C7rB/rMPAoGAQeFWYCNOxuS5ypjeiCjC +3sDjolx2PbZKbuvLCbZk8tNEW8yjY88fA0edpzJEaLkaKTusc/5x4BC0LrtvtCDF +XXBBpygFwP6+jbsQBa4ugY5p5LmSVNi0F2ZqqH897/ifTsTnos26muHu4635Vl6p +jkkDefNM1du7tbdwSeGbtQk= +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-kbn-proxy.pem b/xpack-fleet-example/certs/fleet-kbn-proxy.pem new file mode 100644 index 0000000..9c8419e --- /dev/null +++ b/xpack-fleet-example/certs/fleet-kbn-proxy.pem @@ -0,0 +1,57 @@ +-----BEGIN CERTIFICATE----- +MIIE7zCCAtegAwIBAgIUEXK4TshKPU+xCwDXGyHsG668Na0wDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjIwMTM1NDM3WhcNMzQxMjE4MTM1NDM3WjBmMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPZmxlZXQta2JuLXByb3h5 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TEaRk51CQX7DG7pe5aN +WuHIMDHgKTAeltG8HnHqpNFxdtc32k8Nd+WuFIrqPFMLcIXQXf8IgmYsKS+aQ+tD +UraRssf6DkxX5G76aevWxlbbDLYbd6x2jePfCryRK/Ue8mWeacHYolDflWhtZTW+ +6F0lw8MrR2qLrL0dacHRy7qRRv6lamNct0H5fLgCMpLPiAYDoFtE8/eBxmI6a4sD +UyGYMWd1wKvYc0638IJBBWidMftNA0SY+tcMnVzDEjxmZCtBODQSMvFrXLIGe2fq +wgxGbaBpQxH58ACp7uuGI1No6Lr+5A/l7BZB36OmHx1e+5ZA6tlDdN05t40I4SZL +FwIDAQABo4GWMIGTMCUGA1UdEQQeMByCD2ZsZWV0LWtibi1wcm94eYIJbG9jYWxo +b3N0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjALBgNVHQ8EBAMCA6gw +HQYDVR0OBBYEFDZaFzs403B8qgD4+VCCKejDlz+yMB8GA1UdIwQYMBaAFFJ1rjnF +nmU+fRylKMkgp8GYVwvIMA0GCSqGSIb3DQEBCwUAA4ICAQCc0Eer/OWa3anWc8b5 +0sWpv/1yrAW+Jul4nwYb2WeMbbpLytKxAZYD7L8VwIOG0DbV7CTOrpmLlKJtcZnd +2ts+bjxxvreaEoVjrFer40Pec4XDH/wlATbu6PUUKRGS9gxj7POichj7isZQhXhl +tsc0k63Fh7hGmZ9hQ66tBE7At4ccv6kUTXW1QIDrdPDPCXBTAexxyQ8I9+U4fa7f +lvJ81ZWdlmZ9uRXfc/FC4PmhsA/y4ALIvE1uLvSIOgL1YPnTtFNQAPIV0/MiZ9RP +5Q7Y/ycP/DulPzFXPRgoDRNkFav1r3Na2wBOwHsR6/qAihAn3/rEzA554bb9aMhT +Ba+i0Tqi2BB7L9z/0G6ZXeP9QqO5Ycir53gnsJf/RY6MwpLxWsE50NWv7K3sUrgs +VhtlWaFWgsiSpvX5LkbTEAyIbzZ/SQshS2shZN5kL3lhM0npVPDu+VzFuMyIQTBQ +77F2eElxjOcUusZHrW47oapUSOK22DZJBs76qhSKMw+KeyQuBqq94nhOSzkrUdAX +lux2jpHVi40cxEMFm9jVdwgqTNLfBOKJTW+0kkX/9QdpFC1IAv8AaTvzAOwl+STL +djxKXVD5MLJZ9iGJZ00pfT3OwmSEIZlnzAtNcHo/U9+7kkQKqC0HdGWcFxfJECU3 +qcrptNONw3EYSjZnMw/FuGcHBw== +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDRMRpGTnUJBfsM +bul7lo1a4cgwMeApMB6W0bweceqk0XF21zfaTw135a4Uiuo8UwtwhdBd/wiCZiwp +L5pD60NStpGyx/oOTFfkbvpp69bGVtsMtht3rHaN498KvJEr9R7yZZ5pwdiiUN+V +aG1lNb7oXSXDwytHaousvR1pwdHLupFG/qVqY1y3Qfl8uAIyks+IBgOgW0Tz94HG +YjpriwNTIZgxZ3XAq9hzTrfwgkEFaJ0x+00DRJj61wydXMMSPGZkK0E4NBIy8Wtc +sgZ7Z+rCDEZtoGlDEfnwAKnu64YjU2jouv7kD+XsFkHfo6YfHV77lkDq2UN03Tm3 +jQjhJksXAgMBAAECggEAM2h/Pf7i6QxEtTn+e+Y0J7zrrtha75RJOCQjuFGjacyk +tyFNswMRWsEhZh/7T0bTPVxNKARYKX+FY7u0i/NhcI64QHi/fUsKoHMba/NOrSBE +JZwNJPxHiDgTJHbRsD1FVSle5DuEiuMYBwYKOECcgUr+0FyCosLOv20cMNS2Q3vM +a2rsLXFJgpnDfCFsSnuH0mGCJpoMBXwEsxWij2JiO4XFkm1lT4txqv9N0PROsspN +EBOo/mcacfywBYnNjchZf61TTwh7OjHTB8iKXQAEipgpdhADbEJM1SJayU/Nr5bg +0xvJuIWIq+YOfAIjAugMgTb1UciWGSGsIZ8nUPHE1QKBgQD164N+Ytk52c/ELMQq +ZGq9D20DR/LGljsdi8/Rh0vmzRxGqAaWgCHauQL1tV0Y7a9C+lL198wnLgOddvpv +dBKwR4Aaq/Exu1ztUymdOqijbU0VpoFIlcqsifo7SptsFdXV5YJ+gQvUkCdiILrN +vmay/tx+s3UlZyN+IpXRzCtNXQKBgQDZxDFx5+iiREqm1mM2wbisfzRula5Vyw3w +WelzEnh7tp7I+laNZI+51RRsLaXt19tvHRPIThPm4/21Eb0wpaSl9D/4MyPmobOU +anwEvTFJRsOHb1EkYElgDXZLvcaLeXs/Oq9of9RvTwfQv2JtXuSBzBQ3t70BU9nO +GFnOWty/AwKBgCiDtXUj+d+zB6ytJ2BIjOE64l3RA6k95N1YRFOjs5iBoC/vzK4M +zAcJxfgO+hh6SA6DyRkmyuaFiSjvChFEkTOjg/Jg82qbEJM0yT1TBadvAW0YsmHv +86T7UlNkVji3XDRSDG6k+fr6CNL8y2nL/YVtwYvKKvmPhWRpdD9NILEtAoGBAKDL +LBNGQNDoChMsw+9flUPRXV62KRbyKuWpDiZIoiv/CTmvFw+qDDIUMtM51YZMV5uw +5bWGaU2YVPJJGd/8vxlGw6E56a1XAql5Av/gzq6jkKbFPC3W5vcEma+NfjfoSGfE +plZL5QkXWtb5Ke1GHwX0MY1+nxGG35E9C7rB/rMPAoGAQeFWYCNOxuS5ypjeiCjC +3sDjolx2PbZKbuvLCbZk8tNEW8yjY88fA0edpzJEaLkaKTusc/5x4BC0LrtvtCDF +XXBBpygFwP6+jbsQBa4ugY5p5LmSVNi0F2ZqqH897/ifTsTnos26muHu4635Vl6p +jkkDefNM1du7tbdwSeGbtQk= +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-proxy.crt b/xpack-fleet-example/certs/fleet-proxy.crt new file mode 100644 index 0000000..acb5665 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-proxy.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE5zCCAs+gAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NaswDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjE5MTkzNTAwWhcNMzQxMjE3MTkzNTAwWjBiMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEUMBIGA1UEAwwLZmxlZXQtcHJveHkwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjQ+QO9ox6yy/kpAktizKX4uuf +yNlQ9i0EDOmPyom9WZIiCOKZYrrHduYyh1MM/fNsoEeQxndfDVkKOXhtdJ21WcGt +xCcn9NK+1ZnHT82oYrwgJhxhWC5NRBJMaYDzwrh8nbcceP9rIjZEPhPgukTahqHZ +9vrcjiwOLj1sfdqBA6tAbAharqJ7icvUiQECoI/JvBrsHfkAAwWUjtjE/eEi7sAh +9P3wth6ncx2WS0P4BdwIBIxBxgZOj/891p+99VV1XtJsnDbybvKVlBUG0SHaGAa2 +7FciEc4bx7saMcgxFuRLtuzZmY+tAK1jOmEb8H9PEdQealitaQvaEXNJjrZxAgMB +AAGjgZIwgY8wIQYDVR0RBBowGIILZmxlZXQtcHJveHmCCWxvY2FsaG9zdDAdBgNV +HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0GA1UdDgQW +BBRSMP6+lcJhvekN5Kevxh8SDl6DxzAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJ +IKfBmFcLyDANBgkqhkiG9w0BAQsFAAOCAgEAr7q8ADKiYJKJM6PacYSowC/EVZp5 +KI5NC2Nb8hagjUANyD+RTFB2gyHyeJ9qh2NELoHa26Uc6lvPfiO+BDaBhhorBTK+ +mRZQBu9o9Vr0ikW4Mu65Zv93XCjQHO2NNtZGJRuZDspzUmtZv3lm6Jif2pLfLnEt +ArHNaspQDkx7OvvXrujSmGiRDjtxRFPcn1KJ4X8kDMoiXvd+uRrjBANsKDG8xdZ8 +OLQ3CDcAiN3vHtzMBxEdBf5Fh9y6VbgAM2nmq6uUrw90lusou4SzH9tDS89N0j4T +YwbTyC+tCcRgmyxXe5+pm63uNXFLNdKZ9UubeIMv++i1FnsP5yuw/lcPpWK6/jhD +rjDExq5GaKyC4qjIEXc4J4WWnZjdELgdQ2rwC97ExAmtZqcdv9uNws5mXS4UHjA0 +3s8CbVacnuST3VM9AHa2YQkANbACKZwKvAiWjCUOrcUM3ZSPhJKqrWM37vxUNmLZ +zNp3dv/LbG3vL3zzt2hmk4pw7auoZNPp3ds4jblFj7LXkjIAnfSjyUwrz/l6kZ+y +2y7oQYTalezdMJsU7wj8P1x77CaKuxy2pFIeFJadqRSl1NuUUVGSzvMrBA2tYWQn +AtWiWEBx9ospQqTRYazqcRCqr0Bjk3FHfU7NDeC+lXK5TTFPHmaV1B5z4SnpGuvB +LpP/HH5ue9mct68= +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/fleet-proxy.csr b/xpack-fleet-example/certs/fleet-proxy.csr new file mode 100644 index 0000000..e04afc8 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-proxy.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpzCCAY8CAQAwYjELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0G +A1UEBwwGTG9uZG9uMQ4wDAYDVQQKDAVCZXNodTELMAkGA1UECwwCSVQxFDASBgNV +BAMMC2ZsZWV0LXByb3h5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +o0PkDvaMessv5KQJLYsyl+Lrn8jZUPYtBAzpj8qJvVmSIgjimWK6x3bmModTDP3z +bKBHkMZ3Xw1ZCjl4bXSdtVnBrcQnJ/TSvtWZx0/NqGK8ICYcYVguTUQSTGmA88K4 +fJ23HHj/ayI2RD4T4LpE2oah2fb63I4sDi49bH3agQOrQGwIWq6ie4nL1IkBAqCP +ybwa7B35AAMFlI7YxP3hIu7AIfT98LYep3MdlktD+AXcCASMQcYGTo//PdafvfVV +dV7SbJw28m7ylZQVBtEh2hgGtuxXIhHOG8e7GjHIMRbkS7bs2ZmPrQCtYzphG/B/ +TxHUHmpYrWkL2hFzSY62cQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAB88UtV9 +1AD87PcmdBjWUVwYsSR+S8OXPQ/CMvhI3vI27O/Fp/fmSR8WGFvUhfq7OtTW3DZh +gXbQZo+vVxobJNTNTZwn+Y5as82xOshhOwLgfycheNkkwvZ88DfwqQT4CKK/8uNk +Juq4IWDsBxGiIQ2lRnW0tff1/A7gBYEFFEtLXYvVYNVAqpDCFmW43eDb9NC6pBE3 +pJUTmh0rhbL8xsX9kK/y6iTifq/LyM84WnzDH20Qe1YyLQPgOMY7d4jKer0ro8Rf +H5EtDn5MX1VBgcGMEf0mxiDYxtw50mre/uSAn747AeoCmDoQ/1rgi3JVzt0s1hdN +Om8848yHbOOPau8= +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/fleet-proxy.key b/xpack-fleet-example/certs/fleet-proxy.key new file mode 100644 index 0000000..9e8c6fe --- /dev/null +++ b/xpack-fleet-example/certs/fleet-proxy.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCjQ+QO9ox6yy/k +pAktizKX4uufyNlQ9i0EDOmPyom9WZIiCOKZYrrHduYyh1MM/fNsoEeQxndfDVkK +OXhtdJ21WcGtxCcn9NK+1ZnHT82oYrwgJhxhWC5NRBJMaYDzwrh8nbcceP9rIjZE +PhPgukTahqHZ9vrcjiwOLj1sfdqBA6tAbAharqJ7icvUiQECoI/JvBrsHfkAAwWU +jtjE/eEi7sAh9P3wth6ncx2WS0P4BdwIBIxBxgZOj/891p+99VV1XtJsnDbybvKV +lBUG0SHaGAa27FciEc4bx7saMcgxFuRLtuzZmY+tAK1jOmEb8H9PEdQealitaQva +EXNJjrZxAgMBAAECggEAL3UKk7bi+saZM1LjQBPYLwJND3MoiDomt6ixM5TiGOIy +ciY3B/ME6/oJy+I+J+ahnY+xfcnS5RRSL4CpGtftB8wBWmtMHncx0zrvqlnuI+Yf +XRD26uzg+KCy2PdJ/pE5Yy/NDD+3rwKQ16Fb0dUTMpoz7dG29el1sOGMBT9IBnv9 +KrX5JCbFKJEK78AweMf53s+xT3TIg9yJoIf9zjkWLaDTFtRDcpciCvvhy819xGFZ +EVyRCxcgLOyE0qehRNYze+ycNFmle4RiejJktAUoYDIS00tCcSZm8R7AYW7m93pB +bBflKhcgu9T9Gi68qfMyEYqqXbjXrX0GvaUQTFGYCQKBgQDgaygPZb1V7L8ke4Ri +yjOHm/ORMx5awMUa0IG91WSmY2ra82b3m/nxWYy3Vyzrl3QOq5B8bVpGqvZnB6Ga +AcBhy79/CVU919s5M+/BAv73rjUjf6lxATvNrLAtazhAvhDGT4ItNaCtQ5UDJieC +JI0/fxp8FMl05ny0mmeehSQUUwKBgQC6PaOZ//104bQOn74Cl3Sn+g07qE6OI6b8 +Fj696bo6hgM6JMDmA4huUTvUawtnKT4P3w1Htf6II1y47oVidAzY+O8e6WTIELAv +w+Ql6npoPQArXHv9DGzb6j6xSuVP/2k54OG1skRDJ6FaGoM0NbdtOVbyAjid0A1C ++YSblQHxqwKBgAWw8f0h+WE6dcZ5E2xl8FSaEd02zKhEhzsc2o1z4e+OSeFvlsbk +v7vtJ3Jm1Y7L8neExk9Bfq6YG1OVj/WV4ckZH6wbEnxVAww6UvQ0HT8uvc4+qI9j +Fp8qp/Ue6PhLWaWN0qFO4NpEAn1n9EyKnMJleMh4xnsedT8nQ0Vz3uxdAoGANGki +QDVdE2Zs8Gyd4UbUCm2BCdfce32nAWwVLga3ZL7P663qJxC5dSohJy8Un2xozbic +mSCrR46ECnr9SG6WKv0q9c0Ckpa3rkl3TABHgEwiXxGAxv6XJ/AswmHsVG3xI9uY +STSopylg6+VoJOo0+2TWhfaADlE9Wiqz2cC+Mk8CgYB1Km7Y5hK3A7+uycXXrDd7 +lkQ/Fmr/QofVrDOTlgOaicmpsz9ctiqjb9sQ7LAb12IX0gmNqCCA4C7MSw6GmneK +zHVf/BnwTwpVMbP/ITBMKyU9o73EH76Cb8e7+zIFRJJoIzcqyaHTCxTQ26ASKk5g +a5vog0aO2j/eXh+PybIhZw== +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-proxy.pem b/xpack-fleet-example/certs/fleet-proxy.pem new file mode 100644 index 0000000..7288a51 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-proxy.pem @@ -0,0 +1,57 @@ +-----BEGIN CERTIFICATE----- +MIIE5zCCAs+gAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NaswDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjE5MTkzNTAwWhcNMzQxMjE3MTkzNTAwWjBiMQswCQYD +VQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNV +BAoMBUJlc2h1MQswCQYDVQQLDAJJVDEUMBIGA1UEAwwLZmxlZXQtcHJveHkwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjQ+QO9ox6yy/kpAktizKX4uuf +yNlQ9i0EDOmPyom9WZIiCOKZYrrHduYyh1MM/fNsoEeQxndfDVkKOXhtdJ21WcGt +xCcn9NK+1ZnHT82oYrwgJhxhWC5NRBJMaYDzwrh8nbcceP9rIjZEPhPgukTahqHZ +9vrcjiwOLj1sfdqBA6tAbAharqJ7icvUiQECoI/JvBrsHfkAAwWUjtjE/eEi7sAh +9P3wth6ncx2WS0P4BdwIBIxBxgZOj/891p+99VV1XtJsnDbybvKVlBUG0SHaGAa2 +7FciEc4bx7saMcgxFuRLtuzZmY+tAK1jOmEb8H9PEdQealitaQvaEXNJjrZxAgMB +AAGjgZIwgY8wIQYDVR0RBBowGIILZmxlZXQtcHJveHmCCWxvY2FsaG9zdDAdBgNV +HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0GA1UdDgQW +BBRSMP6+lcJhvekN5Kevxh8SDl6DxzAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJ +IKfBmFcLyDANBgkqhkiG9w0BAQsFAAOCAgEAr7q8ADKiYJKJM6PacYSowC/EVZp5 +KI5NC2Nb8hagjUANyD+RTFB2gyHyeJ9qh2NELoHa26Uc6lvPfiO+BDaBhhorBTK+ +mRZQBu9o9Vr0ikW4Mu65Zv93XCjQHO2NNtZGJRuZDspzUmtZv3lm6Jif2pLfLnEt +ArHNaspQDkx7OvvXrujSmGiRDjtxRFPcn1KJ4X8kDMoiXvd+uRrjBANsKDG8xdZ8 +OLQ3CDcAiN3vHtzMBxEdBf5Fh9y6VbgAM2nmq6uUrw90lusou4SzH9tDS89N0j4T +YwbTyC+tCcRgmyxXe5+pm63uNXFLNdKZ9UubeIMv++i1FnsP5yuw/lcPpWK6/jhD +rjDExq5GaKyC4qjIEXc4J4WWnZjdELgdQ2rwC97ExAmtZqcdv9uNws5mXS4UHjA0 +3s8CbVacnuST3VM9AHa2YQkANbACKZwKvAiWjCUOrcUM3ZSPhJKqrWM37vxUNmLZ +zNp3dv/LbG3vL3zzt2hmk4pw7auoZNPp3ds4jblFj7LXkjIAnfSjyUwrz/l6kZ+y +2y7oQYTalezdMJsU7wj8P1x77CaKuxy2pFIeFJadqRSl1NuUUVGSzvMrBA2tYWQn +AtWiWEBx9ospQqTRYazqcRCqr0Bjk3FHfU7NDeC+lXK5TTFPHmaV1B5z4SnpGuvB +LpP/HH5ue9mct68= +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCjQ+QO9ox6yy/k +pAktizKX4uufyNlQ9i0EDOmPyom9WZIiCOKZYrrHduYyh1MM/fNsoEeQxndfDVkK +OXhtdJ21WcGtxCcn9NK+1ZnHT82oYrwgJhxhWC5NRBJMaYDzwrh8nbcceP9rIjZE +PhPgukTahqHZ9vrcjiwOLj1sfdqBA6tAbAharqJ7icvUiQECoI/JvBrsHfkAAwWU +jtjE/eEi7sAh9P3wth6ncx2WS0P4BdwIBIxBxgZOj/891p+99VV1XtJsnDbybvKV +lBUG0SHaGAa27FciEc4bx7saMcgxFuRLtuzZmY+tAK1jOmEb8H9PEdQealitaQva +EXNJjrZxAgMBAAECggEAL3UKk7bi+saZM1LjQBPYLwJND3MoiDomt6ixM5TiGOIy +ciY3B/ME6/oJy+I+J+ahnY+xfcnS5RRSL4CpGtftB8wBWmtMHncx0zrvqlnuI+Yf +XRD26uzg+KCy2PdJ/pE5Yy/NDD+3rwKQ16Fb0dUTMpoz7dG29el1sOGMBT9IBnv9 +KrX5JCbFKJEK78AweMf53s+xT3TIg9yJoIf9zjkWLaDTFtRDcpciCvvhy819xGFZ +EVyRCxcgLOyE0qehRNYze+ycNFmle4RiejJktAUoYDIS00tCcSZm8R7AYW7m93pB +bBflKhcgu9T9Gi68qfMyEYqqXbjXrX0GvaUQTFGYCQKBgQDgaygPZb1V7L8ke4Ri +yjOHm/ORMx5awMUa0IG91WSmY2ra82b3m/nxWYy3Vyzrl3QOq5B8bVpGqvZnB6Ga +AcBhy79/CVU919s5M+/BAv73rjUjf6lxATvNrLAtazhAvhDGT4ItNaCtQ5UDJieC +JI0/fxp8FMl05ny0mmeehSQUUwKBgQC6PaOZ//104bQOn74Cl3Sn+g07qE6OI6b8 +Fj696bo6hgM6JMDmA4huUTvUawtnKT4P3w1Htf6II1y47oVidAzY+O8e6WTIELAv +w+Ql6npoPQArXHv9DGzb6j6xSuVP/2k54OG1skRDJ6FaGoM0NbdtOVbyAjid0A1C ++YSblQHxqwKBgAWw8f0h+WE6dcZ5E2xl8FSaEd02zKhEhzsc2o1z4e+OSeFvlsbk +v7vtJ3Jm1Y7L8neExk9Bfq6YG1OVj/WV4ckZH6wbEnxVAww6UvQ0HT8uvc4+qI9j +Fp8qp/Ue6PhLWaWN0qFO4NpEAn1n9EyKnMJleMh4xnsedT8nQ0Vz3uxdAoGANGki +QDVdE2Zs8Gyd4UbUCm2BCdfce32nAWwVLga3ZL7P663qJxC5dSohJy8Un2xozbic +mSCrR46ECnr9SG6WKv0q9c0Ckpa3rkl3TABHgEwiXxGAxv6XJ/AswmHsVG3xI9uY +STSopylg6+VoJOo0+2TWhfaADlE9Wiqz2cC+Mk8CgYB1Km7Y5hK3A7+uycXXrDd7 +lkQ/Fmr/QofVrDOTlgOaicmpsz9ctiqjb9sQ7LAb12IX0gmNqCCA4C7MSw6GmneK +zHVf/BnwTwpVMbP/ITBMKyU9o73EH76Cb8e7+zIFRJJoIzcqyaHTCxTQ26ASKk5g +a5vog0aO2j/eXh+PybIhZw== +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/fleet-server.crt b/xpack-fleet-example/certs/fleet-server.crt new file mode 100644 index 0000000..c4d80de --- /dev/null +++ b/xpack-fleet-example/certs/fleet-server.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE7TCCAtWgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NagwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAyMzE4WhcNMzQxMTI5MTAyMzE4WjBnMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxFTATBgNVBAMMDGZsZWV0LXNlcnZl +cjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJNv3e+7HtPg6ShWuFz4 +f8K70VjWTKLgwuXW3VO4VbIg2+x5pMT29dwfeyMwwP7ZCQrGxoyR65JHH+mnGygP +/axxxpkduxSMqTdQrRdUQ30gXTWbmhf33mOLQ5sMBYUVmaXy6V7eNsFHDlD5WuN/ +6ro/MC2eyg7g9eAuFMKPmnaEWMBYGPY/iXGWC5O+r3JyyzGaVAfWzSJdMyJ/WmqO +2heBt5p8z2eUqM7uNorl7nKq4L2p4fczOYvjbiw94vwWd3n7OpKL85Y4Bs3PaHoG +bJWf3kjXnrREh7iOHzk4wMzb1URxuasWIau3vT6V7IwrFgLUdiaAkBOsAbgV5ib3 +DA0CAwEAAaOBkzCBkDAiBgNVHREEGzAZggxmbGVldC1zZXJ2ZXKCCWxvY2FsaG9z +dDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0G +A1UdDgQWBBTxU9yWEFMble7G8EPxm38YfdPd7jAfBgNVHSMEGDAWgBRSda45xZ5l +Pn0cpSjJIKfBmFcLyDANBgkqhkiG9w0BAQsFAAOCAgEAfIHR6rIuVpTeQRwB3ry/ +TUjZ8hSQ/3NnDOTrOOCW0kkkJm1VVFgk6SSXXdFG1f3OFNESikKQscl9Oh4G3eUJ +Cek8l8haDoPmDnuYrwBj3nOB9OJfLKfaKQY44YKd6VRYC8QFewMlH9wwh7xzfiQc +Bh5Gm3QNIc1kOwVy12EIPFH7AE4z4yQA3PyHZvSIFXn7y7e/TCcRK7Q1d6hQMtXP +KQEA0fHADnGK4SWfJwOD+kx6S3HQHV995i14PyITs0N29ZYwC/y3DRP98Wbw7gzA +RUBld6WzNAXTjNqRiQq6hHdvzn3Cdqgi1NnPs0jSqIGFs9Wjyj/EzAHMj0MzxXTK +kN7Dakx6uZ0zxHaK2d7A7P1LpCSioQ9S1erVRt6UBi0ybCm9OAsRcuanVDj25lc2 +z5qGla24aIHn3Op3JDaSOD/hZoanLK2P+EFS564dWDnK8lyjQnPlEMXRKnWHepgD +IhnmoOvBiKA8xkaIAqSAUtFpgFNa8ndLPTPDfyzd93XHwEesXhLO1Yc/enOJW+GX +L31rTxQ42U4y/LkDD6DAOHBK341rrY57NlZwqAWKPzyKZ3XCoeWOmoVoXGJLWC4b +pEnGGJ2Q/F82dYnnED0Nt9rzefQrMo2fq75gNcodKI3m8m8fBaGEZ/9bTZDqvL3H +95xkHgpW2k9aqdCI9MMsOUY= +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/fleet-server.csr b/xpack-fleet-example/certs/fleet-server.csr new file mode 100644 index 0000000..7fafc19 --- /dev/null +++ b/xpack-fleet-example/certs/fleet-server.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0G +A1UEBwwGTGlzYm9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRUw +EwYDVQQDDAxmbGVldC1zZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCTb93vux7T4OkoVrhc+H/Cu9FY1kyi4MLl1t1TuFWyINvseaTE9vXcH3sj +MMD+2QkKxsaMkeuSRx/ppxsoD/2sccaZHbsUjKk3UK0XVEN9IF01m5oX995ji0Ob +DAWFFZml8ule3jbBRw5Q+Vrjf+q6PzAtnsoO4PXgLhTCj5p2hFjAWBj2P4lxlguT +vq9ycssxmlQH1s0iXTMif1pqjtoXgbeafM9nlKjO7jaK5e5yquC9qeH3MzmL424s +PeL8Fnd5+zqSi/OWOAbNz2h6BmyVn95I1560RIe4jh85OMDM29VEcbmrFiGrt70+ +leyMKxYC1HYmgJATrAG4FeYm9wwNAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA +JPDMBYTL4IFPz4k9rRF58LtK+af9SUrjdMKPv5wHWpsZbvmBlD5ghZ5yg9lPMszr +XNjLo70C9dLoZ7/nkpOoWoKYSRW1T+Zv3IuG9MhtUvs45IZ/8VXllm8awFBpasFA +QQQrW/VxtZ4ZysI7Nw6l8kafZCJLlqzT1hNWFaMPfsN8SbjV8Nws7SkKT0BCF7Ds +mAYkWcOIJava805xEnZ2cqS96EFq9wFharNFdDl3AZoXi3yufrTnUfl8hW5QNTkk +GgHHCco6wxBVGoeJO9Ngu/ZfMOnbsVRp8S3C0nwbGWjfUetudBNy+UMGyHcjIazP +JlxfO+2WQqE4pCB+vNusvg== +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/fleet-server.key b/xpack-fleet-example/certs/fleet-server.key new file mode 100644 index 0000000..ae2b71a --- /dev/null +++ b/xpack-fleet-example/certs/fleet-server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEuAIBADANBgkqhkiG9w0BAQEFAASCBKIwggSeAgEAAoIBAQCTb93vux7T4Oko +Vrhc+H/Cu9FY1kyi4MLl1t1TuFWyINvseaTE9vXcH3sjMMD+2QkKxsaMkeuSRx/p +pxsoD/2sccaZHbsUjKk3UK0XVEN9IF01m5oX995ji0ObDAWFFZml8ule3jbBRw5Q ++Vrjf+q6PzAtnsoO4PXgLhTCj5p2hFjAWBj2P4lxlguTvq9ycssxmlQH1s0iXTMi +f1pqjtoXgbeafM9nlKjO7jaK5e5yquC9qeH3MzmL424sPeL8Fnd5+zqSi/OWOAbN +z2h6BmyVn95I1560RIe4jh85OMDM29VEcbmrFiGrt70+leyMKxYC1HYmgJATrAG4 +FeYm9wwNAgMBAAECgf8DArJw1QQcOzTf40Jdcz/m7mHTBBCZMZ+Cr0dB89zicpCR +Iqxv4uNuf+HSj5bKQ/ddCE7UETCuB1Dwmrnpfd0yTM3M/ok+LBZC9mlceHII4mLD +l5BBQYE3EwpFE246cHUBXRBqoSTtrN2wOIEOmmhWjuMX5fiNF+wYJLUPJtt3f9VR +5t+XtrRJOBCfYB9DZexiIofui5Bc219mC8vbsb1FTB9QExBBY1kSyjhAzDGNu7mx +KaOLUrNUuwf2MUFdQVqtDNtVg7uwX10PwhfK526lHqjnH6OnbschC/3NlZ+ymDqz +p0i7KV5T7WGnjfUcpMKUlnQlfmCfG9h5wPikNhECgYEAwudGsSh3omix5A12g6Wa +gBCFp9vAK1669e6U9lXiN0agYfJ1sKV8FN9Ym9lnqGHY7YcKsHL4cVDkxpBGoPMx +yxJ4eGv1FdD0FmqjLq+xuOoJfA+kYcCpmyONg3RncMkWUdY8Rr/2YiYyiK3NImOS +HIalkHbVouMOjlUyV+xaXAcCgYEAwad52bIXVuhukQ4qzl+ED5+RgvanlCPCCf9T +kS8eLuHly4oEn+2XeQj+bdQ+HtXxRZQrpDGru1ZVPdO8j/ztxH3KiRgcnv/ALSJm +3v3fWGHSAoycgNMdAISDgkm1Gi0r0iHnABKbQUwE79ecYCVVOUIMaY3sSS595xeX +XtsXuksCgYBBpx5M9tC1yIaDx3Uwi0wr72TWUlO9SD+6MA/FmtCEximoVMAILPZL +IaD7fpRISA2GlYKoRVIi+ZjWuirQdJtFSIeEKPl5y9Us5+boBw7atxtSywIYW4nG +VIeKzF87wsDd+Eh9nJQmI6/KEqGS/+9r5H9I1n7IS6vPjitTKq6VaQKBgCUByDtd +2S/2gwqdVnjRr/78U2ZflG6u1qnqbSHVi0MSUEOxQGj/km7C1TxPzv89iznsstpR +06udN/T0vZgWkal3EHlabj3ESglWBaqfgUr2hpeOH2pO7b/nkuoXA9DYyQMDD43o +AFteF6Nt5KhK+hpTEOQrBviFNfIvg/HQlJw5An827nC8osm5QMTVzvLDHDF91181 +58om1+L5k5DHkGmRr2ewAiYKdKlS7GmZVrKbsFbn3oOYGFQKA3yMQbzupOqSSl3N +rk+uMFvoNxtiWGLWUlrNwPXVXYhJw1/w8f7FDJi88I1YoxCNgMzyifabEozJkYtc +T7sw9f/q9SXbJ9jW +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/kibana.crt b/xpack-fleet-example/certs/kibana.crt new file mode 100644 index 0000000..51478c1 --- /dev/null +++ b/xpack-fleet-example/certs/kibana.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE4TCCAsmgAwIBAgIUEXK4TshKPU+xCwDXGyHsG668NacwDQYJKoZIhvcNAQEL +BQAwZDELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0GA1UEBwwGTGlz +Ym9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlt +YXJpb25ldGUwHhcNMjQxMjAxMTAyMjEyWhcNMzQxMTI5MTAyMjEyWjBhMQswCQYD +VQQGEwJQVDEPMA0GA1UECAwGTGlzYm9uMQ8wDQYDVQQHDAZMaXNib24xEjAQBgNV +BAoMCU1hcmlvbmV0ZTELMAkGA1UECwwCSVQxDzANBgNVBAMMBmtpYmFuYTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqDU9XG+zhLp4AjP4dNNsrXoX0e +Me7i53bLbLa6GtD1bXeHG4x6MXQeOSJbRQIShf5d6rhF8lTVyd8TWLaKLNjU3Kfy +Rou05GjWfVfXUCgAazLfTiwuGfzV0/rk/vg6JbVNEbgSidzfD+HUI/F7+Qep9jxL +JMaIiJaAi1mRSI0v0CM4a8WGz8vK1Xnc5RfgA8zoMZEQQtW2nFWZ2xk4hIz7/dx7 ++oAUJXeMZkmhPYxzd7EWH2RYo9os9L6qoHbGuCc06Omke2cpK3Ww2/zgxWZVlrQe +mgUFNsMUPhJw8rTQ0YqWS8TdhF5GZqZEwwCvhgcfEKbhVkVzOXAxNOu/TS0CAwEA +AaOBjTCBijAcBgNVHREEFTATggZraWJhbmGCCWxvY2FsaG9zdDAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBTvgvO5 +HxrsRvGd8XNnD7wePFqu/TAfBgNVHSMEGDAWgBRSda45xZ5lPn0cpSjJIKfBmFcL +yDANBgkqhkiG9w0BAQsFAAOCAgEAfPgV7710k/uAXpnbsfApL/2FBWQstnM9le9b +bp5azngYAEAItbhDmZInoERe0AEWpynaLgV+2wg2ZAki1E+TE49sywtbxZtbs0Pf +uyjX/M3JbFFeSjAxhaKGTO1gmLG1nxZMVRegSeE9kxf7WWgDR69cBSF2w7ZXUaep +/+xTNo6rj5c3m+euAIH+wvxalCPN2OFIpoq6LmWqLyQ2GtBnLuNN9u4hGuGKscca +o+2eC6Gnh159f3FXKxUFD+ICFY6AncvryBI2B3bgy3x1M/HW8G7iHJF47RVbQa+y +Cy1IXm1U6PrdxjOJcY03CUjxRbsMreCCVHMoeij3NbZMU3FxZi2kZ6TvqkxSK5xb +nYc7kcObLCCMJMnpekIlNxENPvvx4cXBfOJhGPVVFIBNt5D3AMrVb9+TSox8zHwt +GGmtqTYvQVDfO2xkp145AskES9Z5UEW00syPzVLVZ0V+KBtCDEMq9Sw1viyUB9w4 +PvAEUR6H6ZU8BmSbWbeAP2LcIweYV13A8oJIYcNUJh62ZzTTsojzTPUrF2JozxDG +Ep9pCJiH8XF1Gea8nXdcGv4sGbm+JFlnXienjxuyY5+SpH2wD0MKGFX80QoEhtFY +JoOfMm9puhSSqWkCwgeKGunvoRKSVpYP+8d0c9lBQR9hx2JkUKClxOVK0PN1wI0O +sGfWbXY= +-----END CERTIFICATE----- diff --git a/xpack-fleet-example/certs/kibana.csr b/xpack-fleet-example/certs/kibana.csr new file mode 100644 index 0000000..8c9126f --- /dev/null +++ b/xpack-fleet-example/certs/kibana.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpjCCAY4CAQAwYTELMAkGA1UEBhMCUFQxDzANBgNVBAgMBkxpc2JvbjEPMA0G +A1UEBwwGTGlzYm9uMRIwEAYDVQQKDAlNYXJpb25ldGUxCzAJBgNVBAsMAklUMQ8w +DQYDVQQDDAZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6 +g1PVxvs4S6eAIz+HTTbK16F9HjHu4ud2y2y2uhrQ9W13hxuMejF0HjkiW0UCEoX+ +Xeq4RfJU1cnfE1i2iizY1Nyn8kaLtORo1n1X11AoAGsy304sLhn81dP65P74OiW1 +TRG4Eonc3w/h1CPxe/kHqfY8SyTGiIiWgItZkUiNL9AjOGvFhs/LytV53OUX4APM +6DGREELVtpxVmdsZOISM+/3ce/qAFCV3jGZJoT2Mc3exFh9kWKPaLPS+qqB2xrgn +NOjppHtnKSt1sNv84MVmVZa0HpoFBTbDFD4ScPK00NGKlkvE3YReRmamRMMAr4YH +HxCm4VZFczlwMTTrv00tAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAs1SVsYUE +38e0JQT+kO2rV5jiqObBFhDAmiv7Pcj0POD+yM4NHK9rffGFJq+skgjMKvmbFg1s +KGztYPFwsr/9VnYtQbvB87iEpX4v9bUy3/JvoII0Uq4CTxGk2DKFr8XTAPy32j+y +huMDIM6n38oFKP7inARVWmHfyrbnZVQJJmLukKSDg3PMgo4VwfKhccetauGxNSoI +btr8KgvJ/zonMfcfRK9sTzeK9HCeHgW3meRU2/Uc1cuYGPeubri3CHcsU1FOjVz5 +f2CV2/il/fYd2e+FDlyBb2ozZe189lqCb1R6fJRFzadtSHnSAYpcj1ctnXIweLr5 +xOHUyXQKFlLTYQ== +-----END CERTIFICATE REQUEST----- diff --git a/xpack-fleet-example/certs/kibana.key b/xpack-fleet-example/certs/kibana.key new file mode 100644 index 0000000..02baeda --- /dev/null +++ b/xpack-fleet-example/certs/kibana.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6g1PVxvs4S6eA +Iz+HTTbK16F9HjHu4ud2y2y2uhrQ9W13hxuMejF0HjkiW0UCEoX+Xeq4RfJU1cnf +E1i2iizY1Nyn8kaLtORo1n1X11AoAGsy304sLhn81dP65P74OiW1TRG4Eonc3w/h +1CPxe/kHqfY8SyTGiIiWgItZkUiNL9AjOGvFhs/LytV53OUX4APM6DGREELVtpxV +mdsZOISM+/3ce/qAFCV3jGZJoT2Mc3exFh9kWKPaLPS+qqB2xrgnNOjppHtnKSt1 +sNv84MVmVZa0HpoFBTbDFD4ScPK00NGKlkvE3YReRmamRMMAr4YHHxCm4VZFczlw +MTTrv00tAgMBAAECggEAESymI92IhQjMYft87lXRGZENDQMiiHOK6lC1kEbnUL4E +yDif9AnNc3qT+sKqQlRX09Ismq7QL3knN1wl81saYZYKQonH7rXnwXKcxKGuPxy4 +wky3O1C8cmBzPltnUg6yqbTw0IEegkDlCr+41pP6nLbNFoS53HE2mJs6GbOL2Xo4 +rzImowG4BEBwu4O+xbaku/FUHSJBHD6r7VtCJr3qoSeMkJgxkX5KahwWzYS9LTsU +9D+lzKmREFsAgZnaCc4HXx7pSKThd7VBB3BqMwfh2zP8xscNI9MB262tiNihk8To +XTQJPJSzHII0cz8YV+jQO3FYyDduSVloAz80xY8iOQKBgQD95a61kA90yJ6a/EjT +ng641kx6xuABuqknLU2bdb8hh1m9P6X4zFWFBNDQxLqIAdkhjNspkRlnGEHyBIXm +/ogiewqJSTZjWN0MDTeqMsiUuelYW8ZMp9zSOk/hePUbH0y+AhACB2TH6yS7R9vR +SCYshRZLOZi6o1ljGEd4RTpSJQKBgQC8DsaagwoDs17AphdkNYixCP6+T33M1G5O +3FXQbpU7JK2qOWPl3bR4iMUyNQKXuIM6/Rpuku6QcmA5xkrgUhg1GEYkYijhIKVI +Ei5QynZTuxi09tDYTEHj/aVagmDlvwv0pWgpPZ4UY+OT08QB9RCKDvmALrxHerRy +RsQDZbxsaQKBgQCgleQhrCNKfxVp+4Voa0DugYRP53eJQHF6ePnsCNZBs6T7wMUO +DtdMUdZtJPDB00FtKfT4XnDNtxcGpvu2NWkPPflVCbxfq7XryHRbrtEU2F2RaEKM ++2L8iKs7ddC5PdvBFfbgAaMpmz1ZQsLypIqYf/iwzZYe/fAscA/MLyULDQKBgQCu +73/IE8WpE548z0RLL5FsPdXa6s83TxUdvtEFBxlC3ye9hY1sMwTCa1glEDLNOBK7 +ON7xpTTOodbpZ5AXg8aI/X+iML2eTmPx2xfCh9Pyp8Sf8kjsLGPO1hCPVWEV1tYk +SgnO80at6Q22YfOfbnxoMO3fU5pJU9evxixojKbuoQKBgHJB9Lt6833zNbCoJ9hT +Nx8kmGvCJSeq5Wbe5ZyI89MkkmAKg6CzRBnb/grubpHD/v5tSN/548pYJm6vgJRt +RqIHkX+F/UNC4k5akUzYZUCBQva2YQUNlZeX6fRhfN2z3gUX4tZzEkadKwy5+oEG +7FBjTY7N5U9FLNBPD4Bu2o04 +-----END PRIVATE KEY----- diff --git a/xpack-fleet-example/certs/showbody.py b/xpack-fleet-example/certs/showbody.py new file mode 100644 index 0000000..3eb95d1 --- /dev/null +++ b/xpack-fleet-example/certs/showbody.py @@ -0,0 +1,13 @@ +from mitmproxy import http + +def request(flow: http.HTTPFlow) -> None: + print("-----------------------------------------------------") + print("Request URL:", flow.request.url) + print("Request Headers:", flow.request.headers) + print("Request Body:", flow.request.get_text()) + +def response(flow: http.HTTPFlow) -> None: + print("Response Status Code:", flow.response.status_code) + print("Response Headers:", flow.response.headers) + print("Response Body:", flow.response.get_text()) + print("-----------------------------------------------------") \ No newline at end of file diff --git a/xpack-fleet-example/clean.sh b/xpack-fleet-example/clean.sh new file mode 100755 index 0000000..0bd6bbe --- /dev/null +++ b/xpack-fleet-example/clean.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +docker compose down -v \ No newline at end of file diff --git a/xpack-fleet-example/docker-compose.yml b/xpack-fleet-example/docker-compose.yml new file mode 100644 index 0000000..9c3e2e6 --- /dev/null +++ b/xpack-fleet-example/docker-compose.yml @@ -0,0 +1,197 @@ +services: + + elasticsearch: + image: docker.elastic.co/elasticsearch/elasticsearch:8.12.2 + hostname: elasticsearch + user: "1000" + volumes: + - ./certs:/usr/share/elasticsearch/config/certs:z + ports: + - 19200:9200 + - 15000:5000 + environment: + - node.name=elasticsearch + - cluster.name=fleet-elasticsearch + - ELASTIC_PASSWORD=elastic + - bootstrap.memory_lock=false + - discovery.type=single-node + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5000" + - xpack.security.enabled=true + - xpack.security.http.ssl.enabled=true + - xpack.security.http.ssl.key=certs/elasticsearch.key + - xpack.security.http.ssl.certificate=certs/elasticsearch.crt + - xpack.security.http.ssl.certificate_authorities=certs/ca.crt + - xpack.security.http.ssl.verification_mode=certificate + - xpack.security.http.ssl.client_authentication=optional + - xpack.security.transport.ssl.enabled=true + - xpack.security.transport.ssl.key=certs/elasticsearch.key + - xpack.security.transport.ssl.certificate=certs/elasticsearch.crt + - xpack.security.transport.ssl.certificate_authorities=certs/ca.crt + - xpack.security.transport.ssl.verification_mode=certificate + - xpack.security.transport.ssl.client_authentication=optional + mem_limit: 2147483648 # ~ 2gb + healthcheck: + test: [ "CMD", "curl", "-f", "--cacert", "/usr/share/elasticsearch/config/certs/ca.crt", "-u", "elastic:elastic", "https://localhost:9200/_security/user/kibana_system/_password", "-XPOST", "-H", "Content-Type: application/json", "-d", "{\"password\": \"elastic\"}" ] + interval: 10s + timeout: 10s + retries: 120 + + es-proxy: + image: mitmproxy/mitmproxy + volumes: + - ./certs:/certs:z + ports: + - 18081:8080 + command: + mitmdump --mode reverse:https://elasticsearch:9200 --ssl-insecure --script /certs/showbody.py + depends_on: + - elasticsearch + + kibana: + depends_on: + elasticsearch: + condition: service_healthy + image: docker.elastic.co/kibana/kibana:8.12.2 + hostname: kibana + volumes: + - ./certs:/usr/share/kibana/config/certs:z + - ./kibana/kibana.yml:/usr/share/kibana/config/kibana.yml:Z + ports: + - 15601:5601 + environment: + - SERVER_NAME=kibana + - ELASTICSEARCH_HOSTS=https://es-proxy:8080 + # - ELASTICSEARCH_HOSTS=https://elasticsearch:9200 + - ELASTICSEARCH_USERNAME=kibana_system + - ELASTICSEARCH_PASSWORD=elastic + - ELASTICSEARCH_SSL_VERIFICATIONMODE=none + # - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca.crt + - SERVER_SSL_ENABLED=true + - SERVER_SSL_CERTIFICATE=config/certs/kibana.crt + - SERVER_SSL_KEY=config/certs/kibana.key + - SERVER_SSL_CERTIFICATEAUTHORITIES=config/certs/ca.crt + mem_limit: 2147483648 # ~ 2gb + healthcheck: + test: + [ + "CMD-SHELL", + "curl -I -s --cacert config/certs/ca.crt https://kibana:5601 | grep -q 'HTTP/1.1 302 Found'", + ] + interval: 10s + timeout: 10s + retries: 120 + + fleet-es-proxy: + image: mitmproxy/mitmproxy + volumes: + - ./certs:/certs:z + ports: + - 28081:8080 + command: + mitmdump --mode reverse:https://elasticsearch:9200 --certs /certs/fleet-es-proxy.pem --ssl-insecure --script /certs/showbody.py + depends_on: + - elasticsearch + + fleet-kbn-proxy: + image: mitmproxy/mitmproxy + volumes: + - ./certs:/certs:z + ports: + - 38081:8080 + command: + mitmdump --mode reverse:https://kibana:5601 --certs /certs/fleet-kbn-proxy.pem --ssl-insecure --script /certs/showbody.py + depends_on: + - kibana + + fleet-server: + depends_on: + kibana: + condition: service_healthy + elasticsearch: + condition: service_healthy + image: docker.elastic.co/beats/elastic-agent:8.12.2 + hostname: fleet-server + volumes: + - ./certs:/certs:z + ports: + - 18220:8220 + restart: always + user: "1000" + environment: + - FLEET_ENROLL=1 + - FLEET_SERVER_POLICY_ID=fleet-server-policy + - FLEET_SERVER_ENABLE=1 + - KIBANA_FLEET_SETUP=1 + - KIBANA_HOST=https://fleet-kbn-proxy:8080 + - KIBANA_FLEET_CA=/certs/ca.crt + - FLEET_URL=https://fleet-server:8220 + - FLEET_SERVER_ELASTICSEARCH_HOST=https://fleet-es-proxy:8080 + - FLEET_CA=/certs/ca.crt + - ELASTICSEARCH_USERNAME=elastic + - ELASTICSEARCH_PASSWORD=elastic + - FLEET_SERVER_CERT=/certs/fleet-server.crt + - FLEET_SERVER_CERT_KEY=/certs/fleet-server.key + - FLEET_SERVER_ELASTICSEARCH_CA=/certs/ca.crt + - ELASTIC_AGENT_LOG_LEVEL=debug + - ELASTIC_AGENT_LOG_SELECTORS=* + + fleet-initializer: + build: + context: fleet-initializer + dockerfile: Dockerfile + hostname: fleet-initializer + depends_on: + elasticsearch: + condition: service_healthy + kibana: + condition: service_healthy + + agent1: + build: + context: agent1 + dockerfile: Dockerfile + hostname: agent1 + restart: always + depends_on: + elasticsearch: + condition: service_healthy + kibana: + condition: service_healthy + volumes: + - ./certs:/certs:z + ports: + - 8200:8200 + user: root + environment: + - FLEET_ENROLL=1 + - FLEET_URL=https://fleet-server:8220 + - FLEET_CA=/certs/ca.crt + + service1: + build: + context: service1 + dockerfile: Dockerfile + hostname: service1 + command: node /example-app/app.js + depends_on: + elasticsearch: + condition: service_healthy + kibana: + condition: service_healthy + expose: + - 3000 + ports: + - "3000:3000" + volumes: + - ./certs:/certs:z + environment: + - ELASTIC_APM_SERVER_CA_CERT_FILE=/certs/ca.crt + + traffic-simulator: + build: + context: traffic-simulator + dockerfile: Dockerfile + hostname: traffic-simulator + depends_on: + service1: + condition: service_started \ No newline at end of file diff --git a/xpack-fleet-example/fleet-initializer/Dockerfile b/xpack-fleet-example/fleet-initializer/Dockerfile new file mode 100644 index 0000000..377f3ff --- /dev/null +++ b/xpack-fleet-example/fleet-initializer/Dockerfile @@ -0,0 +1,8 @@ +FROM ubuntu:24.04 + +RUN apt-get update && \ + apt-get install -y curl + +COPY entrypoint.sh /entrypoint.sh + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/xpack-fleet-example/fleet-initializer/entrypoint.sh b/xpack-fleet-example/fleet-initializer/entrypoint.sh new file mode 100755 index 0000000..04dfa0c --- /dev/null +++ b/xpack-fleet-example/fleet-initializer/entrypoint.sh @@ -0,0 +1,27 @@ +#!/bin/bash -ex + +curl -k -s -f -u "elastic:elastic" \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/agent_policies" \ + -d '{"id":"elastic-policy","name":"Elastic-Policy","namespace":"default","monitoring_enabled":["logs","metrics"]}' + +curl -k -s -f -u "elastic:elastic" \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/package_policies" \ + -d '{"name":"Elastic-System-package","namespace":"default","policy_id":"elastic-policy", "package":{"name": "system", "version":"1.54.0"}}' + +curl -vk -u "elastic:elastic" \ + -XPOST -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/package_policies" \ + -d '{"name":"apm2","namespace":"default","policy_id":"elastic-policy", "package":{"name": "apm", "version":"8.12.2"},"inputs":[{"type":"apm","enabled":true,"streams":[],"policy_template":"apmserver","vars":{"host":{"value":"agent1:8200","type":"text"},"url":{"value":"https://agent1:8200","type":"text"},"tls_enabled":{"value":true,"type":"bool"},"tls_certificate":{"value":"/certs/agent1.crt","type":"text"},"tls_key":{"value":"/certs/agent1.key","type":"text"}}}]}' + +curl -k -s -f -u "elastic:elastic" \ + -XPUT -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/settings" \ + -d '{"fleet_server_hosts": ["https://fleet-server:8220"]}' + +curl -k -s -f -u "elastic:elastic" \ + -XPUT -H "kbn-xsrf: kibana" -H "Content-type: application/json" \ + "https://kibana:5601/api/fleet/outputs/fleet-default-output" \ + -d '{"hosts": ["https://elasticsearch:9200"], "config_yaml": "ssl.verification_mode: certificate\nssl.certificate_authorities: [\"/certs/ca.crt\"]"}' + \ No newline at end of file diff --git a/xpack-fleet-example/gen-cert.sh b/xpack-fleet-example/gen-cert.sh new file mode 100755 index 0000000..183af85 --- /dev/null +++ b/xpack-fleet-example/gen-cert.sh @@ -0,0 +1,20 @@ +#!/bin/bash -e + +if [ "$#" -ne 1 ]; then + echo "Usage: $0 " + exit 1 +fi + +SERVICE=$1 + +openssl genrsa -out "certs/$SERVICE.key" 2048 +openssl req -new -key "certs/$SERVICE.key" -out "certs/$SERVICE.csr" -subj "/C=GB/ST=London/L=London/O=Beshu/OU=IT/CN=$SERVICE" +openssl x509 -req \ + -in "certs/$SERVICE.csr" \ + -CAkey ca/ca.key \ + -CA ca/ca.crt \ + -CAcreateserial \ + -out "certs/$SERVICE.crt" \ + -days 3650 \ + -sha256 \ + -extfile <(printf "subjectAltName=DNS:$SERVICE,DNS:localhost\nextendedKeyUsage=serverAuth,clientAuth\nkeyUsage=digitalSignature,keyEncipherment,keyAgreement\nsubjectKeyIdentifier=hash") \ No newline at end of file diff --git a/xpack-fleet-example/kibana/kibana.yml b/xpack-fleet-example/kibana/kibana.yml new file mode 100644 index 0000000..ee1d3bf --- /dev/null +++ b/xpack-fleet-example/kibana/kibana.yml @@ -0,0 +1,16 @@ +xpack.encryptedSavedObjects.encryptionKey: "random-string-above-32-or-more-characters" +server.host: "0.0.0.0" +xpack.fleet.packages: + - name: fleet_server + version: latest + - name: system + version: latest +xpack.fleet.agentPolicies: + - name: Fleet-Server-Policy + id: fleet-server-policy + namespace: default + monitoring_enabled: [] + package_policies: + - name: fleet_server-1 + package: + name: fleet_server \ No newline at end of file diff --git a/xpack-fleet-example/run.sh b/xpack-fleet-example/run.sh new file mode 100755 index 0000000..86a6579 --- /dev/null +++ b/xpack-fleet-example/run.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +docker compose up -d --build --wait --remove-orphans --force-recreate \ No newline at end of file diff --git a/xpack-fleet-example/service1/Dockerfile b/xpack-fleet-example/service1/Dockerfile new file mode 100644 index 0000000..18b8952 --- /dev/null +++ b/xpack-fleet-example/service1/Dockerfile @@ -0,0 +1,14 @@ +FROM ubuntu:24.04 + +RUN apt-get update && \ + apt-get install -y libc6-amd64-cross vim curl npm && \ + ln -s /usr/x86_64-linux-gnu/lib64/ /lib64 && \ + mkdir -p /example-app + +COPY app.js /example-app + +RUN cd /example-app && \ + npm install elastic-apm-node && \ + npm install express + +ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/lib64:/usr/x86_64-linux-gnu/lib" \ No newline at end of file diff --git a/xpack-fleet-example/service1/app.js b/xpack-fleet-example/service1/app.js new file mode 100644 index 0000000..ede3e21 --- /dev/null +++ b/xpack-fleet-example/service1/app.js @@ -0,0 +1,40 @@ +// Import and start the Elastic APM agent at the very top of your application +var apm = require('elastic-apm-node').start({ + serverUrl: 'https://agent1:8200', + serviceName: 'service1', + environment: 'ror-test-env', + serverCaCertFile: '/example-app/certs/ca.crt', + // secretToken: 'myverysecrettoken', + logLevel: 'debug' + }); + + const express = require('express'); + const app = express(); + + // Sample route that triggers some APM instrumentation + app.get('/', (req, res) => { + // Start a custom transaction + const transaction = apm.startTransaction('MyCustomTransaction', 'custom'); + + // Simulate some processing + setTimeout(() => { + // End the transaction + transaction.end(); + + res.send('Hello World!'); + }, 1000); + }); + + // Another route to simulate an error + app.get('/error', (req, res) => { + // Capture an error + apm.captureError(new Error('Something went wrong!')); + + res.status(500).send('Internal Server Error'); + }); + + const PORT = process.env.PORT || 3000; + app.listen(PORT, () => { + console.log(`Server running on port ${PORT}`); + }); + \ No newline at end of file diff --git a/xpack-fleet-example/traffic-simulator/Dockerfile b/xpack-fleet-example/traffic-simulator/Dockerfile new file mode 100644 index 0000000..377f3ff --- /dev/null +++ b/xpack-fleet-example/traffic-simulator/Dockerfile @@ -0,0 +1,8 @@ +FROM ubuntu:24.04 + +RUN apt-get update && \ + apt-get install -y curl + +COPY entrypoint.sh /entrypoint.sh + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/xpack-fleet-example/traffic-simulator/entrypoint.sh b/xpack-fleet-example/traffic-simulator/entrypoint.sh new file mode 100755 index 0000000..3a44cb7 --- /dev/null +++ b/xpack-fleet-example/traffic-simulator/entrypoint.sh @@ -0,0 +1,20 @@ +#!/bin/bash -x + +make_request() { + local url=$1 + curl -s -o /dev/null -w "%{http_code}" "$url" +} + +while true; do + RAND=$(( RANDOM % 10 + 1 )) + + if [ "$RAND" -le 1 ]; then + URL="http://service1:3000/error" + else + URL="http://service1:3000" + fi + + make_request "$URL" + + sleep 1 +done