search

elastic / elastic-package

elastic-package - Command line tool for developing Elastic Integrations
Other
49 stars 113 forks source link

Expose Elastic Stack outside of localhost #1981

Closed jamesagarside closed 2 months ago

jamesagarside commented 2 months ago

I've written a Makefile for exposing the Elastic Stack services outside of the host, I required this for testing but thought it might be helpful for others

# Inteface to accept traffic from
interface=ens192

forward-stack:

    $(eval AGENT_ID := $(shell docker container ps -aqf "name=elastic-package-stack-elastic-agent-1"))
    $(eval FLEET_ID := $(shell docker container ps -aqf "name=elastic-package-stack-fleet-server-1"))
    $(eval KIBANA_ID := $(shell docker container ps -aqf "name=elastic-package-stack-kibana-1"))
    $(eval ELASTICSEARCH_ID := $(shell docker container ps -aqf "name=elastic-package-stack-elasticsearch-1"))
    $(eval REGISTRY_ID := $(shell docker container ps -aqf "name=elastic-package-stack-package-registry-1"))

    $(eval AGENT_IP := $(shell docker inspect $(AGENT_ID) | jq -r '.[].NetworkSettings.Networks."elastic-package-stack_default".IPAddress'))
    $(eval FLEET_IP := $(shell docker inspect $(FLEET_ID) | jq -r '.[].NetworkSettings.Networks."elastic-package-stack_default".IPAddress'))
    $(eval KIBANA_IP := $(shell docker inspect $(KIBANA_ID) | jq -r '.[].NetworkSettings.Networks."elastic-package-stack_default".IPAddress'))
    $(eval ELASTICSEARCH_IP := $(shell docker inspect $(ELASTICSEARCH_ID) | jq -r '.[].NetworkSettings.Networks."elastic-package-stack_default".IPAddress'))
    $(eval REGISTRY_IP := $(shell docker inspect $(REGISTRY_ID) | jq -r '.[].NetworkSettings.Networks."elastic-package-stack_default".IPAddress'))

    sudo sysctl -w net.ipv4.ip_forward=1

    # Forward Fleet Server
    sudo iptables -t nat -A PREROUTING -i $(interface) -p tcp --dport 8220 -j DNAT --to-destination $(FLEET_IP):8220
    sudo iptables -t nat -A POSTROUTING -p tcp -d $(FLEET_IP) --dport 8220 -j MASQUERADE

    # Forward Kibana
    sudo iptables -t nat -A PREROUTING -i $(interface) -p tcp --dport 5601 -j DNAT --to-destination $(KIBANA_IP):5601
    sudo iptables -t nat -A POSTROUTING -p tcp -d $(KIBANA_IP) --dport 5601 -j MASQUERADE

    # Forward Elasticsearch
    sudo iptables -t nat -A PREROUTING -i $(interface) -p tcp --dport 9200 -j DNAT --to-destination $(ELASTICSEARCH_IP):9200
    sudo iptables -t nat -A POSTROUTING -p tcp -d $(ELASTICSEARCH_IP) --dport 9200 -j MASQUERADE
    sudo iptables -t nat -A PREROUTING -i $(interface) -p tcp --dport 9300 -j DNAT --to-destination $(ELASTICSEARCH_IP):9300
    sudo iptables -t nat -A POSTROUTING -p tcp -d $(ELASTICSEARCH_IP) --dport 9300 -j MASQUERADE

    # Forward Package Registry
    sudo iptables -t nat -A PREROUTING -i $(interface) -p tcp --dport 8080 -j DNAT --to-destination $(REGISTRY_IP):8080
    sudo iptables -t nat -A POSTROUTING -p tcp -d $(REGISTRY_IP) --dport 8080 -j MASQUERADE
    sudo iptables -t nat -A PREROUTING -i $(interface) -p tcp --dport 9000 -j DNAT --to-destination $(REGISTRY_IP):9000
    sudo iptables -t nat -A POSTROUTING -p tcp -d $(REGISTRY_IP) --dport 9000 -j MASQUERADE
jamesagarside commented 2 months ago

Closing as it causes issues with the package repo