To switch from a running ELK stack to OpenSearch, you need to do the following steps. The deployment have to be done in multiple steps, because OpenSearch will first start the operator and create the custom resources and in the second step it will start the Cluster.
In the first step you have to disable the ELK stack, adapt the values and start the OpenSearch Operator pod.
- Disable elk stack
global:
elkDisabled: true- Set the namespace for the OpenSearch Cluster but keep it disabled
opensearch-cluster:
enabled: false
namespace: <your namespace>-
Deploy the k8s-ops release to your helm chart
-
Follow the instructions inside Opensearch to deploy the opensearch operator
-
Follow the instructions inside Fluentd to deploy the fluentd operator and add the basic config to your values.yaml
In the second step you have to enable the cluster.
- Enable the OpenSearch Cluster
opensearch-cluster:
enabled: true- (Optional) Change the logstash internal hosts from other services
logstashHost: "http://fluentbit-http-service.monitoring:8888"- Deploy the k8s-ops release to your helm chart
- Configure your monitors with destinations and alerts.
- Create your custom dashboards
- ...