diff --git a/docs/en/ingest-arch/20-airgap.asciidoc b/docs/en/ingest-arch/20-airgap.asciidoc deleted file mode 100644 index a8f7c3bb5..000000000 --- a/docs/en/ingest-arch/20-airgap.asciidoc +++ /dev/null @@ -1,8 +0,0 @@ -== 20. Airgapped {agent} and {stack} - -* 20. Agent, Elastic stack both is deployed in air gapped environment with no access to outside network -** Set up self managed stack and self managed EPR -** Specify agent binary location for 8.4+, in other cases, you will need to upgrade these agents manually as described here -** If geoip enrichment is required then it's necessary to manage database updates either through a proxy, a custom endpoint, or manually. -*** Show the architecture diagram including the EPR, fleet server and geo-ip DBs - diff --git a/docs/en/ingest-arch/99-airgapped.asciidoc b/docs/en/ingest-arch/99-airgapped.asciidoc new file mode 100644 index 000000000..ad391001e --- /dev/null +++ b/docs/en/ingest-arch/99-airgapped.asciidoc @@ -0,0 +1,15 @@ +[[airgapped-env]] +== Elastic air-gapped architectures + +You can deploy the {stack} with some or all components in a data center or other environment with no access to any outside networks. +Some stack components require additional configuration and local dependencies when deployed in air-gapped environments. + +[discrete] +[[airgapped-archs]] +=== {agent} to {es} architectures: air-gapped environments + +* <> +* <> + +include::99a-airgapped-ea-es.asciidoc[] +include::99b-airgapped-ea-ls.asciidoc[] \ No newline at end of file diff --git a/docs/en/ingest-arch/99a-airgapped-ea-es.asciidoc b/docs/en/ingest-arch/99a-airgapped-ea-es.asciidoc new file mode 100644 index 000000000..584bc19ad --- /dev/null +++ b/docs/en/ingest-arch/99a-airgapped-ea-es.asciidoc @@ -0,0 +1,21 @@ +[[agent-es-airgapped]] +=== {agent} to {es}: Air-gapped environment + +image::images/ea-es-airgapped.png[Image showing {agent} and {es} in an air-gapped environment] + +Ingest model:: +All {stack} components deployed inside a DMZ: +* Control path: {agent} to {fleet} to {es} + +* Data path: {agent} to {es} + +Use when:: +Your self-managed {stack} deployment has no access to outside networks + +[discrete] +[[airgapped-es-resources]] +=== Resources + +Info for air-gapped environments: + +* {stack-ref}/air-gapped-install.html[Installing the {stack} in an air-gapped environment] +* {fleet-guide}/fleet-agent-proxy-support.html[Using a proxy server with Elastic Agent and Fleet] diff --git a/docs/en/ingest-arch/99b-airgapped-ea-ls.asciidoc b/docs/en/ingest-arch/99b-airgapped-ea-ls.asciidoc new file mode 100644 index 000000000..596d786c4 --- /dev/null +++ b/docs/en/ingest-arch/99b-airgapped-ea-ls.asciidoc @@ -0,0 +1,30 @@ +[[agent-ls-airgapped]] +=== {agent} to {ls}: Air-gapped environment + +image::images/ea-ls-airgapped.png[Image showing {agent}, {ls}, and {es} in an air-gapped environment] + +Ingest model:: +All {stack} components deployed inside a DMZ: +* Control path: {agent} to {fleet} to {es} + +* Data path: {agent} to {es} + +Use when:: +Your self-managed {stack} deployment has no access to outside networks + +[discrete] +[[airgapped-ls-resources]] +=== Resources + +Info for air-gapped environments: + +* {stack-ref}/air-gapped-install.html[Installing the {stack} in an air-gapped environment] +* {fleet-guide}/fleet-agent-proxy-support.html[Using a proxy server with Elastic Agent and Fleet] + +[discrete] +[[ls-geoip]] +=== Geoip database management in air-gapped environments + +The {logstash-ref}/plugins-filters-geoip.html[{ls} geoip filter] requires regular database updates to remain up-to-date with the latest information. +If you are using the {ls} geoip filter plugin in an air-gapped environment, +you can manage updates through a proxy, a custom endpoint, or manually. +Check out {logstash-ref}/plugins-filters-geoip.html#plugins-filters-geoip-manage_update[Manage your own database updates] for more info. diff --git a/docs/en/ingest-arch/arch-list.asciidoc b/docs/en/ingest-arch/arch-list.asciidoc index a2f467bc5..d132f1a54 100644 --- a/docs/en/ingest-arch/arch-list.asciidoc +++ b/docs/en/ingest-arch/arch-list.asciidoc @@ -31,9 +31,10 @@ Eventually, we may move original here, but for now it needs to stay in cloud inf image:images/ea-es.png[Image showing {agent} collecting data and sending to {es}] a| -* An {integrations-docs}[{agent} integration] is available for your data source: -** Software components with <> -** Software components using <> +An {integrations-docs}[{agent} integration] is available for your data source: + +* Software components with <> +* Software components using <> | <> @@ -41,11 +42,12 @@ a| image:images/ea-ls-es.png[Image showing {agent} to {ls} to {es}] a| -* You need additional capabilities from {ls}: -** <> between {agent} and {es} -** <> to accommodate network issues and downstream unavailability -** <> in cases where {agent}s have network restrictions for connecting outside of the {agent} network -** data needs to be <> {es} clusters and other destinations depending on the content +You need additional capabilities offered by {ls}: + +* <> between {agent} and {es} +* <> to accommodate network issues and downstream unavailability +* <> in cases where {agent}s have network restrictions for connecting outside of the {agent} network +* data needs to be <> {es} clusters and other destinations depending on the content | <> @@ -53,8 +55,8 @@ a| image:images/ea-proxy-es.png[Image showing connections between {agent} and {es} using a proxy] a| -* Agents have <> that prevent connecting outside of the {agent} network -* Note that <> is one option +Agents have <> that prevent connecting outside of the {agent} network +Note that <> is one option. | <> @@ -62,9 +64,10 @@ a| image:images/ea-kafka.png[Image showing {agent} collecting data and using Kafka as a message queue enroute to {es}] a| -* Kafka is your <>: -** <> to write from Kafka to {es} -** <> +Kafka is your <>: + +* <> to write from Kafka to {es} +* <> | <> @@ -72,8 +75,15 @@ a| image:images/ls-es.png[Image showing {ls} collecting data and sending to {es}] a| -* You need to collect data from a source that {agent} can't read (such as databases, AWS Kinesis). +You need to collect data from a source that {agent} can't read (such as databases, AWS Kinesis). Check out the {logstash-ref}/input-plugins.html[{ls} input plugins]. +| <> + +image:images/ea-airgapped.png[Image showing {stack} in an air-gapped environment] + +a| +You want to deploy {agent} and {stack} in an air-gapped environment (no access to outside networks) + |=== diff --git a/docs/en/ingest-arch/images/ea-airgapped.png b/docs/en/ingest-arch/images/ea-airgapped.png new file mode 100644 index 000000000..4c0b3ca70 Binary files /dev/null and b/docs/en/ingest-arch/images/ea-airgapped.png differ diff --git a/docs/en/ingest-arch/index.asciidoc b/docs/en/ingest-arch/index.asciidoc index ef313a5e8..97ee6acb8 100644 --- a/docs/en/ingest-arch/index.asciidoc +++ b/docs/en/ingest-arch/index.asciidoc @@ -2,7 +2,7 @@ include::{docs-root}/shared/versions/stack/{source_branch}.asciidoc[] include::{docs-root}/shared/attributes.asciidoc[] [[ingest-architectures]] -= {es} Ingest Architectures += Elastic Ingest Reference Architectures include::arch-list.asciidoc[] @@ -16,6 +16,7 @@ include::16-agent-kafka.asciidoc[] include::8-ls-input.asciidoc[] +include::99-airgapped.asciidoc[] // === Next set of architectures // include::3-schemamod.asciidoc[]