openstack
/
openstack-ansible-ops
Code Issues Proposed changes

Add trusty support to the project 

This change adds Ubuntu 14.04 support to the project.

Change-Id: I20695e19409b63c6e1def4ccf8929c6d52be647e
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2018-08-08 15:19:30 -05:00
parent 4474a40989
commit 79c3a3cf93
No known key found for this signature in database
GPG Key ID: 9443251A787B9FB3
56 changed files with 512 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
elk_metrics_6x/bootstrap-embedded-ansible.sh
View File

@ -17,8 +17,9 @@ export OPTS=()
export ANSIBLE_EMBED_HOME="${HOME}/ansible25"
OPTS+=('ANSIBLE_EMBED_HOME')
source /etc/os-release
if [[ ! -e "${ANSIBLE_EMBED_HOME}/bin/ansible" ]]; then
if [ ${DISTRIB_RELEASE} = "14.04" ]; then
if [ ${VERSION_ID} = "14.04" ]; then
apt-get update
apt-get -y install python-virtualenv
echo "done installing python-virtualenv"

48
elk_metrics_6x/installKibana.yml
View File

@ -22,5 +22,53 @@
roles:
- role: elastic_kibana
post_tasks:
- name: Create basic indexes
uri:
url: "http://127.0.0.1:5601/api/saved_objects/index-pattern/{{ item.name }}"
method: POST
body: "{{ item.index_options | to_json }}"
status_code: 200,409
body_format: json
headers:
Content-Type: "application/json"
kbn-xsrf: "{{ inventory_hostname | to_uuid }}"
with_items:
- name: "*"
index_options:
attributes:
title: "*"
timeFieldName: "@timestamp"
- name: "journalbeat-*"
index_options:
attributes:
title: "journalbeat-*"
timeFieldName: "@timestamp"
register: kibana_indexes
until: kibana_indexes is success
retries: 6
delay: 10
run_once: true
- name: Create basic indexes
uri:
url: "http://127.0.0.1:5601/api/kibana/settings/defaultIndex"
method: POST
body: "{{ item.index_options | to_json }}"
status_code: 200
body_format: json
headers:
Content-Type: "application/json"
kbn-xsrf: "{{ inventory_hostname | to_uuid }}"
with_items:
- name: "*"
index_options:
value: "*"
register: kibana_indexes
until: kibana_indexes is success
retries: 6
delay: 10
run_once: true
tags:
- server-install

16
elk_metrics_6x/roles/elastic_apm_server/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart apm server
- name: Enable and restart apm-server (systemd)
systemd:
name: "apm-server"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart apm server
- name: Enable and restart apm-server (upstart)
service:
name: "apm-server"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart apm server

1
elk_metrics_6x/roles/elastic_apm_server/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

9
elk_metrics_6x/roles/elastic_apm_server/tasks/main.yml
View File

@ -46,12 +46,16 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "/etc/systemd/system/apm-server.service.d/{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "apm-server-overrides.conf"
@ -66,5 +70,6 @@
- Enable and restart apm server
- include_tasks: apm_setup.yml
tags:
- setup
- name: Force beat handlers
meta: flush_handlers

18
elk_metrics_6x/roles/elastic_auditbeat/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart auditbeat
- name: Enable and restart auditbeat (systemd)
systemd:
name: "auditbeat"
enabled: "true"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart auditbeat
- name: Enable and restart auditbeat (upstart)
service:
name: "auditbeat"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart auditbeat

1
elk_metrics_6x/roles/elastic_auditbeat/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

7
elk_metrics_6x/roles/elastic_auditbeat/tasks/main.yml
View File

@ -46,12 +46,16 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "/etc/systemd/system/auditbeat.service.d/{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "auditbeat-overrides.conf"
@ -66,3 +70,6 @@
- Enable and restart auditbeat
- include_tasks: auditbeat_setup.yml
- name: Force beat handlers
meta: flush_handlers

1
elk_metrics_6x/roles/elastic_curator/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

36
elk_metrics_6x/roles/elastic_curator/tasks/curator_systemd.yml Normal file
View File

@ -0,0 +1,36 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Run the systemd service role
include_role:
name: systemd_service
private: true
vars:
systemd_service_enabled: "{{ ((elk_package_state | default('present')) != 'absent') | ternary(true, false) }}"
systemd_service_restart_changed: false
systemd_user_name: curator
systemd_group_name: curator
systemd_services:
- service_name: "curator"
execstarts:
- /opt/elasticsearch-curator/bin/curator
--config /var/lib/curator/curator.yml
/var/lib/curator/actions.yml
timer:
state: "started"
options:
OnBootSec: 30min
OnUnitActiveSec: 24h
Persistent: true

23
elk_metrics_6x/roles/elastic_curator/tasks/curator_upstart.yml Normal file
View File

@ -0,0 +1,23 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create cron job for curator
cron:
name: "Run curator"
minute: 0
hour: 2
user: "curator"
job: "/opt/elasticsearch-curator/bin/curator --config /var/lib/curator/curator.yml /var/lib/curator/actions.yml"
cron_file: "elasticsearch-curator"

27
elk_metrics_6x/roles/elastic_curator/tasks/main.yml
View File

@ -25,6 +25,11 @@
tags:
- always
- name: exit playbook after uninstall
meta: end_play
when:
ansible_service_mgr != 'systemd'
- name: Ensure virtualenv is installed
package:
name: "{{ curator_distro_packages }}"
@ -88,24 +93,4 @@
notify:
- Enable and restart curator.timer
- name: Run the systemd service role
include_role:
name: systemd_service
private: true
vars:
systemd_service_enabled: "{{ ((elk_package_state | default('present')) != 'absent') | ternary(true, false) }}"
systemd_service_restart_changed: false
systemd_user_name: curator
systemd_group_name: curator
systemd_services:
- service_name: "curator"
execstarts:
- /opt/elasticsearch-curator/bin/curator
--config /var/lib/curator/curator.yml
/var/lib/curator/actions.yml
timer:
state: "started"
options:
OnBootSec: 30min
OnUnitActiveSec: 24h
Persistent: true
- include_tasks: "curator_{{ ansible_service_mgr }}.yml"

1
elk_metrics_6x/roles/elastic_data_hosts/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

1
elk_metrics_6x/roles/elastic_dependencies/meta/main.yml
View File

@ -23,6 +23,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

2
elk_metrics_6x/roles/elastic_dependencies/tasks/main.yml
View File

@ -70,7 +70,7 @@
path: "/var/lib/{{ service_name }}"
register: service_dir
- name: Check for existing rollup job
- name: Check for data directory
debug:
msg: >-
The service data directory [ /var/lib/{{ service_name }} ] already

16
elk_metrics_6x/roles/elastic_filebeat/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart filebeat
- name: Enable and restart filebeat (systemd)
systemd:
name: "filebeat"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart filebeat
- name: Enable and restart filebeat (upstart)
service:
name: "filebeat"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart filebeat

1
elk_metrics_6x/roles/elastic_filebeat/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

10
elk_metrics_6x/roles/elastic_filebeat/tasks/main.yml
View File

@ -46,14 +46,19 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "/etc/systemd/system/filebeat.service.d/{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- { src: "systemd.general-overrides.conf.j2", dest: "filebeat-overrides.conf" }
- src: "systemd.general-overrides.conf.j2"
dest: "filebeat-overrides.conf"
notify:
- Enable and restart filebeat
@ -175,3 +180,6 @@
- Enable and restart filebeat
- include_tasks: filebeat_setup.yml
- name: Force beat handlers
meta: flush_handlers

16
elk_metrics_6x/roles/elastic_heartbeat/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart heartbeat
- name: Enable and restart heartbeat (systemd)
systemd:
name: "heartbeat-elastic"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart heartbeat
- name: Enable and restart heartbeat (upstart)
service:
name: "heartbeat-elastic"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart heartbeat

1
elk_metrics_6x/roles/elastic_heartbeat/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

22
elk_metrics_6x/roles/elastic_heartbeat/tasks/main.yml
View File

@ -46,18 +46,36 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/heartbeat.service.d/heartbeat-overrides.conf"
notify:
- Enable and restart heartbeat
- name: Create heartbeat configs
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/heartbeat.service.d/heartbeat-overrides.conf"
- src: templates/heartbeat.yml.j2
dest: /etc/heartbeat/heartbeat.yml
notify:
- Enable and restart heartbeat
- include_tasks: heartbeat_setup.yml
- name: Force beat handlers
meta: flush_handlers

1
elk_metrics_6x/roles/elastic_journalbeat/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

17
elk_metrics_6x/roles/elastic_journalbeat/tasks/main.yml
View File

@ -33,7 +33,8 @@
- name: exit playbook after uninstall
meta: end_play
when:
- not journal_dir.stat.exists | bool
- not (journal_dir.stat.exists | bool) or
ansible_service_mgr != 'systemd'
- name: Ensure beat is installed
package:
@ -94,7 +95,7 @@
owner: "root"
mode: "0755"
- name: Drop journalbeat conf files
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@ -102,6 +103,15 @@
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/journalbeat.service.d/journalbeat-overrides.conf"
notify:
- Enable and restart journalbeat
- name: Drop journalbeat conf files
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
with_items:
- src: templates/journalbeat.yml.j2
dest: /etc/journalbeat/journalbeat.yml
notify:
@ -132,3 +142,6 @@
After: network-online.target
- include_tasks: journalbeat_setup.yml
- name: Force beat handlers
meta: flush_handlers

34
elk_metrics_6x/roles/elastic_kibana/handlers/main.yml
View File

@ -13,25 +13,27 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart nginx
- name: Enable and restart services (systemd)
systemd:
name: "nginx"
enabled: true
state: restarted
when:
- (elk_package_state | default('present')) != 'absent'
listen: Enable and restart services
tags:
- config
- name: Enable and restart kibana
systemd:
name: "kibana"
name: "{{ item }}"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
- ansible_service_mgr == 'systemd'
with_items:
- nginx
- kibana
listen: Enable and restart services
- name: Enable and restart services (upstart)
service:
name: "{{ item }}"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
with_items:
- nginx
- kibana
listen: Enable and restart services
tags:
- config

1
elk_metrics_6x/roles/elastic_kibana/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

8
elk_metrics_6x/roles/elastic_kibana/tasks/main.yml
View File

@ -63,15 +63,19 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "/etc/systemd/system/kibana.service.d/{{ item.dest }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "kibana-overrides.conf"
dest: "/etc/systemd/system/kibana.service.d/kibana-overrides.conf"
notify:
- Enable and restart services

16
elk_metrics_6x/roles/elastic_logstash/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart logstash
- name: Enable and restart logstash (systemd)
systemd:
name: "logstash"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart logstash
- name: Enable and restart logstash (upstart)
service:
name: "logstash"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart logstash

1
elk_metrics_6x/roles/elastic_logstash/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

8
elk_metrics_6x/roles/elastic_logstash/tasks/main.yml
View File

@ -46,15 +46,19 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "/etc/systemd/system/logstash.service.d/{{ item.dest }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "logstash-overrides.conf"
dest: "/etc/systemd/system/logstash.service.d/logstash-overrides.conf"
notify:
- Enable and restart logstash

16
elk_metrics_6x/roles/elastic_metricbeat/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart metricbeat
- name: Enable and restart metricbeat (systemd)
systemd:
name: "metricbeat"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart metricbeat
- name: Enable and restart metricbeat (upstart)
service:
name: "elasticsearch"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart metricbeat

1
elk_metrics_6x/roles/elastic_metricbeat/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

7
elk_metrics_6x/roles/elastic_metricbeat/tasks/main.yml
View File

@ -222,11 +222,13 @@
notify:
- Enable and restart metricbeat
- name: Drop metricbeat conf file
- name: Drop metricbeat conf files
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: templates/metricbeat.yml.j2
dest: /etc/metricbeat/metricbeat.yml
@ -234,3 +236,6 @@
- Enable and restart metricbeat
- include_tasks: metricbeat_setup.yml
- name: Force beat handlers
meta: flush_handlers

16
elk_metrics_6x/roles/elastic_packetbeat/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart packetbeat
- name: Enable and restart packetbeat (systemd)
systemd:
name: "packetbeat"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart packetbeat
- name: Enable and restart packetbeat (upstart)
service:
name: "elasticsearch"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart packetbeat

1
elk_metrics_6x/roles/elastic_packetbeat/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

20
elk_metrics_6x/roles/elastic_packetbeat/tasks/main.yml
View File

@ -46,6 +46,21 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/packetbeat.service.d/packetbeat-overrides.conf"
notify:
- Enable and restart packetbeat
- name: Drop packetbeat conf files
template:
@ -53,11 +68,12 @@
dest: "{{ item.dest }}"
mode: "0644"
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/packetbeat.service.d/packetbeat-overrides.conf"
- src: templates/packetbeat.yml.j2
dest: /etc/packetbeat/packetbeat.yml
notify:
- Enable and restart packetbeat
- include_tasks: packetbeat_setup.yml
- name: Force beat handlers
meta: flush_handlers

17
elk_metrics_6x/roles/elastic_repositories/defaults/main.yml Normal file
View File

@ -0,0 +1,17 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# List of PPA repositories used on ubuntu based systems
elastic_repo_ppas: []

1
elk_metrics_6x/roles/elastic_repositories/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

5
elk_metrics_6x/roles/elastic_repositories/tasks/elastic_apt_repos.yml
View File

@ -35,3 +35,8 @@
delay: 2
tags:
- package_install
- name: Add PPA (legacy)
apt_repository:
repo: "{{ item }}"
with_items: "{{ elastic_repo_ppas }}"

20
elk_metrics_6x/roles/elastic_repositories/vars/ubuntu-14.04.yml Normal file
View File

@ -0,0 +1,20 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
elastic_repo_distro_packages:
- apt-transport-https
elastic_repo_ppas:
- "ppa:openjdk-r/ppa"

1
elk_metrics_6x/roles/elastic_retention/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

1
elk_metrics_6x/roles/elastic_rollup/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

6
elk_metrics_6x/roles/elastic_rollup/tasks/main.yml
View File

@ -56,7 +56,7 @@
body_format: json
register: elk_indexes
until: elk_indexes is success
retries: 3
retries: 5
delay: 5
when:
- hostvars[inventory_hostname]['elastic_' + index_name + '_retention'] > days_until_rollup
@ -75,7 +75,7 @@
index_options: {}
- url: "http://{{ coordination_nodes[0] }}/_xpack/rollup/job/rollup_{{ index_name }}"
method: PUT
status_code: 200
status_code: 200,400
index_options:
index_pattern: "{{ index_name }}-*"
rollup_index: "rollup_{{ index_name }}"
@ -88,7 +88,7 @@
delay: "{{ days_until_rollup }}d"
- url: "http://{{ coordination_nodes[0] }}/_xpack/rollup/job/rollup_{{ index_name }}/_start"
method: POST
status_code: 200
status_code: 200,404
index_options: {}
run_once: true
when:

16
elk_metrics_6x/roles/elasticsearch/handlers/main.yml
View File

@ -13,13 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable and restart elastic
- name: Enable and restart elasticsearch (systemd)
systemd:
name: "elasticsearch"
enabled: true
state: restarted
daemon_reload: true
when:
- (elk_package_state | default('present')) != 'absent'
tags:
- config
- ansible_service_mgr == 'systemd'
listen: Enable and restart elastic
- name: Enable and restart elasticsearch (upstart)
service:
name: "elasticsearch"
state: restarted
enabled: yes
when:
- ansible_service_mgr == 'upstart'
listen: Enable and restart elastic

1
elk_metrics_6x/roles/elasticsearch/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

18
elk_metrics_6x/roles/elasticsearch/tasks/main.yml
View File

@ -51,6 +51,22 @@
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.elasticsearch-overrides.conf.j2"
dest: "/etc/systemd/system/elasticsearch.service.d/elasticsearch-overrides.conf"
notify:
- Enable and restart elastic
tags:
- config
- name: Drop elasticsearch conf file
template:
@ -63,8 +79,6 @@
dest: /etc/elasticsearch/jvm.options
- src: templates/es-log4j2.properties.j2
dest: /etc/elasticsearch/log4j2.properties
- src: "systemd.elasticsearch-overrides.conf.j2"
dest: "/etc/systemd/system/elasticsearch.service.d/elasticsearch-overrides.conf"
notify:
- Enable and restart elastic
tags:

1
elk_metrics_6x/roles/go_install_1.10/meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
platforms:
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
categories:

2
elk_metrics_6x/templates/auditbeat.yml.j2
View File

@ -32,7 +32,9 @@ auditbeat.modules:
# The auditd module collects events from the audit framework in the Linux
# kernel. You need to specify audit rules for the events that you want to audit.
- module: auditd
{% if ansible_kernel is version_compare('4.4', '>=') %}
socket_type: {{ (apply_security_hardening | default(true) | bool) | ternary('multicast', 'unicast') }}
{% endif %}
resolve_ids: true
failure_mode: silent
backlog_limit: 8196

28
elk_metrics_6x/tests/_container-setup.yml
View File

@ -29,16 +29,6 @@
macvlan_mode: bridge
pre_tasks:
- name: Show host facts
debug:
var: hostvars
- name: First ensure apt cache is always refreshed
apt:
update_cache: yes
when:
- ansible_pkg_mgr == 'apt'
- name: Ensure root ssh key
user:
name: "{{ ansible_env.USER | default('root') }}"
@ -62,24 +52,6 @@
manage_dir: no
roles:
- role: "systemd_networkd"
systemd_networkd_prefix: "elk_metrics_6x"
systemd_interface_cleanup: true
systemd_run_networkd: true
systemd_netdevs:
- NetDev:
Name: dummy0
Kind: dummy
- NetDev:
Name: br-mgmt
Kind: bridge
systemd_networks:
- interface: "dummy0"
bridge: "br-mgmt"
- interface: "br-mgmt"
address: "172.29.236.1"
netmask: "255.255.255.0"
- role: "nspawn_hosts"

41
elk_metrics_6x/tests/_key-setup.yml Normal file
View File

@ -0,0 +1,41 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Setup host keys
hosts: physical_hosts
connection: local
become: true
tasks:
- name: Ensure root ssh key
user:
name: "{{ ansible_env.USER | default('root') }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: Get root ssh key
slurp:
src: '~/.ssh/id_rsa.pub'
register: _root_ssh_key
- name: Prepare container ssh key fact
set_fact:
nspawn_container_ssh_key: "{{ _root_ssh_key['content'] | b64decode }}"
- name: Ensure public ssh key is in authorized_keys
authorized_key:
user: "{{ ansible_env.USER | default('root') }}"
key: "{{ nspawn_container_ssh_key }}"
manage_dir: no

44
elk_metrics_6x/tests/functional.yml
View File

@ -27,6 +27,10 @@
ANSIBLE_HOST_KEY_CHECKING: "False"
ANSIBLE_LOG_PATH: "/tmp/elk-metrics-6x-logs/ansible-elk-test.log"
vars:
# inventory_file: "inventory/test-{{ (ansible_service_mgr == 'systemd') | ternary('container', 'metal') }}-inventory.yml"
inventory_file: "inventory/test-metal-inventory.yml"
pre_tasks:
- name: Create swap file
command: "dd if=/dev/zero of=/swap.img bs=1M count=4096"
@ -71,6 +75,12 @@
- "iptables -P OUTPUT ACCEPT"
- "touch /tmp/elk-metrics-6x-logs/iptables.flushed"
- name: First ensure apt cache is always refreshed
apt:
update_cache: yes
when:
- ansible_pkg_mgr == 'apt'
tasks:
- name: Run embedded ansible installation
become: yes
@ -94,33 +104,39 @@
- name: Run environment setup
become: yes
become_user: root
command: "/root/ansible25/bin/ansible-playbook -i inventory/test-inventory.yml -e @test-vars.yml _container-setup.yml"
command: "/root/ansible25/bin/ansible-playbook -i {{ inventory_file }} -e @test-vars.yml _key-setup.yml"
environment:
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
ANSIBLE_LOG_PATH: "/tmp/elk-metrics-6x-logs/ansible-elk-test-container-setup.log"
args:
chdir: "src/{{ current_test_repo }}/elk_metrics_6x/tests"
when:
- ansible_service_mgr != 'systemd'
- name: Run environment setup
become: yes
become_user: root
command: "/root/ansible25/bin/ansible-playbook -i {{ inventory_file }} -e @test-vars.yml _container-setup.yml"
environment:
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
ANSIBLE_LOG_PATH: "/tmp/elk-metrics-6x-logs/ansible-elk-test-container-setup.log"
args:
chdir: "src/{{ current_test_repo }}/elk_metrics_6x/tests"
when:
- ansible_service_mgr == 'systemd'
- name: Wait 15 seconds
command: "sleep 15"
changed_when: false
- name: Log all facts
become: yes
become_user: root
command: "/root/ansible25/bin/ansible -m setup -i tests/inventory/test-inventory.yml all"
environment:
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
ANSIBLE_LOG_PATH: "/tmp/elk-metrics-6x-logs/ansible-elk-test-facts.log"
args:
chdir: "src/{{ current_test_repo }}/elk_metrics_6x"
when:
- ansible_service_mgr == 'systemd'
- name: Run functional test
become: yes
become_user: root
command: "/root/ansible25/bin/ansible-playbook -i tests/inventory/test-inventory.yml -e @tests/test-vars.yml site.yml"
command: "/root/ansible25/bin/ansible-playbook -i tests/{{ inventory_file }} -e @tests/test-vars.yml site.yml"
environment:
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
@ -131,7 +147,7 @@
- name: Show cluster state
become: yes
become_user: root
command: "/root/ansible25/bin/ansible-playbook -i tests/inventory/test-inventory.yml -e @tests/test-vars.yml showElasticCluster.yml"
command: "/root/ansible25/bin/ansible-playbook -i tests/{{ inventory_file }} -e @tests/test-vars.yml showElasticCluster.yml"
environment:
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"

5
elk_metrics_6x/tests/inventory/test-inventory.yml → elk_metrics_6x/tests/inventory/test-container-inventory.yml
View File

@ -10,11 +10,12 @@ hosts:
ansible_user: root
vars:
physical_host: localhost
management_cidr: "172.29.236.0/24"
container_networks:
management_address:
address: "172.29.236.1"
netmask: "255.255.255.0"
bridge: "br-mgmt"
bridge: "{{ hostvars[physical_host]['ansible_default_ipv4']['alias'] }}"
all_containers:
@ -25,7 +26,7 @@ all_containers:
management_address:
address: "{{ ansible_host }}"
netmask: "255.255.255.0"
bridge: "br-mgmt"
bridge: "{{ hostvars[physical_host]['ansible_default_ipv4']['alias'] }}"
children:
elastic-logstash:

24
elk_metrics_6x/tests/inventory/test-metal-inventory.yml Normal file
View File

@ -0,0 +1,24 @@
---
# The hosts group is used to target physical host machines. Enter all physical
# host machines here.
hosts:
children:
physical_hosts:
hosts:
localhost:
ansible_host: 127.0.0.1
ansible_user: root
vars:
physical_host: localhost
elastic-logstash:
hosts:
localhost: {}
kibana:
hosts:
localhost: {}
apm-server:
hosts:
localhost: {}

4
elk_metrics_6x/tests/manual-test.rc
View File

@ -10,7 +10,7 @@ if [[ ! -d "/tmp/elk-metrics-6x-logs" ]]; then
fi
echo "To build a test environment run the following:"
echo -e "# /root/ansible25/bin/ansible-playbook -i tests/inventory/test-inventory.yml tests/test.yml --limit localhost\n"
echo -e "# /root/ansible25/bin/ansible-playbook -i tests/inventory/test-container-inventory.yml tests/test.yml --limit localhost\n"
echo "Run manual functional tests by executing the following:"
echo -e "# /root/ansible25/bin/ansible-playbook -i tests/inventory/test-inventory.yml site.yml\n"
echo -e "# /root/ansible25/bin/ansible-playbook -i tests/inventory/test-container-inventory.yml site.yml\n"

3
elk_metrics_6x/tests/test-vars.yml
View File

@ -22,6 +22,3 @@ q_mem: 128
h_mem: 512
osa_test_repo: "openstack/openstack-ansible-ops"
# Set the data interface to a known value
elastic_data_interface: "{{ (inventory_hostname == 'localhost') | ternary('mv-mgmt', 'mv-mv-mgmt') }}"

6
zuul.d/jobs.yaml
View File

@ -36,6 +36,12 @@
# nodeset: opensuse-423
# voting: false
- job:
name: "openstack-ansible-ops:elk_metrics_6x-ubuntu-trusty"
parent: "openstack-ansible-ops:elk_metrics_6x-ubuntu-xenial"
nodeset: ubuntu-trusty
voting: false
- job:
name: "openstack-ansible-ops:elk_metrics_6x-ubuntu-bionic"
parent: "openstack-ansible-ops:elk_metrics_6x-ubuntu-xenial"

1
zuul.d/project.yaml
View File

@ -17,6 +17,7 @@
- openstack-ansible-role-jobs
check:
jobs:
- "openstack-ansible-ops:elk_metrics_6x-ubuntu-trusty"
- "openstack-ansible-ops:elk_metrics_6x-ubuntu-xenial"
- "openstack-ansible-ops:elk_metrics_6x-ubuntu-bionic"
gate: