Bump ansible version to 2.10.5
Prefer python3 over python2
Fix ansible str vs int comparisons
Print a message if setting defaultIndex in kibana 6 fails
Use saved_objects API for setting defaultIndex in kibana 7
Update version in dashboard path for 7x
ILM doesn't like bodies from GET requests
Stop using forked galera_server role, now that 633321 is merged
Force osquery inventory to python3
Update zuul jobs
Change-Id: Ibfc20b1605245927ad4de4a54e751a13defb1ee0
This change updates the galera deployment options for kolide which will
allow it to co-exist on the same host as an elasticsearch environment.
Because the galera cluster for kolide is on the backend, and not user
facing the installation and setup of a VIP for the backend galera
cluster is not needed.
Change-Id: Ia5f581ebb028bf35c00dc7606b0eb1a12ad54670
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This change implements namespaced variables and conditionals in needed
services. This will ensure systems running these playbooks are able to
be deployed in isolation without making osa specific assumptions.
Change-Id: Ia20b8514144f0b0bf925d405f06ef2ddc28f1003
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The use of an overlay inventory has now been added to a stand alone
directory which should help deployers understand how this could work
within their environments. Inventory configuration has been updated to
show this working in the various projects that have tests and could
benefit from an overlay inventory.
Change-Id: I1681fce160b43e9127851f06ae05ff5eaabe852f
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This change allows the embedded ansible process to be configurable by
the end user.
* Python requirements and ansible roles will all now be user
configurable.
* Setup is now a local only playbook. This playbook replaces the bash
commands we were rerunning when the `bootstrap-embedded-ansible.sh`
script was executed.
* Embedded ansible version is now 2.7.5 as default.
* Deprecation warnings have been resolved.
* Tests impacted by this change have been updated.
Change-Id: I4303c44e249cda31457a4f05a681e298d225a8b7
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Fix the failing elk_metrics_6x tests by changing the ansible venv path
to ~/ansible_venv. Update tests to ensure when the bootstrap ansible
script changes both osquery and elk_metrics_6x tests are run.
Change-Id: Ic79c52ae21294373ca67be264fd287fdf32b4c9a
This fixes the issue where osquery does not log locally; making
the elk_metrics_6x integration possible.
Change-Id: Ice506018757dee5ee02ef7fa0593ce06aae9c515
The role is further being pruned and made more efficient.
Change-Id: I75de7063164959041193526e519682ba80185250
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The stable release of the kolide has been cut. This change sets our used
version of kolide to "2.0.0".
Change-Id: Ie488fe42e98bd96f5777c1c893fc79e50a2eddee
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This change removes things we don't need and simplifies the task
execution.
Change-Id: I5be516311eaadd634990a4b9006d1ceec4de5847
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
osquery supply quite a few query packs that may be useful from within
the fleet UI. This change adds a playbook to convert the native query
packs into fleet configs and applys them.
Change-Id: Ifef741d2c7aca147e5ac327a84cfdc20551df441
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This cleanup should make things easier to integrate with OSA
while also better supporting a stand alone deployment.
Change-Id: I7321981a9ced7bf2e807a25cadde5463b39eef8f
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The osquery tooling needed a little work to be fully automated and
repeatable. This change tunes up the tools and makes the entire
deployment process multi-node capable and repeatable.
The osquery role was vendored because of bugs within their use of aarmor
profiles and there was no way to disable them.
The fleet use of commands for ssl creation have been removed. The ssl
modules are now being used to generate all of the certificates.
New pre-tasks have been added to check for required variables. If the
required variables are not set the playbooks will fail early and notify
the user of the issue.
Change-Id: I88c2b40ed9d9a88a39bdf07b0dce2900fda50151
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
* move playbooks to roles
* update documentation
* update haproxy
- set 6443 as default port for kolide fleet
* add galera support
Change-Id: I2fdefcb6bec98486c16b54cf33e2b7940b88d50b
The fleet env.d config had a typo in it which would causing a failure
within OSA dynamic inventory. This corrects the issue.
Change-Id: I36016f4733a8800adbcce71abbb290ab4a24798b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Georgina Shippey