openstack
/
openstack-ansible-ops
Code Issues Proposed changes
openstack-ansible-ops/overlay-inventories/osa-integration-inventory.yml

196 lines
8.0 KiB
YAML
Raw Blame History

---
all_systems:
vars:
# General Ansible options for OSA
ansible_become: yes
ansible_become_user: "root"
ansible_user: "root"
physical_host: "{{ inventory_hostname }}"
children:
all_hosts:
children:
hosts: {}
systems:
vars:
## HAProxy options
haproxy_extra_services:
- service:
haproxy_service_name: skydive_analyzer
haproxy_backend_nodes: "{{ groups['skydive_analyzers'] | default([]) }}"
haproxy_bind: "{{ [internal_lb_vip_address] }}"
haproxy_port: 8082
haproxy_balance_type: http
haproxy_ssl: true
haproxy_backend_options:
- "httpchk HEAD / HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck"
- service:
haproxy_service_name: traefik
haproxy_backend_nodes: "{{ groups['skydive_analyzers'] | default([]) }}"
haproxy_bind: "{{ [internal_lb_vip_address] }}"
haproxy_port: 8090
haproxy_balance_type: http
haproxy_ssl: true
haproxy_backend_options:
- "httpchk HEAD / HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck"
haproxy_backend_httpcheck_options:
- expect rstatus 200|401
- service:
haproxy_service_name: elasticsearch
haproxy_backend_nodes: "{{ groups['elastic-logstash'] | default([]) }}"
haproxy_ssl: True
haproxy_port: 9201
haproxy_backend_port: 9200
haproxy_balance_type: http
haproxy_backend_options:
- "httpchk HEAD / HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck"
- service:
haproxy_service_name: kibana_ssl
haproxy_backend_nodes: "{{ groups['kibana'] | default([]) }}"
haproxy_ssl: True
haproxy_port: 8443
haproxy_backend_port: 81
haproxy_balance_type: tcp
haproxy_backend_options:
- tcpka
- service:
haproxy_service_name: apm-server
haproxy_backend_nodes: "{{ groups['apm-server'] | default([]) }}"
haproxy_ssl: True
haproxy_port: 8200
haproxy_balance_type: tcp
haproxy_backend_options:
- tcpka
- service:
haproxy_service_name: kolide-fleet
haproxy_backend_nodes: "{{ groups['kolide-fleet_all'] | default([]) }}"
haproxy_ssl: True
haproxy_port: 6443
haproxy_check_port: 443
haproxy_backend_port: 443
haproxy_balance_type: tcp
haproxy_backend_options:
- tcpka
- service:
haproxy_service_name: grafana
haproxy_backend_nodes: "{{ groups['grafana_all'] | default([]) }}"
haproxy_ssl: True
haproxy_port: 3000
haproxy_balance_type: http
haproxy_backend_options:
- "httpchk HEAD / HTTP/1.0\\r\\nUser-agent:\\ osa-haproxy-healthcheck"
children:
traefik_all:
children:
traefik_build_nodes:
hosts: {}
vars: {}
children: {}
skydive_all:
vars:
skydive_elasticsearch_servers: "{{ groups['elastic-logstash_all'] | map('extract', hostvars, ['ansible_host']) | list | join(',') }}"
skydive_bind_address: "{{ container_address | default(ansible_host) }}"
children:
skydive_build_nodes:
hosts: {}
vars: {}
children: {}
skydive_agents:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
skydive_analyzers:
children:
utility_all: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
elk_all:
vars:
elastic_skydive_retention: 2 # Elastic retention set to 2 days max
elastic_skydive_size: 51200 # Elastic retention set to 50GiB max
elastic_setup_flags:
- "--template"
- "--pipelines"
- "--machine-learning"
children:
elastic-logstash_all:
children:
elastic-logstash:
children:
log_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
kibana_all:
children:
kibana:
children:
log_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
beats_all:
vars:
elastic_retention_refresh: true
auditbeat_service_state: "{{ (inventory_hostname in (groups['hosts'] | default([]))) | ternary('restarted', 'stopped') }}"
filebeat_service_state: "{{ (inventory_hostname in (groups['hosts'] | default([]))) | ternary('restarted', 'stopped') }}"
heartbeat_service_state: "{{ (inventory_hostname in (groups['kibana_all'] | default([]))) | ternary('restarted', 'stopped') }}"
journalbeat_service_state: "{{ (inventory_hostname in (groups['hosts'] | default([]))) | ternary('restarted', 'stopped') }}"
metricbeat_service_state: "{{ (inventory_hostname in (groups['hosts'] | default([]))) | ternary('restarted', 'stopped') }}"
packetbeat_service_state: "{{ (inventory_hostname in (groups['network_hosts'] | default([]))) | ternary('restarted', 'stopped') }}"
children:
auditbeat:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
filebeat:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
heatbeat:
children:
kibana_all: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
journalbeat:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
metricbeat:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
packetbeat:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
apm-server_all:
children:
apm-server:
children:
log_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
fleet_all:
children:
kolide-db_all:
children:
kolide-db:
children:
log_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
kolide-fleet_all:
children:
kolide-fleet:
children:
log_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
osquery_all:
children:
osquery:
children:
all_hosts: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
grafana_all:
children:
grafana:
children:
utility_all: {} # This is an osa native group, as such nothing needs to be added. Values will be inherited.
View Git Blame Copy Permalink