x
/
fuel-plugin-elasticsearch-kibana
Code Issues Proposed changes

Retire repository 

Fuel repositories are all retired in openstack namespace, retire
remaining fuel repos in x namespace since they are unused now.

This change removes all content from the repository and adds the usual
README file to point out that the repository is retired following the
process from
https://docs.openstack.org/infra/manual/drivers.html#retiring-a-project

See also
http://lists.openstack.org/pipermail/openstack-discuss/2019-December/011675.html

A related change is: https://review.opendev.org/699752 .

Change-Id: Ic1a73a0127e813fa5907e0639c47e61b1326add2
This commit is contained in:
Andreas Jaeger 2019-12-18 19:36:10 +01:00
parent d5038eec82
commit ae84af7fb4
137 changed files with 10 additions and 7477 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -1,4 +0,0 @@
.bundled_gems/
.build/
elasticsearch_kibana*rpm
.tox

201
LICENSE
View File

@ -1,201 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

92
README.md
View File

@ -1,92 +0,0 @@
The StackLight Elasticsearch-Kibana Plugin for Fuel
===================================================
The StackLight Elasticsearch-Kibana Plugin for Fuel is used
to install and configure [Elasticsearch](
https://www.elastic.co/products/elasticsearch) and
[Kibana](https://www.elastic.co/products/kibana) which collectively
provide access to the logs and notifications analytics of
Mirantis OpenStack. The logs and the notifications of Mirantis
OpenStack are collected and processed by the [StackLight Collector](
http://fuel-plugin-lma-collector.readthedocs.org/en/latest/index.html).
Please go to the [Elasticsearch-Kibana Plugin Overview](
http://fuel-plugin-elasticsearch-kibana.readthedocs.org/en/latest/overview.html#overview)
to getting started.
Release Notes
-------------
A summary description of the new features are provided in the
[Release Notes](
http://fuel-plugin-elasticsearch-kibana.readthedocs.org/en/latest/releases.html)
section of the plugin documentation.
Requirements
------------
The requirements are defined in the [Requirements](
http://fuel-plugin-elasticsearch-kibana.readthedocs.org/en/latest/overview.html#requirements)
section of the plugin documentation.
Known issues
------------
All known issues are listed on [Launchpad](
https://bugs.launchpad.net/lma-toolchain).
Limitations
-----------
All known limitations are described in the [Limitations](
http://fuel-plugin-elasticsearch-kibana.readthedocs.org/en/latest/overview.html#limitations)
section of the plugin documentation.
Installation
------------
The installation instructions are provided in the [Installation](
http://fuel-plugin-elasticsearch-kibana.readthedocs.org/en/latest/installation.html)
section of the plugin documentation.
User Guide
----------
Instructions for how to configure and use the Elasticsearch-Kibana Plugin
are provided in the [User Guide](
http://fuel-plugin-elasticsearch-kibana.readthedocs.org/en/latest/user.html)
section of the plugin documentation.
Communication
-------------
The *OpenStack Development Mailing List* is the preferred way to communicate
with the members of the project.
Emails should be sent to `openstack-dev@lists.openstack.org` with the subject
prefixed by `[fuel][plugins][lma]`.
Reporting Bugs
--------------
Bugs should be filed against the [LMA Toolchain project](
https://launchpad.net/lma-toolchain) on Launchpad (not Github!).
Contributing
------------
If you would like to contribute to the development of this plugin you must
follow the [OpenStack development workflow](
http://docs.openstack.org/infra/manual/developers.html#development-workflow)
instructions.
Patch reviews take place within [OpenStack Gerrit](
https://review.openstack.org/#/q/status:open+project:openstack/fuel-plugin-elasticsearch-kibana,n,z)
system.
Contributors
------------
* Guillaume Thouvenin <gthouvenin@mirantis.com>
* Patrick Petit <ppetit@mirantis.com>
* Simon Pasquier <spasquier@mirantis.com>
* Swann Croiset <scroiset@mirantis.com>

10
README.rst Normal file
View File

@ -0,0 +1,10 @@
This project is no longer maintained.
The contents of this repository are still available in the Git
source code management system. To see the contents of this
repository before it reached its end of life, please check out the
previous commit with "git checkout HEAD^1".
For any further questions, please email
openstack-discuss@lists.openstack.org or join #openstack-dev on
Freenode.

2
deployment_scripts/puppet/manifests/.gitignore vendored
View File

@ -1,2 +0,0 @@
Gemfile.lock
.bundle

23
deployment_scripts/puppet/manifests/Gemfile
View File

@ -1,23 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
source 'https://rubygems.org'
group :development, :test do
gem 'rake'
gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.4.0'
# Newer puppetlabs_spec_helper depends on rubocop-rspec that requires ruby >= 2.2.0
gem 'puppetlabs_spec_helper', '~> 1.1.1'
# puppet-lint >= 2.2.0 don't support Puppet 3.x anymore
gem 'puppet-lint', '~> 2.1.0'
end

13
deployment_scripts/puppet/manifests/Rakefile
View File

@ -1,13 +0,0 @@
require 'puppet-lint/tasks/puppet-lint'
require 'puppet-syntax/tasks/puppet-syntax'
PuppetLint.configuration.fail_on_warnings = true
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.send('disable_class_inherits_from_params_class')
PuppetLint.configuration.send('disable_class_parameter_defaults')
desc "Run lint, and syntax tests."
task :test => [
:lint,
:syntax,
]

32
deployment_scripts/puppet/manifests/check_environment_configuration.pp
View File

@ -1,32 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: check_environment_configuration.pp')
# Check that JVM size doesn't exceed the physical RAM size
$jvm_heap_size = hiera('lma::elasticsearch::jvm_size')
$jvmsize_mb = ($jvm_heap_size + 0.0) * 1024
if $jvmsize_mb >= $::memorysize_mb {
fail("The configured JVM size (${jvm_heap_size} GB) is greater than the system RAM (${::memorysize}).")
}
$kibana_tls = hiera_hash('lma::kibana::tls')
if $kibana_tls['enabled'] {
$certificate = $kibana_tls['cert_file_path']
$common_name = $kibana_tls['hostname']
# function validate_ssl_certificate() must be the value of a statement, so
# we must use it in a statement.
$not_used = validate_ssl_certificate($certificate, $common_name)
}

183
deployment_scripts/puppet/manifests/cluster-haproxy.pp
View File

@ -1,183 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: cluster-haproxy.pp')
$fuel_version = 0 + hiera('fuel_version')
$network_scheme = hiera_hash('network_scheme', {})
$haproxy_hash = hiera_hash('haproxy', {})
$haproxy_maxconn = '16000'
$haproxy_bufsize = '32768'
$other_networks = direct_networks($network_scheme['endpoints'])
$haproxy_maxrewrite = '1024'
$haproxy_log_file = '/var/log/haproxy.log'
$haproxy_ssl_default_dh_param = '2048'
$primary_controller = false
$debug = false
$spread_checks = '3'
#FIXME(mattymo): Replace with only VIPs for roles assigned to this node
include ::concat::setup
include ::haproxy::params
include ::rsyslog::params
package { 'haproxy':
name => $::haproxy::params::package_name,
}
#NOTE(bogdando) we want defaults w/o chroot
# and this override looks the only possible if
# upstream manifests must be kept intact
$global_options = {
'log' => '/dev/log local0',
'pidfile' => '/var/run/haproxy.pid',
'maxconn' => $haproxy_maxconn,
'user' => 'haproxy',
'group' => 'haproxy',
'daemon' => '',
'stats' => 'socket /var/lib/haproxy/stats',
'spread-checks' => $spread_checks,
'tune.bufsize' => $haproxy_bufsize,
'tune.maxrewrite' => $haproxy_maxrewrite,
'tune.ssl.default-dh-param' => $haproxy_ssl_default_dh_param,
'ssl-default-bind-options' => 'no-sslv3 no-tls-tickets',
'ssl-default-server-options' => 'no-sslv3 no-tls-tickets',
}
$defaults_options = {
'log' => 'global',
'maxconn' => '8000',
'mode' => 'http',
'retries' => '3',
'option' => [
'redispatch',
'http-server-close',
'splice-auto',
'dontlognull',
],
'timeout' => [
'http-request 20s',
'queue 1m',
'connect 10s',
'client 1m',
'server 1m',
'check 10s',
],
}
$service_name = 'p_haproxy'
class { 'haproxy::base':
global_options => $global_options,
defaults_options => $defaults_options,
stats_ipaddresses => ['127.0.0.1'],
use_include => true,
}
# IP forwarding needs to be enabled for multi-rack environments
# See https://bugs.launchpad.net/lma-toolchain/+bug/1604432
sysctl::value { 'net.ipv4.ip_forward': value => '1' }
sysctl::value { 'net.ipv4.ip_nonlocal_bind':
value => '1'
}
service { 'haproxy' :
ensure => 'running',
name => $service_name,
enable => true,
hasstatus => true,
hasrestart => true,
}
tweaks::ubuntu_service_override { 'haproxy' :
service_name => 'haproxy',
package_name => $haproxy::params::package_name,
}
class { 'cluster::haproxy::rsyslog':
log_file => $haproxy_log_file,
}
Package['haproxy'] ->
Class['haproxy::base']
Class['haproxy::base'] ~>
Service['haproxy']
Package['haproxy'] ~>
Service['haproxy']
Sysctl::Value['net.ipv4.ip_nonlocal_bind', 'net.ipv4.ip_forward'] ~>
Service['haproxy']
# Pacemaker
$primitive_type = 'ns_haproxy'
$complex_type = 'clone'
$metadata = {
'migration-threshold' => '3',
'failure-timeout' => '120',
}
$parameters = {
'ns' => 'haproxy',
'debug' => $debug,
'other_networks' => $other_networks,
}
$operations = {
'monitor' => {
'interval' => '30',
'timeout' => '60'
},
'start' => {
'timeout' => '60'
},
'stop' => {
'timeout' => '60'
},
}
if $fuel_version < 9.0 {
pacemaker_wrappers::service { $service_name :
primitive_type => $primitive_type,
parameters => $parameters,
metadata => $metadata,
operations => $operations,
ms_metadata => {
'interleave' => true,
},
complex_type => $complex_type,
prefix => false,
}
Cs_resource[$service_name] ->
Service[$service_name]
} else {
pacemaker::service { $service_name :
primitive_type => $primitive_type,
parameters => $parameters,
metadata => $metadata,
operations => $operations,
complex_metadata => {
'interleave' => true,
},
complex_type => $complex_type,
prefix => false,
}
Pcmk_resource[$service_name] ->
Service[$service_name]
}

77
deployment_scripts/puppet/manifests/cluster.pp
View File

@ -1,77 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: cluster.pp')
# Compared to the osnailyfacter/modular/cluster/cluster.pp manifest, this task
# supports the use case where the Pacemaker cluster is made of several
# unrelated roles.
prepare_network_config(hiera_hash('network_scheme'))
$fuel_version = 0 + hiera('fuel_version')
$corosync_nodes = corosync_nodes(
get_nodes_hash_by_roles(
hiera_hash('network_metadata'),
hiera_array('lma::corosync_roles')
),
'mgmt/corosync'
)
$cluster_recheck_interval = hiera('cluster_recheck_interval', '190s')
if $fuel_version < 9.0 {
class { '::cluster':
internal_address => get_network_role_property('mgmt/corosync', 'ipaddr'),
corosync_nodes => $corosync_nodes,
cluster_recheck_interval => $cluster_recheck_interval,
}
} else {
$corosync_nodes_processed = corosync_nodes_process($corosync_nodes)
class { '::cluster':
internal_address => get_network_role_property('mgmt/corosync', 'ipaddr'),
quorum_members => $corosync_nodes_processed['ips'],
unicast_addresses => $corosync_nodes_processed['ips'],
quorum_members_ids => $corosync_nodes_processed['ids'],
cluster_recheck_interval => $cluster_recheck_interval,
}
}
pcmk_nodes { 'pacemaker' :
nodes => $corosync_nodes,
add_pacemaker_nodes => false,
}
Service <| title == 'corosync' |> {
subscribe => File['/etc/corosync/service.d'],
require => File['/etc/corosync/corosync.conf'],
}
Service['corosync'] -> Pcmk_nodes<||>
Pcmk_nodes<||> -> Service<| provider == 'pacemaker' |>
# Sometimes during first start pacemaker can not connect to corosync
# via IPC due to pacemaker and corosync processes are run under different users
if($::operatingsystem == 'Ubuntu') {
$pacemaker_run_uid = 'hacluster'
$pacemaker_run_gid = 'haclient'
file {'/etc/corosync/uidgid.d/pacemaker':
content =>"uidgid {
uid: ${pacemaker_run_uid}
gid: ${pacemaker_run_gid}
}"
}
File['/etc/corosync/corosync.conf'] -> File['/etc/corosync/uidgid.d/pacemaker'] -> Service <| title == 'corosync' |>
}

51
deployment_scripts/puppet/manifests/configure_default_route.pp
View File

@ -1,51 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-influxdb-grafana: configure_default_route.pp')
$fuel_version = 0 + hiera('fuel_version')
if $fuel_version < 9.0 {
# The code below is a copy-paste from configure_default_route.pp in
# fuel-library (branch stable/8.0)
# Unfortunately we have no way to do otherwise since we need to support both
# MOS 8 and MOS 9
$network_scheme = hiera_hash('network_scheme', {})
$management_vrouter_vip = hiera('management_vrouter_vip')
$management_role = 'management'
$fw_admin_role = 'fw-admin'
if ( $::l23_os =~ /(?i:centos6)/ and $::kernelmajversion == '3.10' ) {
$ovs_datapath_package_name = 'kmod-openvswitch-lt'
}
$use_ovs_dkms_datapath_module = $::l23_os ? {
/(?i:redhat7|centos7)/ => false,
default => true
}
class { 'l23network' :
use_ovs => hiera('use_ovs', false),
use_ovs_dkms_datapath_module => $use_ovs_dkms_datapath_module,
ovs_datapath_package_name => $ovs_datapath_package_name,
}
$new_network_scheme = configure_default_route($network_scheme, $management_vrouter_vip, $fw_admin_role, $management_role )
notice ($new_network_scheme)
if !empty($new_network_scheme) {
prepare_network_config($new_network_scheme)
$sdn = generate_network_config()
notify {'SDN': message => $sdn }
}
}

67
deployment_scripts/puppet/manifests/elasticsearch.pp
View File

@ -1,67 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: elasticsearch.pp')
# Java
$java = $::operatingsystem ? {
CentOS => 'java-1.8.0-openjdk-headless',
Ubuntu => 'openjdk-7-jre-headless'
}
# Ensure that java is installed
package { $java:
ensure => installed,
}
class { 'lma_logging_analytics::elasticsearch':
listen_address => hiera('lma::elasticsearch::listen_address'),
node_name => hiera('lma::elasticsearch::node_name'),
nodes => hiera('lma::elasticsearch::nodes'),
data_dir => hiera('lma::elasticsearch::data_dir'),
instance_name => hiera('lma::elasticsearch::instance_name'),
heap_size => hiera('lma::elasticsearch::jvm_size'),
cluster_name => hiera('lma::elasticsearch::cluster_name'),
logs_dir => hiera('lma::elasticsearch::logs_dir'),
minimum_master_nodes => hiera('lma::elasticsearch::minimum_master_nodes'),
recover_after_time => hiera('lma::elasticsearch::recover_after_time'),
recover_after_nodes => hiera('lma::elasticsearch::recover_after_nodes'),
# The Telemetry plugin creates values for 'script_inline' and 'script_indexed' in hiera if enabled
# default value is 'sandbox';
# related documentation:
# https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-scripting.html#enable-dynamic-scripting
script_inline => hiera('lma::elasticsearch::script_inline', 'sandbox'),
script_indexed => hiera('lma::elasticsearch::script_indexed', 'sandbox'),
version => '2.3.3',
require => Package[$java],
}
# The plugin's packages used to have a higher priority but this isn't the case
# anymore on MOS 9. Since MOS ships an older version of python-elasticsearch
# (incompatible with python-elasticsearch-curator), we need to force the
# installation of python-elasticsearch before installing the curator package.
package { 'python-elasticsearch':
ensure => '2.3.0',
}
# The curator is installed on all the nodes but by configuration, it will only
# be executed on the ES cluster master node
class { 'lma_logging_analytics::curator':
host => hiera('lma::elasticsearch::listen_address'),
port => hiera('lma::elasticsearch::rest_port'),
retention_period => hiera('lma::elasticsearch::retention_period'),
prefixes => ['log', 'notification'],
package_version => '4.0.6',
require => Package['python-elasticsearch'],
}

42
deployment_scripts/puppet/manifests/enable_quorum.pp
View File

@ -1,42 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: enable_quorum.pp')
prepare_network_config(hiera_hash('network_scheme', {}))
$corosync_roles = hiera_array('lma::corosync_roles')
$network_metadata = hiera_hash('network_metadata')
$nodes = get_nodes_hash_by_roles($network_metadata, $corosync_roles)
$fuel_version = 0 + hiera('fuel_version')
if count($nodes) > 2 {
$policy = 'stop'
} else {
$policy = 'ignore'
}
if $fuel_version < 9.0 {
# The default provider ('pcs') fails to change the property's value so we have
# to force the use of 'crm'
cs_property { 'no-quorum-policy':
ensure => present,
value => $policy,
provider => 'crm',
}
} else {
pcmk_property { 'no-quorum-policy':
ensure => present,
value => $policy,
}
}

97
deployment_scripts/puppet/manifests/firewall.pp
View File

@ -1,97 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: firewall.pp')
$authnz = hiera_hash('lma::kibana::authnz')
class {'::firewall':}
firewall { '000 accept all icmp requests':
proto => 'icmp',
action => 'accept',
}
firewall { '001 accept all to lo interface':
proto => 'all',
iniface => 'lo',
action => 'accept',
}
firewall { '002 accept related established rules':
proto => 'all',
state => ['RELATED', 'ESTABLISHED'],
action => 'accept',
}
firewall {'020 ssh':
port => 22,
proto => 'tcp',
action => 'accept',
}
firewall { '113 corosync-input':
port => 5404,
proto => 'udp',
action => 'accept',
}
firewall { '114 corosync-output':
port => 5405,
proto => 'udp',
action => 'accept',
}
firewall { '100 elasticsearch REST':
port => hiera('lma::elasticsearch::rest_port'),
proto => 'tcp',
action => 'accept',
}
firewall { '110 elasticsearch clustering':
port => hiera('lma::elasticsearch::clustering_port'),
proto => 'tcp',
action => 'accept',
}
firewall { '101 haproxy kibana':
port => hiera('lma::elasticsearch::kibana_frontend_port'),
proto => 'tcp',
action => 'accept',
}
firewall { '101 kibana':
port => hiera('lma::elasticsearch::kibana_port'),
proto => 'tcp',
action => 'accept',
}
firewall { '101 proxy-kibana':
port => hiera('lma::elasticsearch::apache_port'),
proto => 'tcp',
action => 'accept',
}
if $authnz['ldap_authorization_enabled'] {
firewall { '101 proxy-kibana-viewer':
port => hiera('lma::elasticsearch::apache_viewer_port'),
proto => 'tcp',
action => 'accept',
}
}
firewall { '999 drop all other requests':
proto => 'all',
chain => 'INPUT',
action => 'drop',
}

121
deployment_scripts/puppet/manifests/haproxy.pp
View File

@ -1,121 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: haproxy.pp')
$es_port = hiera('lma::elasticsearch::rest_port')
$kibana_backend_port = hiera('lma::elasticsearch::apache_port')
$kibana_backend_viewer_port = hiera('lma::elasticsearch::apache_viewer_port')
$kibana_frontend_port = hiera('lma::elasticsearch::kibana_frontend_port')
$kibana_frontend_viewer_port = hiera('lma::elasticsearch::kibana_frontend_viewer_port')
$es_vip = hiera('lma::elasticsearch::vip')
$kibana_vip = hiera('lma::kibana::vip')
$es_nodes_ips = hiera('lma::elasticsearch::nodes')
$es_nodes_names = prefix(range(1, size($es_nodes_ips)), 'server_')
$kibana_nodes_ips = hiera('lma::kibana::nodes')
$kibana_nodes_names = prefix(range(1, size($kibana_nodes_ips)), 'server_')
Openstack::Ha::Haproxy_service {
public => false,
public_ssl => false,
internal => true,
}
$es_haproxy_service = hiera('lma::elasticsearch::es_haproxy_service')
openstack::ha::haproxy_service { $es_haproxy_service:
order => '920',
internal_virtual_ip => $es_vip,
listen_port => $es_port,
server_names => $es_nodes_names,
ipaddresses => $es_nodes_ips,
balancermember_port => $es_port,
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
haproxy_config_options => {
'option' => ['httplog', 'http-keep-alive', 'prefer-last-server', 'dontlog-normal'],
'balance' => 'roundrobin',
'mode' => 'http',
}
}
$kibana_tls = hiera_hash('lma::kibana::tls')
$authnz = hiera_hash('lma::kibana::authnz')
if $kibana_tls['enabled'] {
openstack::ha::haproxy_service { 'kibana':
order => '921',
internal_ssl => true,
internal_ssl_path => $kibana_tls['cert_file_path'],
internal_virtual_ip => $kibana_vip,
listen_port => $kibana_frontend_port,
server_names => $kibana_nodes_names,
ipaddresses => $kibana_nodes_ips,
balancermember_port => $kibana_backend_port,
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
haproxy_config_options => {
'option' => ['httplog', 'http-keep-alive', 'prefer-last-server', 'dontlog-normal'],
'balance' => 'roundrobin',
'mode' => 'http',
},
}
if $authnz['ldap_enabled'] and $authnz['ldap_authorization_enabled'] {
openstack::ha::haproxy_service { 'kibana-viewer':
order => '922',
internal_ssl => true,
internal_ssl_path => $kibana_tls['cert_file_path'],
internal_virtual_ip => $kibana_vip,
listen_port => $kibana_frontend_viewer_port,
server_names => $kibana_nodes_names,
ipaddresses => $kibana_nodes_ips,
balancermember_port => $kibana_backend_viewer_port,
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
haproxy_config_options => {
'option' => ['httplog', 'http-keep-alive', 'prefer-last-server', 'dontlog-normal'],
'balance' => 'roundrobin',
'mode' => 'http',
},
}
}
} else {
openstack::ha::haproxy_service { 'kibana':
order => '921',
internal_virtual_ip => $kibana_vip,
listen_port => $kibana_frontend_port,
server_names => $kibana_nodes_names,
ipaddresses => $kibana_nodes_ips,
balancermember_port => $kibana_backend_port,
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
haproxy_config_options => {
'option' => ['httplog', 'http-keep-alive', 'prefer-last-server', 'dontlog-normal'],
'balance' => 'roundrobin',
'mode' => 'http',
}
}
if $authnz['ldap_enabled'] and $authnz['ldap_authorization_enabled'] {
openstack::ha::haproxy_service { 'kibana-viewer':
order => '922',
internal_virtual_ip => $kibana_vip,
listen_port => $kibana_frontend_viewer_port,
server_names => $kibana_nodes_names,
ipaddresses => $kibana_nodes_ips,
balancermember_port => $kibana_backend_viewer_port,
balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',
haproxy_config_options => {
'option' => ['httplog', 'http-keep-alive', 'prefer-last-server', 'dontlog-normal'],
'balance' => 'roundrobin',
'mode' => 'http',
}
}
}
}

227
deployment_scripts/puppet/manifests/hiera_override.pp
View File

@ -1,227 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: hiera_override.pp')
$fuel_version = 0 + hiera('fuel_version')
# Initialize network-related variables
$network_scheme = hiera_hash('network_scheme')
$network_metadata = hiera_hash('network_metadata')
prepare_network_config($network_scheme)
$elasticsearch_kibana = hiera_hash('elasticsearch_kibana')
$hiera_file = '/etc/hiera/plugins/elasticsearch_kibana.yaml'
$es_listen_address = get_network_role_property('elasticsearch', 'ipaddr')
$es_nodes = get_nodes_hash_by_roles($network_metadata, ['elasticsearch_kibana', 'primary-elasticsearch_kibana'])
$es_addresses_map = get_node_to_ipaddr_map_by_network_role($es_nodes, 'elasticsearch')
$es_ip_addresses = sort(values($es_addresses_map))
$es_nodes_count = count($es_nodes)
if ! $network_metadata['vips']['es_vip_mgmt'] {
fail('Elasticsearch VIP is not defined')
}
$elasticsearch_vip = $network_metadata['vips']['es_vip_mgmt']['ipaddr']
# For security reasons (eg not exposing Kibana directly on the public network),
# only the Kibana VIP should listen on the 'kibana' network and the Kibana
# services themselves should listen on the 'elasticsearch' network which is an
# equivalent of the management network for OpenStack.
$kibana_listen_address = $es_listen_address
$kibana_ip_addresses = $es_ip_addresses
if ! $network_metadata['vips']['kibana'] {
fail('Kibana VIP is not defined')
}
$kibana_vip = $network_metadata['vips']['kibana']['ipaddr']
if is_integer($elasticsearch_kibana['number_of_replicas']) and $elasticsearch_kibana['number_of_replicas'] < $es_nodes_count {
$number_of_replicas = 0 + $elasticsearch_kibana['number_of_replicas']
}else{
# Override the replication number otherwise this will lead to a stale cluster health
$number_of_replicas = $es_nodes_count - 1
notice("Set number_of_replicas to ${number_of_replicas}")
}
$retention_period = $elasticsearch_kibana['retention_period']
if is_integer($elasticsearch_kibana['minimum_master_nodes']) and $elasticsearch_kibana['minimum_master_nodes'] <= $es_nodes_count {
$minimum_master_nodes = 0 + $elasticsearch_kibana['minimum_master_nodes']
} elsif $es_nodes_count > 2 {
$minimum_master_nodes = floor($es_nodes_count / 2 + 1)
}else{
$minimum_master_nodes = 1
}
notice("Set minimum_master_nodes to ${minimum_master_nodes}")
if is_integer($elasticsearch_kibana['recover_after_time']) {
$recover_after_time = 0 + $elasticsearch_kibana['recover_after_time']
} else {
# Use the same default value as environment_config.yaml
# see #1593135
$recover_after_time = 5
notice("Set recover_after_time to ${recover_after_time}")
}
if is_integer($elasticsearch_kibana['recover_after_nodes']) and $elasticsearch_kibana['recover_after_nodes'] <= $es_nodes_count {
$recover_after_nodes = $elasticsearch_kibana['recover_after_nodes']
} else {
if $es_nodes_count <= 1 {
$recover_after_nodes = 1
} else {
$recover_after_nodes = floor($es_nodes_count * 2 / 3)
}
notice("Set recover_after_nodes to ${recover_after_nodes}")
}
$instance_name = 'es-01'
$logs_dir = "/var/log/elasticsearch/${instance_name}"
$tls_enabled = $elasticsearch_kibana['tls_enabled'] or false
if $tls_enabled {
$kibana_hostname = $elasticsearch_kibana['kibana_hostname']
$cert_base_dir = '/etc/haproxy'
$cert_dir = "${cert_base_dir}/certs"
$cert_file_path = "${cert_dir}/${elasticsearch_kibana['kibana_ssl_cert']['name']}"
file { $cert_base_dir:
ensure => directory,
mode => '0755'
}
file { $cert_dir:
ensure => directory,
mode => '0700',
require => File[$cert_base_dir]
}
file { $cert_file_path:
ensure => present,
mode => '0400',
content => $elasticsearch_kibana['kibana_ssl_cert']['content'],
require => File[$cert_dir]
}
}
$ldap_enabled = $elasticsearch_kibana['ldap_enabled'] or false
$ldap_protocol = $elasticsearch_kibana['ldap_protocol_for_kibana']
$ldap_servers = split($elasticsearch_kibana['ldap_servers'], '\s+')
$ldap_bind_dn = $elasticsearch_kibana['ldap_bind_dn']
$ldap_bind_password = $elasticsearch_kibana['ldap_bind_password']
$ldap_user_search_base_dns = $elasticsearch_kibana['ldap_user_search_base_dns']
$ldap_user_search_filter = $elasticsearch_kibana['ldap_user_search_filter']
$ldap_user_attribute = $elasticsearch_kibana['ldap_user_attribute']
$ldap_authorization_enabled = $elasticsearch_kibana['ldap_authorization_enabled'] or false
$ldap_group_attribute = $elasticsearch_kibana['ldap_group_attribute']
$ldap_admin_group_dn = $elasticsearch_kibana['ldap_admin_group_dn']
$ldap_viewer_group_dn = $elasticsearch_kibana['ldap_viewer_group_dn']
if empty($elasticsearch_kibana['ldap_server_port']) {
if downcase($ldap_protocol) == 'ldap' {
$ldap_port = 389
} else {
$ldap_port = 636
}
} else {
$ldap_port = $elasticsearch_kibana['ldap_server_port']
}
$calculated_content = inline_template('
---
lma::corosync_roles:
- primary-elasticsearch_kibana
- elasticsearch_kibana
lma::elasticsearch::vip: <%= @elasticsearch_vip %>
lma::elasticsearch::es_haproxy_service: elasticsearch-rest
lma::elasticsearch::listen_address: <%= @es_listen_address%>
<% if @tls_enabled -%>
lma::elasticsearch::kibana_frontend_port: 443
lma::elasticsearch::kibana_frontend_viewer_port: 8443
<% else -%>
lma::elasticsearch::kibana_frontend_port: 80
lma::elasticsearch::kibana_frontend_viewer_port: 8000
<% end -%>
lma::elasticsearch::apache_port: 80
lma::elasticsearch::apache_viewer_port: 81
lma::elasticsearch::kibana_port: 5601
lma::elasticsearch::kibana_index: .kibana
lma::elasticsearch::rest_port: 9200
lma::elasticsearch::clustering_port: 9300
lma::elasticsearch::nodes:
<% @es_ip_addresses.each do |x| -%>
- "<%= x %>"
<% end -%>
lma::elasticsearch::retention_period: <%= @retention_period %>
lma::elasticsearch::number_of_replicas: <%= @number_of_replicas %>
lma::elasticsearch::minimum_master_nodes: <%= @minimum_master_nodes %>
lma::elasticsearch::recover_after_time: <%= @recover_after_time %>
lma::elasticsearch::recover_after_nodes: <%= @recover_after_nodes %>
lma::elasticsearch::data_dir: "<%= @elasticsearch_kibana["data_dir"] %>"
lma::elasticsearch::logs_dir: "<%= @logs_dir %>"
lma::elasticsearch::jvm_size: <%= @elasticsearch_kibana["jvm_heap_size"] %>
lma::elasticsearch::instance_name: <%= @instance_name %>
lma::elasticsearch::node_name: "<%= @fqdn %>_es-01"
lma::elasticsearch::cluster_name: lma
lma::kibana::vip: <%= @kibana_vip %>
lma::kibana::listen_address: <%= @kibana_listen_address%>
lma::kibana::nodes:
<% @kibana_ip_addresses.each do |x| -%>
- "<%= x %>"
<% end -%>
lma::kibana::tls:
enabled: <%= @tls_enabled %>
<% if @tls_enabled -%>
hostname: "<%= @kibana_hostname %>"
cert_file_path: <%= @cert_file_path %>
<% end -%>
lma::kibana::authnz:
username: >-
<%= @elasticsearch_kibana["kibana_username"] %>
password: >-
<%= @elasticsearch_kibana["kibana_password"] %>
ldap_enabled: <%= @ldap_enabled %>
ldap_authorization_enabled: <%= @ldap_authorization_enabled %>
<% if @ldap_enabled -%>
ldap_servers:
<% @ldap_servers.each do |s| -%>
- "<%= s %>"
<% end -%>
ldap_protocol: <%= @ldap_protocol %>
ldap_port: <%= @ldap_port %>
ldap_bind_dn: >-
<%= @ldap_bind_dn %>
ldap_bind_password: >-
<%= @ldap_bind_password %>
ldap_user_search_base_dns: >-
<%= @ldap_user_search_base_dns %>
ldap_user_attribute: <%= @ldap_user_attribute %>
ldap_user_search_filter: >-
<%= @ldap_user_search_filter %>
ldap_group_attribute: >-
<%= @ldap_group_attribute %>
<% if @ldap_authorization_enabled -%>
ldap_admin_group_dn: >-
<%= @ldap_admin_group_dn %>
ldap_viewer_group_dn: >-
<%= @ldap_viewer_group_dn %>
<% end -%>
<% end -%>
')
file { $hiera_file:
ensure => file,
content => $calculated_content,
}
if $fuel_version >= 9.0 {
class { '::osnailyfacter::netconfig::hiera_default_route' :}
}

48
deployment_scripts/puppet/manifests/kibana.pp
View File

@ -1,48 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: kibana.pp')
class { 'lma_logging_analytics::kibana':
listen_address => '127.0.0.1',
listen_port => hiera('lma::elasticsearch::kibana_port'),
es_host => hiera('lma::elasticsearch::vip'),
es_port => hiera('lma::elasticsearch::rest_port'),
version => '4.5.1',
}
$authnz = hiera_hash('lma::kibana::authnz')
class { 'lma_logging_analytics::kibana_authentication':
listen_address => hiera('lma::elasticsearch::listen_address'),
listen_port => hiera('lma::elasticsearch::apache_port'),
kibana_address => '127.0.0.1',
kibana_port => hiera('lma::elasticsearch::kibana_port'),
username => $authnz['username'],
password => $authnz['password'],
ldap_enabled => $authnz['ldap_enabled'],
ldap_protocol => $authnz['ldap_protocol'],
ldap_port => $authnz['ldap_port'],
ldap_servers => $authnz['ldap_servers'],
ldap_bind_dn => $authnz['ldap_bind_dn'],
ldap_bind_password => $authnz['ldap_bind_password'],
ldap_user_search_base_dns => $authnz['ldap_user_search_base_dns'],
ldap_user_search_filter => $authnz['ldap_user_search_filter'],
ldap_user_attribute => $authnz['ldap_user_attribute'],
ldap_authorization_enabled => $authnz['ldap_authorization_enabled'],
listen_port_viewer => hiera('lma::elasticsearch::apache_viewer_port'),
ldap_group_attribute => $authnz['ldap_group_attribute'],
ldap_admin_group_dn => $authnz['ldap_admin_group_dn'],
ldap_viewer_group_dn => $authnz['ldap_viewer_group_dn'],
require => Class[lma_logging_analytics::kibana],
}

51
deployment_scripts/puppet/manifests/kibana_index_configuration.pp
View File

@ -1,51 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: kibana_index_configuration.pp')
$vip = hiera('lma::elasticsearch::vip')
$es_port = hiera('lma::elasticsearch::rest_port')
$kibana_index = hiera('lma::elasticsearch::kibana_index')
$number_of_replicas = hiera('lma::elasticsearch::number_of_replicas')
# Elasticsearch must be reachable through HAproxy before the template creation.
# This is due the fact that The Elasticsearch Puppet module miserably fails
# when HAproxy responds 503 with HTML content and this leads to never create
# the template.
haproxy_backend_status { 'elasticsearch':
name => hiera('lma::elasticsearch::es_haproxy_service'),
socket => '/var/lib/haproxy/stats',
}
# Kibana4 creates automatically its index when starting and configures fields
# mapping on the fly when first objects are created through the UI.
# In order to automate the dashboards importation, the Elasticsearch index
# template for Kibana4 must be created before Kibana starts.
# Then, correct fields mapping are present before importing objects
# (searches, visualizations and dashboards).
lma_logging_analytics::es_template { 'kibana4':
number_of_replicas => $number_of_replicas,
host => $vip,
port => $es_port,
index_template => $kibana_index,
require => Haproxy_backend_status['elasticsearch'],
}
# Import all Kibana objects in one time by issuing a Bulk request
class { 'lma_logging_analytics::kibana_dashboards':
host => $vip,
port => $es_port,
index => $kibana_index,
require => Lma_logging_analytics::Es_template['kibana4'],
}

95
deployment_scripts/puppet/manifests/provision_services.pp
View File

@ -1,95 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
notice('fuel-plugin-elasticsearch-kibana: provision_services.pp')
$deployment_id = hiera('deployment_id')
$master_ip = hiera('master_ip')
$es_vip = hiera('lma::elasticsearch::vip')
$kibana_vip = hiera('lma::kibana::vip')
$kibana_viewer_port = hiera('lma::elasticsearch::kibana_frontend_viewer_port')
$es_port = hiera('lma::elasticsearch::rest_port')
$number_of_replicas = hiera('lma::elasticsearch::number_of_replicas')
$kibana_index = hiera('lma::elasticsearch::kibana_index')
$authnz = hiera_hash('lma::kibana::authnz')
if $authnz['ldap_enabled'] and $authnz['ldap_authorization_enabled'] {
$two_links = true
} else {
$two_links = false
}
$kibana_tls = hiera_hash('lma::kibana::tls')
if $kibana_tls['enabled'] {
$protocol = 'https'
$kibana_hostname = $kibana_tls['hostname']
if $two_links {
$kibana_link_data = "{\"title\":\"Kibana (Admin role)\",\
\"description\":\"Dashboard for visualizing logs and notifications (${kibana_hostname}: ${protocol}://${kibana_vip})\",\
\"url\":\"${protocol}://${kibana_hostname}\"}"
$kibana_link_viewer_data = "{\"title\":\"Kibana (Viewer role)\",\
\"description\":\"Dashboard for visualizing logs and notifications (${kibana_hostname}: ${protocol}://${kibana_vip}:${kibana_viewer_port})\",\
\"url\":\"${protocol}://${kibana_hostname}:${kibana_viewer_port}/\"}"
} else {
$kibana_link_data = "{\"title\":\"Kibana\",\
\"description\":\"Dashboard for visualizing logs and notifications (${kibana_hostname}: ${protocol}://${kibana_vip})\",\
\"url\":\"${protocol}://${kibana_hostname}\"}"
}
} else {
$protocol = 'http'
if $two_links {
$kibana_link_data = "{\"title\":\"Kibana (Admin role)\",\
\"description\":\"Dashboard for visualizing logs and notifications\",\
\"url\":\"${protocol}://${kibana_vip}\"}"
$kibana_link_viewer_data = "{\"title\":\"Kibana (Viewer role)\",\
\"description\":\"Dashboard for visualizing logs and notifications\",\
\"url\":\"${protocol}://${kibana_vip}:${kibana_viewer_port}/\"}"
} else {
$kibana_link_data = "{\"title\":\"Kibana\",\
\"description\":\"Dashboard for visualizing logs and notifications\",\
\"url\":\"${protocol}://${kibana_vip}\"}"
}
}
lma_logging_analytics::es_template { ['log', 'notification', 'audit']:
number_of_replicas => $number_of_replicas,
host => $es_vip,
port => $es_port,
}
# Adjust the number of replicas for the Kibana index
exec { 'adjust_kibana_replicas':
command => "/usr/bin/curl -sL -XPUT http://${es_vip}:${es_port}/${kibana_index}/_settings \
-d '{\"index\": {\"number_of_replicas\": ${number_of_replicas}}}'"
}
$kibana_link_created_file = '/var/cache/kibana_link_created_up_1.x'
exec { 'notify_kibana_url':
creates => $kibana_link_created_file,
command => "/usr/bin/curl -sL -w \"%{http_code}\" \
-H 'Content-Type: application/json' -X POST -d '${kibana_link_data}' \
http://${master_ip}:8000/api/clusters/${deployment_id}/plugin_links \
-o /dev/null | /bin/grep 201 && touch ${kibana_link_created_file}",
}
if $two_links {
$kibana_viewer_link_created_file = '/var/cache/kibana_viewer_link_created_up_1.x'
exec { 'notify_kibana_url_for_viewer':
creates => $kibana_viewer_link_created_file,
command => "/usr/bin/curl -sL -w \"%{http_code}\" \
-H 'Content-Type: application/json' -X POST -d '${kibana_link_viewer_data}' \
http://${master_ip}:8000/api/clusters/${deployment_id}/plugin_links \
-o /dev/null | /bin/grep 201 && touch ${kibana_viewer_link_created_file}",
require => Exec['notify_kibana_url'],
}
}

19
deployment_scripts/puppet/modules/lma_logging_analytics/.fixtures.yml
View File

@ -1,19 +0,0 @@
fixtures:
repositories:
stdlib:
repo: "git://github.com/puppetlabs/puppetlabs-stdlib"
ref: "4.7.0"
elasticsearch:
repo: "git://github.com/elastic/puppet-elasticsearch"
ref: "0.9.1"
concat:
repo: "git://github.com/puppetlabs/puppetlabs-concat"
ref: "1.2.4"
apache:
repo: "git://github.com/puppetlabs/puppetlabs-apache"
ref: "1.5.0"
htpasswd:
repo: "git://github.com/leinaddm/puppet-htpasswd"
ref: "0.0.3"
symlinks:
lma_logging_analytics: "#{source_dir}"

5
deployment_scripts/puppet/modules/lma_logging_analytics/.gitignore vendored
View File

@ -1,5 +0,0 @@
spec/fixtures/modules/*
spec/fixtures/manifests/*
Gemfile.lock
files/kibana/src
.bundle

27
deployment_scripts/puppet/modules/lma_logging_analytics/Gemfile
View File

@ -1,27 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
source 'https://rubygems.org'
group :development, :test do
gem 'rake'
gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.4.0'
gem 'rspec'
gem 'rspec-puppet'
gem 'rspec-puppet-facts'
# Newer puppetlabs_spec_helper depends on rubocop-rspec that requires ruby >= 2.2.0
gem 'puppetlabs_spec_helper', '~> 1.1.1'
# puppet-lint >= 2.2.0 don't support Puppet 3.x anymore
gem 'puppet-lint', '~> 2.1.0'
gem 'metadata-json-lint'
end

202
deployment_scripts/puppet/modules/lma_logging_analytics/LICENSE
View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

44
deployment_scripts/puppet/modules/lma_logging_analytics/README.md
View File

@ -1,44 +0,0 @@
LMA Logging Analytics module for Puppet
=======================================
Description
-----------
Puppet module for configuring the Kibana dashboard and Elasticsearch.
Usage
-----
```puppet
class {'lma_logging_analytics::elasticsearch':
listen_address => 'localhost',
node_name => $::fqdn,
nodes => [$::fqdn, 'node-x', 'node-y']
data_dir => '/opt/es-data'
instance_name => 'es-01',
heap_size => 16,
cluster_name => 'my_cluster',
}
class {'lma_logging_analytics::kibana': }
```
Limitations
-----------
None.
License
-------
Licensed under the terms of the Apache License, version 2.0.
Contact
-------
Guillaume Thouvenin, <gthouvenin@mirantis.com>
Support
-------
See the Contact section.

29
deployment_scripts/puppet/modules/lma_logging_analytics/Rakefile
View File

@ -1,29 +0,0 @@
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint/tasks/puppet-lint'
require 'puppet-syntax/tasks/puppet-syntax'
require 'metadata-json-lint/rake_task'
PuppetLint.configuration.fail_on_warnings = true
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.send('disable_class_inherits_from_params_class')
PuppetLint.configuration.send('disable_class_parameter_defaults')
exclude_paths = [
"pkg/**/*",
"vendor/**/*",
"spec/**/*",
]
Rake::Task[:lint].clear
PuppetLint::RakeTask.new :lint do |config|
config.ignore_paths = exclude_paths
end
PuppetSyntax.exclude_paths = exclude_paths
desc "Run metadata_lint, lint, syntax, and spec tests."
task :test => [
:metadata_lint,
:lint,
:syntax,
:spec,
]

34
deployment_scripts/puppet/modules/lma_logging_analytics/files/elasticsearch_logging.yaml
View File

@ -1,34 +0,0 @@
# This file is managed by Puppet, do not edit manually, your changes *will* be overwritten!
es.logger.level: INFO
rootLogger: INFO, file
logger.action: DEBUG
logger.index.indexing.slowlog: TRACE, index_indexing_slow_log_file
logger.index.search.slowlog: TRACE, index_search_slow_log_file
additivity:
index.search.slowlog: false
index.indexing.slowlog: false
appender:
file:
type: file
file: ${path.logs}/${cluster.name}.log
layout:
type: pattern
conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
index_search_slow_log_file:
type: file
file: ${path.logs}/${cluster.name}_index_search_slowlog.log
layout:
type: pattern
conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
index_indexing_slow_log_file:
type: file
file: ${path.logs}/${cluster.name}_index_indexing_slowlog.log
layout:
type: pattern
conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"

65
deployment_scripts/puppet/modules/lma_logging_analytics/lib/puppet/parser/functions/validate_ssl_certificate.rb
View File

@ -1,65 +0,0 @@
# Inspired by cert_date_valid.rb found at
# https://github.com/camptocamp/puppet-openssl
#
# Function: validate_ssl_certificate()
#
# Checks SSL certificate date and CN validity. It also checks that the private
# key is embedded into the certificate.
#
# It raises an exception if:
# - the certificate has no private key
# - the CN of the certificate and the CN provided as argument don't match
# - the date is not found in the certificate
#
# It returns false if the certificate is expired or not yet valid
# Otherwise it returns the number of seconds before the certificate expires
#
# Parameter:
# - the path to the SSL certificate
# - the expected CN
module Puppet::Parser::Functions
newfunction(:validate_ssl_certificate, :type => :rvalue) do |args|
require 'time'
certfile = args[0]
# Check that file is a valid x509 certificate
err_msg = `openssl x509 -noout -in #{certfile}`
raise "'#{certfile}' is not a valid certificate" unless err_msg.chomp() == ""
dates = `openssl x509 -dates -noout -in #{certfile}`.gsub("\n", '')
subject = `openssl x509 -subject -noout -in #{certfile}`.gsub("\n", '')
pk = `openssl rsa -check -noout -in #{certfile}`.gsub("\n",'')
cn = subject.match(/CN=([^\/]+)/)
cn_found = cn[1] if cn
certbegin = Time.parse(dates.gsub(/.*notBefore=(.+? GMT).*/, '\1'))
certend = Time.parse(dates.gsub(/.*notAfter=(.+? GMT).*/, '\1'))
now = Time.now.utc
if (cn_found.start_with? "*." and not args[1].end_with? cn_found[1..-1]) or
(not cn_found.start_with? "*." and cn_found != args[1])
raise "Found #{cn_found} as CN whereas '#{args[1]}' was expected"
end
raise "The certificate file doesn't contain the private key" unless pk == 'RSA key ok'
raise "Dates not found in the certificate" unless dates.match(/not(Before|After)=/)
if (now > certend)
Puppet.warning("Certificate has expired. End date: #{certend}")
false
elsif (now < certbegin)
Puppet.warning("Certificate is not yet valid. Start date: #{certbegin}")
false
elsif (certend <= certbegin)
Puppet.warning("Certificate will never be valid")
false
else
# return the number of seconds before the certificate expires
(certend - now).to_i
end
end
end

89
deployment_scripts/puppet/modules/lma_logging_analytics/lib/puppet/provider/elasticsearch.rb
View File

@ -1,89 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'json'
require 'net/http'
class Puppet::Provider::Elasticsearch < Puppet::Provider
# Helper methods
def elasticsearch_host
unless @elasticsearch_host
@elasticsearch_host = URI.parse(resource[:url]).host
end
@elasticsearch_host
end
def elasticsearch_port
unless @elasticsearch_port
@elasticsearch_port = URI.parse(resource[:url]).port
end
@elasticsearch_port
end
def elasticsearch_scheme
unless @elasticsearch_scheme
@elasticsearch_scheme = URI.parse(resource[:url]).scheme
end
@elasticsearch_scheme
end
# Return a Net::HTTP::Response object
def send_request(operation="GET", path="", data=nil, search_path={})
request = nil
encoded_search = ""
if URI.respond_to?(:encode_www_form)
encoded_search = URI.encode_www_form(search_path)
else
# Ideally we would have use URI.encode_www_form but it isn't
# available with Ruby 1.8.x that ships with CentOS 6.5.
encoded_search = search_path.to_a.map do |x|
x.map{|y| CGI.escape(y.to_s)}.join('=')
end
encoded_search = encoded_search.join('&')
end
url = "%s://%s:%d%s?%s" % [
self.elasticsearch_scheme, self.elasticsearch_host, self.elasticsearch_port,
path, encoded_search]
Puppet.debug "URL #{operation} #{url}"
uri = URI.parse(url)
case operation.upcase
when 'POST'
request = Net::HTTP::Post.new(uri.request_uri)
request.body = data.to_json()
when 'PUT'
request = Net::HTTP::Put.new(uri.request_uri)
request.body = data.to_json()
when 'GET'
request = Net::HTTP::Get.new(uri.request_uri)
when 'DELETE'
request = Net::HTTP::Delete.new(uri.request_uri)
when 'HEAD'
request = Net::HTTP::Head.new(uri.request_uri)
else
raise Puppet::Error, "Unsupported HTTP operation '%s'" % operation
end
request.content_type = 'application/json'
return Net::HTTP.start(self.elasticsearch_host, self.elasticsearch_port) do |http|
http.request(request)
end
end
end

83
deployment_scripts/puppet/modules/lma_logging_analytics/lib/puppet/provider/kibana_object/elasticsearch.rb
View File

@ -1,83 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'json'
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'elasticsearch'))
Puppet::Type.type(:kibana_object).provide(:elasticsearch, :parent => Puppet::Provider::Elasticsearch) do
desc "Support for Kibana objects stored into Elasticsearch"
defaultfor :kernel => 'Linux'
def get_object_url
url = "/%s/%s/%s" % [resource[:elasticsearch_index], resource[:type], resource[:id]]
end
# Return the object matching with the resource's title
def find_object
url = get_object_url()
response = self.send_request('HEAD', url)
case response.code
when '404'
return
when '200'
response = self.send_request('GET', url)
@obj = JSON.parse(response.body)['_source']
else
fail("Fail to retrieve object '%s' (HTTP response: %s/%s)" %
[url, response.code, response.body])
end
end
def content
@obj
end
def check_response(operation, http_response)
Puppet.debug http_response.body
success = JSON.parse(http_response.body)['_shards']['successful']
if success == 0
url = get_object_url()
fail("Fail to #{operation} object #{url} (HTTP response #{response.body})")
end
end
def save_object(obj)
url = get_object_url()
response = self.send_request('PUT', url, obj)
check_response('save', response)
end
def content=(value)
self.save_object(value)
end
def create
self.save_object(resource[:content])
end
def destroy
url = get_object_url()
response = self.send_request('DELETE', url)
check_response('delete', response)
end
def exists?
self.find_object()
end
end

81
deployment_scripts/puppet/modules/lma_logging_analytics/lib/puppet/type/kibana_object.rb
View File

@ -1,81 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'json'
Puppet::Type.newtype(:kibana_object) do
@doc = "Manage Kibana objects"
ensurable
newparam(:id, :namevar => true) do
desc "The id of the object."
end
newparam(:type) do
desc "The type of the object.
valid type is one of: search, visualization, index-pattern or config
"
newvalues(:dashboard, :visualization, :search, :config, "index-pattern")
end
newproperty(:content) do
desc "The JSON representation of the object."
validate do |value|
begin
JSON.parse(value)
rescue JSON::ParserError
raise ArgumentError , "Invalid JSON string for content"
end
end
munge do |value|
JSON.parse(value)
end
def should_to_s(value)
if value.length > 12
"#{value.to_s.slice(0,12)}..."
else
value
end
end
def is_to_s(value)
should_to_s(value)
end
end
newparam(:url) do
desc "The URL of the Elasticseach server"
defaultto ""
validate do |value|
unless value =~ /^https?:\/\//
raise ArgumentError , "'%s' is not a valid URL" % value
end
end
end
newparam(:elasticsearch_index) do
defaultto ".kibana"
desc "The Elasticseach index server (optional)"
end
validate do
fail('content is required when ensure is present') if self[:ensure] == :present and self[:content].nil?
end
end

58
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/curator.pp
View File

@ -1,58 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class lma_logging_analytics::curator (
$host = 'localhost',
$port = '9200',
$retention_period = $lma_logging_analytics::params::retention_period,
$prefixes = $lma_logging_analytics::params::indexes_prefixes,
$package_version = 'latest',
) inherits lma_logging_analytics::params {
validate_integer($retention_period)
validate_array($prefixes)
package { 'python-elasticsearch-curator':
ensure => $package_version,
}
if size($prefixes) > 0 and $retention_period > 0 {
# Timestamps are UTC-based but the end-user may be in a different timezone.
# Lets add 1 day to the given retention period to make sure that we don't
# drop indices too early.
$real_retention_period = 1 + $retention_period
$regex = join($prefixes, '|')
file { '/etc/elasticsearch/curator.yaml':
ensure => present,
# This template uses $host and $port
content => template('lma_logging_analytics/curator.yaml.erb'),
}
file { '/etc/elasticsearch/delete_indices.yaml':
ensure => present,
# This template uses $regex and $real_retention_period
content => template('lma_logging_analytics/delete_indices.yaml.erb'),
}
cron { 'es-curator':
ensure => present,
command => '/usr/local/bin/curator --config /etc/elasticsearch/curator.yaml /etc/elasticsearch/delete_indices.yaml',
minute => '0',
hour => '2',
month => '*',
monthday => '*',
}
}
}

95
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/elasticsearch.pp
View File

@ -1,95 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
class lma_logging_analytics::elasticsearch (
$listen_address,
$data_dir,
$node_name,
$instance_name,
$cluster_name,
$nodes = [],
$logs_dir = '/var/log/elasticsearch',
$minimum_master_nodes = 1,
$recover_after_time = 5,
$recover_after_nodes = 1,
$is_master = true,
$is_data = true,
$heap_size = 1,
$listen_port = 9200,
$version = 'latest',
$script_inline = 'sandbox',
$script_indexed = 'sandbox',
){
validate_bool($is_master)
validate_bool($is_data)
validate_integer($minimum_master_nodes)
validate_integer($recover_after_time)
validate_integer($recover_after_nodes)
validate_integer($heap_size)
validate_integer($listen_port)
file { $data_dir:
ensure => 'directory',
}
# Install elasticsearch
class { '::elasticsearch':
version => $version,
datadir => "${data_dir}/elasticsearch_data",
init_defaults => {
'MAX_LOCKED_MEMORY' => 'unlimited',
'ES_HEAP_SIZE' => "${heap_size}g",
'LOG_DIR' => $logs_dir,
},
require => File[$data_dir],
}
$config = {
'threadpool.bulk.queue_size' => '1000',
'bootstrap.mlockall' => true,
'http.cors.allow-origin' => '/.*/',
'http.cors.enabled' => true,
'cluster.name' => $cluster_name,
'path.logs' => $logs_dir,
'node.name' => $node_name,
'node.master' => $is_master,
'node.data' => $is_data,
'discovery.zen.ping.multicast' => {'enabled' => false},
'discovery.zen.ping.unicast.hosts' => $nodes,
'discovery.zen.minimum_master_nodes' => $minimum_master_nodes,
'gateway.recover_after_time' => "${recover_after_time}m",
'gateway.recover_after_nodes' => $recover_after_nodes,
'gateway.expected_nodes' => size($nodes),
'http.bind_host' => $listen_address,
'transport.bind_host' => $listen_address,
'transport.publish_host' => $listen_address,
'script.inline' => $script_inline,
'script.indexed' => $script_indexed,
}
# Start an instance of elasticsearch
::elasticsearch::instance { $instance_name:
logging_file => 'puppet:///modules/lma_logging_analytics/elasticsearch_logging.yaml',
config => $config,
}
# This template uses $logs_dir variable
file { "/etc/logrotate.d/elasticsearch-${instance_name}.conf":
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
content => template('lma_logging_analytics/elasticsearch_logrotate.conf.erb'),
}
}

35
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/es_template.pp
View File

@ -1,35 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Defined type lma_logging_analytics::es_template
define lma_logging_analytics::es_template (
$number_of_shards = 5,
$number_of_replicas = 0,
$host = 'localhost',
$port = 9200,
$index_template = undef,
) {
if $index_template {
$template = $index_template
} else {
$template = "${title}-*"
}
elasticsearch::template { $title:
content => template("lma_logging_analytics/es_template_${title}.json.erb"),
host => $host,
port => $port,
}
}

65
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana.pp
View File

@ -1,65 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Class lma_logging_analytics::kibana
class lma_logging_analytics::kibana (
$listen_address,
$listen_port,
$es_host = 'localhost',
$es_port = 9200,
$es_scheme = 'http',
$version = 'latest'
) {
include lma_logging_analytics::params
$kibana_dir = $lma_logging_analytics::params::kibana_dir
$kibana_conf = $lma_logging_analytics::params::kibana_config
$default_route = $lma_logging_analytics::params::kibana_default_route
package { 'kibana':
ensure => $version,
}
# The init script always creates /var/log/kibana and sets appropriate rights.
$log_dir = '/var/log/kibana'
file { '/opt/kibana/config/kibana.yml':
ensure => present,
# This template uses $log_dir
content => template('lma_logging_analytics/kibana4.yaml.erb'),
notify => Service['kibana'],
require => Package['kibana'],
}
service { 'kibana':
ensure => 'running',
enable => true,
hasstatus => true,
hasrestart => true,
require => Package['kibana'],
}
file { '/etc/logrotate.d/kibana.conf':
ensure => present,
# This template uses $log_dir
content => template('lma_logging_analytics/kibana_logrotate.conf.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Package['kibana'],
}
}

123
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana_authentication.pp
View File

@ -1,123 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Class lma_logging_analytics::kibana_authentication
class lma_logging_analytics::kibana_authentication (
$listen_address,
$listen_port,
$kibana_port,
$kibana_address,
$username,
$password,
$ldap_enabled = false,
$ldap_protocol = undef,
$ldap_servers = [],
$ldap_port = undef,
$ldap_bind_dn = undef,
$ldap_bind_password = undef,
$ldap_user_search_base_dns = undef,
$ldap_user_search_filter = undef,
$ldap_user_attribute = undef,
$ldap_authorization_enabled = false,
$listen_port_viewer = undef,
$ldap_group_attribute = undef,
$ldap_admin_group_dn = undef,
$ldap_viewer_group_dn = undef,
) {
include lma_logging_analytics::params
validate_integer($listen_port)
validate_integer($kibana_port)
$default_apache_modules = ['proxy', 'proxy_http', 'rewrite',
'authn_file', 'auth_basic', 'authz_user']
if $ldap_enabled {
if empty($ldap_servers) {
fail('ldap_servers list parameter is empty')
}
if ! is_array($ldap_servers) {
fail('ldap_servers list parameter must be an array')
}
if ! $ldap_port { fail('Missing ldap_port parameter')}
if ! $ldap_protocol { fail('Missing ldap_protocol parameter')}
if ! $ldap_bind_dn { fail('Missing ldap_bind_dn parameter')}
if ! $ldap_bind_password { fail('Missing ldap_bind_password parameter')}
if ! $ldap_user_search_base_dns { fail('Missing ldap_user_search_base_dns parameter')}
if ! $ldap_user_search_filter { fail('Missing ldap_user_search_filter parameter')}
if ! $ldap_user_attribute { fail('Missing ldap_user_attribute parameter')}
if $ldap_authorization_enabled {
if ! $ldap_group_attribute {fail('Missing ldap_group_attribute parameter')}
if ! $ldap_admin_group_dn {fail('Missing ldap_admin_group_dn parameter')}
if ! $ldap_viewer_group_dn {fail('Missing ldap_viewer_group_dn parameter')}
if ! $listen_port_viewer {fail('Missing listen_port_viewer parameter')}
validate_integer($listen_port_viewer)
}
$apache_modules = concat($default_apache_modules, ['ldap', 'authnz_ldap'])
# LDAP url is used by apache::custom_config
$ldap_servers_url = join(suffix($ldap_servers, ":${ldap_port}"), ' ')
$ldap_url = "${ldap_servers_url}/${ldap_user_search_base_dns}?${ldap_user_attribute}?sub?${ldap_user_search_filter}"
} else {
$apache_modules = $default_apache_modules
}
## Configure apache
class { 'apache':
# be good citizen by not erasing other configurations
purge_configs => false,
default_confd_files => false,
default_vhost => false,
mpm_module => false,
default_mods => $apache_modules,
}
apache::listen { "${listen_address}:${listen_port}": }
$htpasswd_file = $lma_logging_analytics::params::apache_htpasswd_file
htpasswd { $username:
cryptpasswd => ht_md5($password, 'salt'),
target => $htpasswd_file,
require => Class['apache'],
}
file { $htpasswd_file:
ensure => present,
mode => '0440',
owner => $::apache::user,
group => $::apache::group,
require => Class[Apache],
}
if $ldap_authorization_enabled {
apache::custom_config { 'kibana-proxy':
content => template('lma_logging_analytics/apache_kibana_proxy.conf.erb'),
require => [Class['apache'], File[$htpasswd_file]],
}
apache::listen { "${listen_address}:${listen_port_viewer}": }
apache::custom_config { 'kibana-proxy-viewer':
content => template('lma_logging_analytics/apache_kibana_proxy_viewer.conf.erb'),
require => [Class['apache'], File[$htpasswd_file]],
}
} else {
apache::custom_config { 'kibana-proxy':
content => template('lma_logging_analytics/apache_kibana_proxy.conf.erb'),
require => [Class['apache'], File[$htpasswd_file]],
}
}
}

127
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/kibana_dashboards.pp
View File

@ -1,127 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
class lma_logging_analytics::kibana_dashboards (
$host = 'localhost',
$port = '9200',
$index = '.kibana',
) {
include lma_logging_analytics::params
# Note that the dashboards are stored in templates/ because it is the only way
# for us to read the content of the file. Ideally we would have used the
# file() function but until Puppet 3.7 it only works with absolute paths.
# See http://www.unixdaemon.net/tools/puppet/puppet-3.7-file-function.html
# for details
$default = {
url => "http://${host}:${port}",
elasticsearch_index => $index,
}
$objects = {
'4.5.1' => {
content => template('lma_logging_analytics/kibana4_objects/config.json'),
type => 'config',
},
'log-*' => {
content => template('lma_logging_analytics/kibana4_objects/index-pattern_logs.json'),
type => 'index-pattern',
},
'Logs' => {
content => template('lma_logging_analytics/kibana4_objects/dashboard_logs.json'),
type => 'dashboard',
},
'search-logs' => {
content => template('lma_logging_analytics/kibana4_objects/search_logs.json'),
type => 'search',
},
'LOG-MESSAGES-OVER-TIME-PER-SEVERITY' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_LOG-MESSAGES-OVER-TIME-PER-SEVERITY.json'),
type => 'visualization',
},
'LOG-MESSAGES-OVER-TIME-PER-SOURCE' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_LOG-MESSAGES-OVER-TIME-PER-SOURCE.json'),
type => 'visualization',
},
'NUMBER-OF-LOG-MESSAGES-PER-ROLE' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_NUMBER-OF-LOG-MESSAGES-PER-ROLE.json'),
type => 'visualization',
},
'NUMBER-OF-LOG-MESSAGES-PER-SEVERITY' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_NUMBER-OF-LOG-MESSAGES-PER-SEVERITY.json'),
type => 'visualization',
},
'TOP-10-HOSTS' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_TOP-10-HOSTS.json'),
type => 'visualization',
},
'TOP-10-PROGRAMS' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_TOP-10-PROGRAMS.json'),
type => 'visualization',
},
'TOP-10-SOURCES' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_TOP-10-SOURCES.json'),
type => 'visualization',
},
'notification-*' => {
content => template('lma_logging_analytics/kibana4_objects/index-pattern_notifications.json'),
type => 'index-pattern',
},
'Notifications' => {
content => template('lma_logging_analytics/kibana4_objects/dashboard_notifications.json'),
type => 'dashboard',
},
'NOTIFICATIONS-OVER-TIME-PER-SOURCE' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_NOTIFICATIONS-OVER-TIME-PER-SOURCE.json'),
type => 'visualization',
},
'NOTIFICATIONS-OVER-TIME-PER-SEVERITY' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_NOTIFICATIONS-OVER-TIME-PER-SEVERITY.json'),
type => 'visualization',
},
'EVENT-TYPE-BREAKDOWN' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_EVENT-TYPE-BREAKDOWN.json'),
type => 'visualization',
},
'SOURCE-BREAKDOWN' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_SOURCE-BREAKDOWN.json'),
type => 'visualization',
},
'HOST-BREAKDOWN' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_HOST-BREAKDOWN.json'),
type => 'visualization',
},
'NOTIFICATIONS-PER-SEVERITY' => {
content => template('lma_logging_analytics/kibana4_objects/visualization_NOTIFICATIONS-PER-SEVERITY.json'),
type => 'visualization',
},
'search-notifications' => {
content => template('lma_logging_analytics/kibana4_objects/search_notifications.json'),
type => 'search',
},
'audit-*' => {
content => template('lma_logging_analytics/kibana4_objects/index-pattern_audit.json'),
type => 'index-pattern',
},
'search-audit' => {
content => template('lma_logging_analytics/kibana4_objects/search_audit.json'),
type => 'search',
},
}
create_resources(
kibana_object, $objects, $default
)
}

27
deployment_scripts/puppet/modules/lma_logging_analytics/manifests/params.pp
View File

@ -1,27 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Class lma_logging_analytics::params
class lma_logging_analytics::params {
$retention_period = 30
$indexes_prefixes = []
$kibana_dir = '/opt/kibana'
$kibana_config = "${kibana_dir}/config.js"
$apache_htpasswd_file = '/etc/apache2/kibana.htpasswd'
$kibana_dashboard_prefix = 'Logging, Monitoring and Alerting - '
$kibana_default_route = join(['/dashboard/elasticsearch/', $kibana_dashboard_prefix, 'Logs'], '')
$kibana_replicas = 0
}

28
deployment_scripts/puppet/modules/lma_logging_analytics/metadata.json
View File

@ -1,28 +0,0 @@
{
"name": "lma_logging_analytics",
"version": "1.0.0",
"author": "Guillaume Thouvenin <gthouvenin@mirantis.com>",
"summary": "Provides additional resources for the LMA logging analytics",
"license": "Apache-2.0",
"source": "https://git.openstack.org/cgit/openstack/fuel-plugin-elasticsearch-kibana.git",
"project_page": "none",
"issues_url": "none",
"operatingsystem_support": [
{
"operatingsystem": "Ubuntu",
"operatingsystemrelease": ["12.04", "14.04"]
},
{
"operatingsystem": "CentOS",
"operatingsystemrelease": ["6"]
}
],
"description": "Puppet module for configuring the Kibana dashboard and Elasticsearch",
"dependencies": [
{"name": "puppetlabs/stdlib", "version_requirement": "4.x"},
{"name": "elasticsearch/elasticsearch", "version_requirement": "0.10.1"},
{"name": "puppetlabs/concat", "version_requirement": "1.2.3"},
{"name": "puppetlabs/apache", "version_requirement": "1.5.0"},
{"name": "leinaddm/htpasswd", "version_requirement": "0.0.3"}
]
}

54
deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_curator_spec.rb
View File

@ -1,54 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'lma_logging_analytics::curator', :type => :class do
let(:facts) do
{:kernel => 'Linux', :operatingsystem => 'Ubuntu'}
end
describe 'with defaults' do
it { is_expected.to contain_package('python-elasticsearch-curator').with(
:ensure => 'latest'
)}
it { is_expected.not_to contain_cron('es-curator') }
it { is_expected.not_to contain_file('/etc/elasticsearch/curator.yaml') }
it { is_expected.not_to contain_file('/etc/elasticsearch/delete_indices.yaml') }
end
describe 'with index prefixes and retention period > 0' do
let(:params) do
{:retention_period => 10, :prefixes => ['foo']}
end
it { is_expected.to contain_package('python-elasticsearch-curator').with(
:ensure => 'latest'
)}
it { is_expected.to contain_cron('es-curator').with_command(
'/usr/local/bin/curator --config /etc/elasticsearch/curator.yaml /etc/elasticsearch/delete_indices.yaml') }
it { is_expected.to contain_file('/etc/elasticsearch/curator.yaml') }
it { is_expected.to contain_file('/etc/elasticsearch/delete_indices.yaml') }
end
describe 'with index prefixes and retention period > 0 and host' do
let(:params) do
{:retention_period => 10, :prefixes => ['foo'], :host => 'foo.org'}
end
it { is_expected.to contain_cron('es-curator').with_command(
'/usr/local/bin/curator --config /etc/elasticsearch/curator.yaml /etc/elasticsearch/delete_indices.yaml') }
end
end

44
deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_elasticsearch_spec.rb
View File

@ -1,44 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'lma_logging_analytics::elasticsearch', :type => :class do
let(:facts) do
{:kernel => 'Linux', :operatingsystem => 'Ubuntu'}
end
describe 'minimal parameters' do
let(:params) do
{:listen_address => '127.0.0.1',
:data_dir => '/tmp/es-data',
:node_name => 'foo-host',
:cluster_name => 'es-cluster',
:instance_name => 'es-42',
:nodes => ['node-1', 'node-2', 'foo-host'],
:version => '5.0.0',
}
end
it { is_expected.to contain_class('elasticsearch').with(
:version => '5.0.0'
)}
it { is_expected.to contain_elasticsearch__instance('es-42') }
it { is_expected.to contain_file('/tmp/es-data').with(
:ensure => 'directory'
)}
it { is_expected.to contain_file('/etc/logrotate.d/elasticsearch-es-42.conf') }
end
end

161
deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_kibana_authentication_spec.rb
View File

@ -1,161 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'lma_logging_analytics::kibana_authentication' do
let(:facts) do
{:kernel => 'Linux', :operatingsystem => 'Ubuntu',
:operatingsystemrelease => '12.4', :osfamily => 'Debian',
:concat_basedir => '/foo' }
end
describe 'default parameters' do
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:kibana_address => '127.0.0.1', :kibana_port => 5106,
:username => 'foouser', :password => 'foopass'
}
end
it {
should contain_class('apache')
should contain_apache__custom_config('kibana-proxy')
should contain_htpasswd('foouser')
should contain_file('/etc/apache2/kibana.htpasswd')
}
end
describe 'ldap parameters' do
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:kibana_address => '127.0.0.1', :kibana_port => 5106,
:username => 'foouser', :password => 'foopass',
:ldap_enabled => true,
:ldap_protocol => 'ldap',
:ldap_port => 389,
:ldap_servers => ['ldap.foo.fr'],
:ldap_bind_dn => 'cn=admin,dc=example,dc=com',
:ldap_bind_password => 'foopass',
:ldap_user_search_base_dns => 'ou=groups,dc=example,dc=com',
:ldap_user_search_filter => '(&(objectClass=posixGroup)(memberUid=%s))',
:ldap_user_attribute => 'uid',
}
end
it {
should contain_class('apache')
should contain_apache__custom_config('kibana-proxy')
should contain_htpasswd('foouser')
should contain_file('/etc/apache2/kibana.htpasswd')
}
end
describe 'ldap parameters with several ldap servers' do
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:kibana_address => '127.0.0.1', :kibana_port => 5106,
:username => 'foouser', :password => 'foopass',
:ldap_enabled => true,
:ldap_protocol => 'ldap',
:ldap_port => 389,
:ldap_servers => ['ldap.foo1.fr', 'ldap.foo2.fr'],
:ldap_bind_dn => 'cn=admin,dc=example,dc=com',
:ldap_bind_password => 'foopass',
:ldap_user_search_base_dns => 'ou=groups,dc=example,dc=com',
:ldap_user_search_filter => '(&(objectClass=posixGroup)(memberUid=%s))',
:ldap_user_attribute => 'uid',
}
end
it {
should contain_class('apache')
should contain_apache__custom_config('kibana-proxy').
with_content(/ldap:\/\/ldap.foo1.fr:389 ldap.foo2.fr:389/)
should contain_htpasswd('foouser')
}
end
describe 'ldap parameters are missing' do
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:kibana_address => '127.0.0.1', :kibana_port => 5106,
:username => 'foouser', :password => 'foopass',
:ldap_enabled => true,
:ldap_protocol => 'ldap',
:ldap_port => 389,
:ldap_servers => ['ldap.foo.fr'],
:ldap_user_search_base_dns => 'ou=groups,dc=example,dc=com',
:ldap_user_search_filter => '(&(objectClass=posixGroup)(memberUid=%s))',
:ldap_user_attribute => 'uid',
}
end
it { is_expected.to raise_error(Puppet::Error, /Missing ldap_/) }
end
describe 'ldap parameters with authorization' do
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:kibana_address => '127.0.0.1', :kibana_port => 5106,
:username => 'foouser', :password => 'foopass',
:ldap_enabled => true,
:ldap_protocol => 'ldap',
:ldap_port => 389,
:ldap_servers => ['ldap.foo.fr'],
:ldap_bind_dn => 'cn=admin,dc=example,dc=com',
:ldap_bind_password => 'foopass',
:ldap_user_search_base_dns => 'ou=groups,dc=example,dc=com',
:ldap_user_search_filter => '(&(objectClass=posixGroup)(memberUid=%s))',
:ldap_user_attribute => 'uid',
:ldap_authorization_enabled => true,
:listen_port_viewer => 81,
:ldap_group_attribute => 'memberUid',
:ldap_admin_group_dn => 'cn=admin_group,dc=example,dc=com',
:ldap_viewer_group_dn => 'cn=viewer_group,dc=example,dc=com',
}
end
it {
should contain_class('apache')
should contain_apache__custom_config('kibana-proxy')
should contain_htpasswd('foouser')
should contain_file('/etc/apache2/kibana.htpasswd')
}
end
describe 'ldap parameters with authorization missing' do
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:kibana_address => '127.0.0.1', :kibana_port => 5106,
:username => 'foouser', :password => 'foopass',
:ldap_enabled => true,
:ldap_protocol => 'ldap',
:ldap_port => 389,
:ldap_servers => ['ldap.foo.fr'],
:ldap_bind_dn => 'cn=admin,dc=example,dc=com',
:ldap_bind_password => 'foopass',
:ldap_user_search_base_dns => 'ou=groups,dc=example,dc=com',
:ldap_user_search_filter => '(&(objectClass=posixGroup)(memberUid=%s))',
:ldap_user_attribute => 'uid',
:ldap_authorization_enabled => true,
#:ldap_group_attribute => 'memberUid',
#:ldap_admin_group_dn => 'cn=admin_group,dc=example,dc=com',
#:ldap_viewer_group_dn => 'cn=viewer_group,dc=example,dc=com',
}
end
it { is_expected.to raise_error(Puppet::Error, /Missing/) }
end
end

33
deployment_scripts/puppet/modules/lma_logging_analytics/spec/classes/lma_logging_analytics_kibana_spec.rb
View File

@ -1,33 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'lma_logging_analytics::kibana' do
let(:facts) do
{:kernel => 'Linux', :operatingsystem => 'Ubuntu',
:concat_basedir => '/foo' }
end
let(:params) do
{:listen_address => '127.0.0.1', :listen_port => 80,
:version => '42.24'}
end
it { should contain_package('kibana').with(
:ensure => '42.24')
}
it { should contain_service('kibana')}
it { is_expected.to contain_file('/etc/logrotate.d/kibana.conf') }
end

26
deployment_scripts/puppet/modules/lma_logging_analytics/spec/defines/lma_logging_analytics_es_template_spec.rb
View File

@ -1,26 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'lma_logging_analytics::es_template' do
let(:title) { 'log' }
let(:facts) do
{:kernel => 'Linux', :operatingsystem => 'Ubuntu',
:concat_basedir => '/foo'}
end
describe 'with defaults' do
it { is_expected.to contain_elasticsearch__template('log') }
end
end

7
deployment_scripts/puppet/modules/lma_logging_analytics/spec/fixtures/hiera.yaml vendored
View File

@ -1,7 +0,0 @@
---
:backends:
- yaml
:yaml:
:datadir: 'spec/fixtures/hieradata'
:hierarchy:
- 'default'

1
deployment_scripts/puppet/modules/lma_logging_analytics/spec/fixtures/hieradata/default.yaml vendored
View File

@ -1 +0,0 @@
---

1
deployment_scripts/puppet/modules/lma_logging_analytics/spec/fixtures/modules/lma_logging_analytics/manifests vendored
View File

@ -1 +0,0 @@
../../../../manifests

1
deployment_scripts/puppet/modules/lma_logging_analytics/spec/fixtures/modules/lma_logging_analytics/templates vendored
View File

@ -1 +0,0 @@
../../../../templates

280
deployment_scripts/puppet/modules/lma_logging_analytics/spec/functions/validate_ssl_certificate_spec.rb
View File

@ -1,280 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
require 'tempfile'
describe 'validate_ssl_certificate' do
# This certificate was generated manually by using the openssl
# command:
# openssl x509 -req -days -1 [...]
# Here are the tested parameters of the certificate:
# Validity
# Not Before: Aug 11 15:46:49 2016 GMT
# Not After : Aug 10 15:46:49 2016 GMT
# Subject: [...] CN=mirantis.com/emailAddress=example.com
wrong_dates_cert = Tempfile.new('wrong_dates_cert')
wrong_dates_cert_path = wrong_dates_cert.path
wrong_dates_cert.write('-----BEGIN CERTIFICATE-----
MIICjTCCAfYCCQCaalFPmFXKrDANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMC
RlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVub2JsZTERMA8G
A1UECgwITWlyYW50aXMxDDAKBgNVBAsMA0RldjEVMBMGA1UEAwwMbWlyYW50aXMu
Y29tMRowGAYJKoZIhvcNAQkBFgtleGFtcGxlLmNvbTAeFw0xNjA4MTExNTQ2NDla
Fw0xNjA4MTAxNTQ2NDlaMIGKMQswCQYDVQQGEwJGUjEUMBIGA1UECAwLUmhvbmUt
QWxwZXMxETAPBgNVBAcMCEdyZW5vYmxlMREwDwYDVQQKDAhNaXJhbnRpczEMMAoG
A1UECwwDRGV2MRUwEwYDVQQDDAxtaXJhbnRpcy5jb20xGjAYBgkqhkiG9w0BCQEW
C2V4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPJTMOMDLf
o+TVj9jOd97O+SX2F8i/dY5YfnnqTw/J3P7ghKfpVot2TsZe9V5PvWeQMcXumaJb
4xSUG5A0WrLKUZLgSDpLSxcUq4+r95LyLISEzfngPXtRgWX+V+jopm2Zl9CaBFiS
z3h/jQKOeGibE7W/ZJaVNb0M9adfrqxQzwIDAQABMA0GCSqGSIb3DQEBCwUAA4GB
AFgXgERO2kAMFiZGpONCfd2O1R9+TKY2g6SOIn+KuJgHg85b53GmbIVzF5H6CuFh
2Tr11CdZALPVxRVe+lTgWhQdSRcv0cDQ4CJ37uAluAOaMSXaDPZnzadhfchGPSKN
VcllH9ERfoFfuDMfyVRhCte0SFs/Vl/U3ZlvAND4KIUN
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIICXwIBAAKBgQDPJTMOMDLfo+TVj9jOd97O+SX2F8i/dY5YfnnqTw/J3P7ghKfp
Vot2TsZe9V5PvWeQMcXumaJb4xSUG5A0WrLKUZLgSDpLSxcUq4+r95LyLISEzfng
PXtRgWX+V+jopm2Zl9CaBFiSz3h/jQKOeGibE7W/ZJaVNb0M9adfrqxQzwIDAQAB
AoGBAIr1bXaLJtWX4J7TTKHVEAbQZILeGbE2bzM2RRrFxtWoBuMemnWRtSS8W57A
A3CCosK8YQda0OvLPbbNdsNoRJ73QhF84jhKI7o1gZi3dsG7HqXgabB45NQv81TY
yb7WZ/F3+hzVRoKxPuTlQdcvBZdloNv/MNJDQi0p/MMcc3XhAkEA70A4q4P+veWw
BLKRLGDhYUl/7GHhTiIxPkbDpBkYmA+/KPRbTdN/711zeDOKJI0BHBKpMh3qHYD4
m87wQA0GQwJBAN2ll6nTu6a4e8X7jq/+a7bNK1Fxgz2T4ojQVdwjVthEU4ETsq+y
+2YSHS0z2C9DDKkedC3gzCUuryuliU1esIUCQQCywpJVHLeOnXpp2B3+QZjEfw1U
ykF0hrmyZV8yUgn9O+7Bo+pAeSGi8HkhO6kg7DYDCrJentlZGA8pI3KA+PpPAkEA
p9sgYJzZIAnWsrkv9ljXejkm9SbiHWBBzxr36x9YRbB5DOe+CxGhEkvljLYWorRE
gk9t7NCxyfbw8j0LHmz3gQJBAJRfhxYNzafeFeChqvjBVK5NORMtue6stdAROOy2
DFsBCPEBIAZU8quDCGOeXjabUPfiTRpcORNVfbfF3UXhVY0=
-----END RSA PRIVATE KEY-----
')
wrong_dates_cert.close
# The certificate has been generated by using the script
# https://github.com/openstack/stacklight-integration-tests/blob/master/fixtures/https/create_certificate.sh
# Here are the tested parameters of the certificate:
# Validity
# Not Before: Aug 11 15:35:59 2016 GMT
# Not After : Dec 24 15:35:59 2017 GMT
# Subject: [...] CN=site1.fuel.local
site1_cert = Tempfile.new('site1_cert')
site1_cert_path = site1_cert.path
site1_cert.write('-----BEGIN CERTIFICATE-----
MIIEnzCCAocCCQC8qoNz2UdHQzANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
RlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVub2JsZTERMA8G
A1UECgwITWlyYW50aXMxEzARBgNVBAsMClN0YWNrTGlnaHQxIjAgBgNVBAMMGVN0
YWNrTGlnaHQgUm9vdCBBdXRob3JpdHkxIzAhBgkqhkiG9w0BCQEWFG1pcmFudGlz
QGV4YW1wbGUuY29tMB4XDTE2MDgxMTE1MzU1OVoXDTE3MTIyNDE1MzU1OVowezEL
MAkGA1UEBhMCRlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVu
b2JsZTERMA8GA1UECgwITWlyYW50aXMxFTATBgNVBAsMDEZ1ZWwgcGx1Z2luczEZ
MBcGA1UEAwwQc2l0ZTEuZnVlbC5sb2NhbDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANxUXnsMs+duQcxhFg1JtNc1/cvxixqwQBakoFg86EFkvBGaotC5
RC1nNOX1z9C5ei+gM8OFcjLIsZY2gO3TFC8sZ4kcjEtMwQUcxt0BtZkl4LQamPzw
zYH0Ludaybmr5sz3By2nkXX5lM8juR9/K3WSKgBEi93cpxRZQSdyqoz1CK84wYUC
5EN/MEiS9ibZ6kAPTK3IWdjbmDwhhUqAboEen549teZhsM+RVv9j5qM78bUUJbP2
z0Sq/QW9QXtwYFTgsWU6H1rXK+jGMAwoKCPY4UYbJojj80wyMTfoi6FiUND4yZDm
yUNkYkQaVxj3seFlx1BsqSGAieSlp1dffnkCAwEAATANBgkqhkiG9w0BAQsFAAOC
AgEAIlwh/bkRiXut2OB2FIgVB2BsD59XsN5ch+iVQ01Cvnn+/ODnSQtA3Zjk8RhE
0jk0mZ6dGDQ7a0seHpVAZFPRi49b5wHvSLrgpm6Gi28rCqhGLFVYFkM+9bfszPNJ
eUl2CP064WuZ1I8CfKtzSORZ8kcIdyvn2ZVp74ijOd5Xe3KLURJ/iMROmzOlwwwS
vDFbxMrADuFhEFkjopfRFjGKlelz/T+p7LWvoWturYKkwuvBuriQyUw4Z+RNKvCw
dPYFffafAb/A0OM7rEArAhLCiVJxHxGm34btyy+IFr/d4IEG6bA3ZAA+OWNVnzbN
MfP5UBP2MdYsth0NK8IJMjP7Fs2sP9t5c6sp5O4Znsuv0AWwJ0v8SysLCdX/Ibqx
zx54IO0woM46wLWdmA9+O5/IFY8LHSQC8u2RLpWbuCAVpu4xgMMy90+ZCKERt5px
u5PvFJYS8atq0wUJ37aPExz6+g5PbRN2CcyIj1nQuHWbR1e9O9WRcdXPPsiReciy
d4GRM4bAa5nck9Y50eCKHvqSgdUpiqM1YIOXHh7ZfnSrVTOa3Na6SMsu301cTTdF
GKX4TEjnTTt8xi9sFCq5+Qecga36qBjTg1+23dV2jG6YzK+AIjNk9L6QlUZW3oEN
IWBlYQ/txckYzLtSWrAqbgxSkxWa4cZU/LnOdvK1G9n0hQc=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA3FReewyz525BzGEWDUm01zX9y/GLGrBAFqSgWDzoQWS8EZqi
0LlELWc05fXP0Ll6L6Azw4VyMsixljaA7dMULyxniRyMS0zBBRzG3QG1mSXgtBqY
/PDNgfQu51rJuavmzPcHLaeRdfmUzyO5H38rdZIqAESL3dynFFlBJ3KqjPUIrzjB
hQLkQ38wSJL2JtnqQA9MrchZ2NuYPCGFSoBugR6fnj215mGwz5FW/2PmozvxtRQl
s/bPRKr9Bb1Be3BgVOCxZTofWtcr6MYwDCgoI9jhRhsmiOPzTDIxN+iLoWJQ0PjJ
kObJQ2RiRBpXGPex4WXHUGypIYCJ5KWnV19+eQIDAQABAoIBACof71hzW0oaKHZc
8Yxk1TB4YCfH7KKTpA0wOH/mVTl7ewGaoRpq8YAExXZaAvuTGqtUY9E0CFtxR5LC
pO/TdX53bOwoCyKycAz8LYE/vGqldUq58xoZKBF6kCUnlH3tQdlaOYMfEI6Pw0W/
PLuq4rI92c3nTR6D+2XGktBp+fWs4KPkSHtxPmgQH8kiSwT1ZfBUaGFXD0nlSvv4
zizN6/Z2tslrVc2F/ESpCouREy2J2STj1NVivnRLScreFNf9eLJQxjKlMzJCEr4v
ZInP3BvOR4zC92wStCu3R7RxYh8nvgIM9Xt/WxcWwSAH+HUPYO6tcyaOUGKs2wTW
H2H3QIkCgYEA+p/LWPwkKItvEJJnBjMR2z987+CqgJ76jpQRUcyIrjq17PjWxdI3
3s1vu8vEB5G9iMFWS14DTbKaoi7enOR+jDA+TMgjbsxRgC2vN15E83CAIMrvJecX
GcyFRkQtaA64PMgiFe6YA4OWAm7+5EIyWnyKxa635LzEp5OJqB7WGNsCgYEA4Q45
OFK7zKZmWHvmoeFilIDz7SF3kYjk5tD4ap9uhWKXAnzS3rxa+0QDyxRU/0FIAkBB
jnicWdTg3xsxhE6nSFFjk+caFZ6OEWPYw8d/9C+49DtgOGMoAfGHLFY6Fd+HR+70
DNOHehBZIxh3VkvX+X36T2RNNCvpFWaJ3sZQjDsCgYEAhRS09dttl9nyb+pNqo0T
vkhIH1g9MW85vNwDFlx1d47Va6/227R01mpgGmho/1v0ONnw6LRTLL7aPaSFsOnk
CKzVaBAeQIdd/6JCmDQGiP4EC2W293luWtSvMFCji83FJwFemCbJsZP94+zsjGha
NJJNXgsYuu1Bv3oobo1xQmECgYEAuYpOZj7fERNGYUCUnXUBHslJUIA84UDo5dn2
U4DpTxI+yRA7kOHcaDZkojI6+M3LHf/3jAunau/0DDuRETD+/MIMxEzM1nIHUhLt
DEsXFCub4c5pv1MQEroa5NSZwpqsHwPDNCfYEywTMLnk+MJCZjAUAwwAEjj5Smlk
1MLOeS0CgYEAi4Oa173JPr+x2rEx9kFzS7mFG5LhKjDO90Pi4meBK6LmFZTFAZ43
RwKTtqxWLTa95akrbtExe4wH87YYps86PHWESZmAMrvpop5kowlGRE34Jm5OFm7k
C+NI7IhZ5VywJ189A51QVoAa0HmpAEXP9vk2Ez4UTFVI9sBtrrqMpgs=
-----END RSA PRIVATE KEY-----
')
site1_cert.close
# The certificate has been generated by using the script
# https://github.com/openstack/stacklight-integration-tests/blob/master/fixtures/https/create_certificate.sh
# Here are the tested parameters of the certificate:
# Validity
# Not Before: Aug 9 09:09:05 2016 GMT
# Not After : Dec 22 09:09:05 2017 GMT
# Subject: [...] CN=*.fuel.local
wildcard_cert = Tempfile.new('cert')
wildcard_cert_path = wildcard_cert.path
wildcard_cert.write('-----BEGIN CERTIFICATE-----
MIIEmzCCAoMCCQC8XTGfnWQssjANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
RlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVub2JsZTERMA8G
A1UECgwITWlyYW50aXMxEzARBgNVBAsMClN0YWNrTGlnaHQxIjAgBgNVBAMMGVN0
YWNrTGlnaHQgUm9vdCBBdXRob3JpdHkxIzAhBgkqhkiG9w0BCQEWFG1pcmFudGlz
QGV4YW1wbGUuY29tMB4XDTE2MDgwOTA5MDkwNVoXDTE3MTIyMjA5MDkwNVowdzEL
MAkGA1UEBhMCRlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVu
b2JsZTERMA8GA1UECgwITWlyYW50aXMxFTATBgNVBAsMDEZ1ZWwgcGx1Z2luczEV
MBMGA1UEAwwMKi5mdWVsLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwf3t6eG8KV/7SSVz/bRi0/gQkp73K+0oRpaLmtHPsohL6FXI+YRB3m30
sE0u6drf0rGC4QMNrb/y1z1jM2iFP6rTM97r6E2AzxScuF0MZQlF0XqUCYV7AvqT
4GoKAqBAMEXLEmnsKX6F8ZGMfIFnAC0W1AHOPu7PYCg6symo6wrNOoclPbjOZytC
pz9AB82SBeU2D+s8mUYjfurqd/Kh1xxR5kUiB4Uiud/1sEe+YFnWWjILCvpzH0up
/otY4jxB1nXbAM+bWp1SszDwjAon2DKkRoqfFUT0uI6NaljTnFdn4PPwSg3gcfwZ
QOiJLyhwdjCvmyoxTUbGzIaaiFiCJQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQCJ
K0rUqVj2CeKwMof9SADYdFdGtI8qigiQgieDd+XU9YA9R52UEa2K7A7ABM3ts+1f
TRCtOOei+6TQ0KHCt1WV0XGc00eER44N9Kw8nu0OPXBpYTZ1mKhL8IyapGK4e/ur
nVJCZtDDWKikLhlHXwuQgvQ+3OveU+cQI5x1035XZbuGY2xFAcNx/wwaFMwpabw1
X4b325+B2KRHKkKjWJsPyE1q7iqLs3RsQDH031wWVS0hHkR2NL1anOToeDHMgcO8
sWTth0OLf3dVC9mjG7SxCm2mHV0fPCBUB4Xzago6GNJC+GPs5w0moTivNcpHWILJ
r+h6FmZhPrejzQXTFbzXirWMcD7LphSJ23hS1GmCyKQsRyTpOCn/NXmQbrBpns/V
3YJGeIlcGfnVzMMtxRqcDiPO49NBcNxcjAAvwzttYWuPRHMULOIviGNrqFSjHCFg
JQ2jZM2xKorRt8ItFD0rjy+T/SZF3B5AxB2y6FTCKnTmcwchoyJdThfb0FBU01pZ
ROtYaW0WaqgN48Buxn8Cqjhr8JxK2Vmbz6cwRiyIzi+exXGpdfU9ZxcksVmQFd1I
0NX4YTxEOA2hwGUowTVqPoAFH5hvk+nkULgvrkBVBXLWx1oCK9nDrz9ubUyUgdje
vaiOtmDJknNFKC1st2JQwZCVmYZura4GB2FBo/6YCA==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAwf3t6eG8KV/7SSVz/bRi0/gQkp73K+0oRpaLmtHPsohL6FXI
+YRB3m30sE0u6drf0rGC4QMNrb/y1z1jM2iFP6rTM97r6E2AzxScuF0MZQlF0XqU
CYV7AvqT4GoKAqBAMEXLEmnsKX6F8ZGMfIFnAC0W1AHOPu7PYCg6symo6wrNOocl
PbjOZytCpz9AB82SBeU2D+s8mUYjfurqd/Kh1xxR5kUiB4Uiud/1sEe+YFnWWjIL
CvpzH0up/otY4jxB1nXbAM+bWp1SszDwjAon2DKkRoqfFUT0uI6NaljTnFdn4PPw
Sg3gcfwZQOiJLyhwdjCvmyoxTUbGzIaaiFiCJQIDAQABAoIBAG7pngMgmxIU3Hkf
vseJQQ/sPp114d/tgh+Jp1vnJZbvsmat1XBDm91uhH3gQzhVea7e6vN3aXSz0EYb
xQH5emXCZ2q6w6pX1ZOQN2J5YMLLoG16ZfVjqcc0OSQPvJVvxgNThB2NDgdTXYWW
L/pnidph7TFdruvwYgSaO6V/5iIrVCX9lZc4oQF80VTDDDvvHe/jQFlshrNIuGBh
Va19AYUWEek+QiZ849ShG6Y2N/JoR65pu4AMrjLRCo0RMwAJtOTE9vU+QxXblElm
TeaYrsnvmCXVCBHraffEgyvBNFJ9CPpvfVtymcQ7uyF+iCZ9mDQhoOBajHeQE4Fe
O5B77AECgYEA+3/K7TLph7lzwkPdbBvpd8cD8LtqUcRP9XvvLF1ZIfMjZQjeUZGe
/oSTqICouF7SQiT2nIUPuiv8QYhL1K4AE7ZH3Umictf0RPaCA9LYbZhRcFgqzevF
whNp2zbXG7UnYwPS0cFnJe7k1WztaeHkzEC1I/pZCG4ertMkgqqvYaUCgYEAxXas
4/XjX+pqJ/u48cHrOPS+Qugq1ONsIcnM5q5fu9zCq9rfYNUCQqRM1R9uEDV6xmDd
vIitA1CWcHDrtojk33GQoqDMtq+t+Mh1Ni0lLJ19r3lDc2C0OsfqZd7sHxkDCjXL
KKcRdys7q8AFDwHMWQCvXfnbeHcc+jCaLbzJtoECgYEAkqp84gU90SviiRjgqOpC
JdrGvn3dS9/rLWLgIQQzNaxAKOyaEgGVMiKIpcyaGCMcBPzfYHnsqQp7qo/cgSQT
4Wr8z9zgQo8T4Z/MRISSOJ+KZrTUCZCEnGCL7A44Ne1YEdMp/68FA0ck5h4G+ieF
MWRO/rNBdrwZYqS5dwYpDw0CgYEAsypi5NQOYtEHURANVw5kp2Ep4PtXIaLYUjAQ
Qp6lLoe3+sa1N98OFfmN3TKPYxWjOKxbhN1eXkuYtJ1AwnajdDpOycCs/nWYnMsF
zwpXWIvtpnGYye9MmKkb/SKvi+fd4j29AD3WkxIfKk8oR92R1I/SjqpOgJdTK489
1ZIeVAECgYEAsG0giXYTbURl2TVPgYbBXkqdhxXlhTo2Bw2WpxDzFN3La4xlx7C0
TsjVnOcAWmCfhgJYX/3M6lV5uqWFr/wXODLmdp94/edigyFn/OTO5VJ1/UMniVCv
MewMZCz4qkB7640zuATjJQXUsX54VdCsaVoYWxHGaBjYoQuW2+XPi1w=
-----END RSA PRIVATE KEY-----
')
wildcard_cert.close
# It is the wildcard certificate but without the private key
noprivkey_cert = Tempfile.new('noprivkey_cert')
noprivkey_cert_path = noprivkey_cert.path
noprivkey_cert.write('-----BEGIN CERTIFICATE-----
MIIEmzCCAoMCCQC8XTGfnWQssjANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMC
RlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVub2JsZTERMA8G
A1UECgwITWlyYW50aXMxEzARBgNVBAsMClN0YWNrTGlnaHQxIjAgBgNVBAMMGVN0
YWNrTGlnaHQgUm9vdCBBdXRob3JpdHkxIzAhBgkqhkiG9w0BCQEWFG1pcmFudGlz
QGV4YW1wbGUuY29tMB4XDTE2MDgwOTA5MDkwNVoXDTE3MTIyMjA5MDkwNVowdzEL
MAkGA1UEBhMCRlIxFDASBgNVBAgMC1Job25lLUFscGVzMREwDwYDVQQHDAhHcmVu
b2JsZTERMA8GA1UECgwITWlyYW50aXMxFTATBgNVBAsMDEZ1ZWwgcGx1Z2luczEV
MBMGA1UEAwwMKi5mdWVsLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwf3t6eG8KV/7SSVz/bRi0/gQkp73K+0oRpaLmtHPsohL6FXI+YRB3m30
sE0u6drf0rGC4QMNrb/y1z1jM2iFP6rTM97r6E2AzxScuF0MZQlF0XqUCYV7AvqT
4GoKAqBAMEXLEmnsKX6F8ZGMfIFnAC0W1AHOPu7PYCg6symo6wrNOoclPbjOZytC
pz9AB82SBeU2D+s8mUYjfurqd/Kh1xxR5kUiB4Uiud/1sEe+YFnWWjILCvpzH0up
/otY4jxB1nXbAM+bWp1SszDwjAon2DKkRoqfFUT0uI6NaljTnFdn4PPwSg3gcfwZ
QOiJLyhwdjCvmyoxTUbGzIaaiFiCJQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQCJ
K0rUqVj2CeKwMof9SADYdFdGtI8qigiQgieDd+XU9YA9R52UEa2K7A7ABM3ts+1f
TRCtOOei+6TQ0KHCt1WV0XGc00eER44N9Kw8nu0OPXBpYTZ1mKhL8IyapGK4e/ur
nVJCZtDDWKikLhlHXwuQgvQ+3OveU+cQI5x1035XZbuGY2xFAcNx/wwaFMwpabw1
X4b325+B2KRHKkKjWJsPyE1q7iqLs3RsQDH031wWVS0hHkR2NL1anOToeDHMgcO8
sWTth0OLf3dVC9mjG7SxCm2mHV0fPCBUB4Xzago6GNJC+GPs5w0moTivNcpHWILJ
r+h6FmZhPrejzQXTFbzXirWMcD7LphSJ23hS1GmCyKQsRyTpOCn/NXmQbrBpns/V
3YJGeIlcGfnVzMMtxRqcDiPO49NBcNxcjAAvwzttYWuPRHMULOIviGNrqFSjHCFg
JQ2jZM2xKorRt8ItFD0rjy+T/SZF3B5AxB2y6FTCKnTmcwchoyJdThfb0FBU01pZ
ROtYaW0WaqgN48Buxn8Cqjhr8JxK2Vmbz6cwRiyIzi+exXGpdfU9ZxcksVmQFd1I
0NX4YTxEOA2hwGUowTVqPoAFH5hvk+nkULgvrkBVBXLWx1oCK9nDrz9ubUyUgdje
vaiOtmDJknNFKC1st2JQwZCVmYZura4GB2FBo/6YCA==
-----END CERTIFICATE-----
')
noprivkey_cert.close
describe 'site1 with valid CN' do
it {
should run.with_params(site1_cert_path,
'site1.fuel.local')
}
end
describe 'site1 with an unvalid CN' do
it {
should run.with_params(site1_cert_path,
'site2.fuel.local').and_raise_error(/Found site1.fuel.local as CN whereas 'site2.fuel.local' was expected/)
}
end
describe 'wildcard with valid CN' do
it {
should run.with_params(wildcard_cert_path,
'site1.fuel.local')
}
end
describe 'wildcard with another valid CN' do
it {
should run.with_params(wildcard_cert_path,
'site2.fuel.local')
}
end
describe 'wildcard with a wrong CN' do
it {
should run.with_params(wildcard_cert_path,
'test1.wrong.cn').and_raise_error(/Found \*.fuel.local as CN whereas 'test1.wrong.cn' was expected/)
}
end
describe 'with no private key' do
it {
should run.with_params(noprivkey_cert_path,
'site1.fuel.local').and_raise_error(/private key/)
}
end
# The wrong_dates certificate is valid from the point of view of the puppet
# function that will simply emits a warning.
describe 'with a wrong date' do
it {
should run.with_params(wrong_dates_cert_path,
'mirantis.com')
}
end
end

6
deployment_scripts/puppet/modules/lma_logging_analytics/spec/spec.opts
View File

@ -1,6 +0,0 @@
--format
s
--colour
--loadby
mtime
--backtrace

23
deployment_scripts/puppet/modules/lma_logging_analytics/spec/spec_helper.rb
View File

@ -1,23 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
require 'rspec-puppet'
fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures'))
RSpec.configure do |c|
c.module_path = File.join(fixture_path, 'modules')
c.manifest_dir = File.join(fixture_path, 'manifests')
c.environmentpath = File.join(Dir.pwd, 'spec')
c.hiera_config = File.join(fixture_path, 'hiera.yaml')
end

59
deployment_scripts/puppet/modules/lma_logging_analytics/spec/unit/puppet/type/kibana_object_type_spec.rb
View File

@ -1,59 +0,0 @@
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
require 'spec_helper'
describe Puppet::Type.type(:kibana_object) do
context "when setting parameters" do
it "should fail if elasticsearch url isn't HTTP-based" do
expect {
described_class.new :name => "foo", :url => "example.com",
:content => "{}", :ensure => :present,
:type => 'dashboard'
}.to raise_error(Puppet::Error, /not a valid URL/)
end
it "should fail if content isn't provided" do
expect {
described_class.new :name => "foo", :url => "http://example.com",
:ensure => :present, :type => 'dashboard'
}.to raise_error(Puppet::Error, /content is required/)
end
it "should fail if content isn't JSON" do
expect {
described_class.new :name => "foo", :url => "http://example.com/",
:content => "{invalid", :ensure => :present, :type => 'dashboard'
}.to raise_error(Puppet::Error, /Invalid JSON/)
end
it "should accept valid parameters" do
resource = described_class.new :name => "foo", :url => "http://example.com/",
:content => "{}", :ensure => :present,
:type => 'dashboard'
expect(resource[:name]).to eq('foo')
expect(resource[:url]).to eq('http://example.com/')
expect(resource[:content]).to eq({})
end
it "should fail if invalide type is provided" do
expect {
resource = described_class.new :name => "foo", :url => "http://example.com/",
:content => "{}", :ensure => :present,
:type => 'wrong type'
}.to raise_error(Puppet::ResourceError, /Valid values are dashboard, visualization, search, config, index-pattern/)
end
end
end

52
deployment_scripts/puppet/modules/lma_logging_analytics/templates/apache_kibana_proxy.conf.erb
View File

@ -1,52 +0,0 @@
# ************************************
# Vhost template in module lma_logging_analytics
# Managed by Puppet
# ************************************
<% if @ldap_enabled -%>
LDAPVerifyServerCert off
<% end -%>
<VirtualHost <%= @listen_address %>:<%= @listen_port %>>
ServerName kibana
DocumentRoot "/opt/kibana"
ProxyRequests Off
<Proxy *>
Order Allow,Deny
Allow From All
AuthName "Kibana Access"
AuthType Basic
AuthUserFile <%= @htpasswd_file %>
<% if @ldap_enabled -%>
AuthBasicProvider file ldap
AuthLDAPURL "<%= @ldap_protocol %>://<%= @ldap_url %>"
AuthLDAPBindDN "<%= @ldap_bind_dn %>"
AuthLDAPBindPassword <%= @ldap_bind_password %>
<% if @ldap_authorization_enabled -%>
AuthLDAPGroupAttribute <%= @ldap_group_attribute %>
AuthLDAPGroupAttributeIsDN off
AuthBasicAuthoritative on
<RequireAny>
require user <%= @username %>
Require ldap-group <%= @ldap_admin_group_dn %>
</RequireAny>
<% else -%>
require valid-user
<% end -%>
<% else -%>
require valid-user
<% end -%>
</Proxy>
ProxyPass / http://<%= @kibana_address %>:<%= @kibana_port %>
ProxyPassReverse / http://<%= @kibana_address %>:<%= @kibana_port %>
RewriteEngine on
# Passthrough the request to Kibana with the original query string
RewriteRule .* http://<%= @kibana_address %>:<%= @kibana_port %>%{REQUEST_URI} [P,QSA,L]
ErrorLog "/var/log/apache2/kibana_error.log"
ServerSignature Off
CustomLog "/var/log/apache2/kibana_access.log" combined
</VirtualHost>

56
deployment_scripts/puppet/modules/lma_logging_analytics/templates/apache_kibana_proxy_viewer.conf.erb
View File

@ -1,56 +0,0 @@
# ************************************
# Vhost template in module lma_logging_analytics
# Managed by Puppet
# ************************************
<VirtualHost <%= @listen_address %>:<%= @listen_port_viewer %>>
ServerName kibana
DocumentRoot "/opt/kibana"
ProxyRequests Off
<Proxy *>
Order Allow,Deny
Allow From All
AuthName "Kibana Access"
AuthType Basic
AuthUserFile <%= @htpasswd_file %>
<% if @ldap_enabled -%>
AuthBasicProvider file ldap
AuthLDAPURL "<%= @ldap_protocol %>://<%= @ldap_url %>"
AuthLDAPBindDN "<%= @ldap_bind_dn %>"
AuthLDAPBindPassword <%= @ldap_bind_password %>
<% if @ldap_authorization_enabled -%>
AuthLDAPGroupAttribute <%= @ldap_group_attribute %>
AuthLDAPGroupAttributeIsDN off
AuthBasicAuthoritative on
<RequireAny>
require user <%= @username %>
Require ldap-group <%= @ldap_viewer_group_dn %>
Require ldap-group <%= @ldap_admin_group_dn %>
</RequireAny>
<% else -%>
require valid-user
<% end -%>
<% else -%>
require valid-user
<% end -%>
</Proxy>
ProxyPass / http://<%= @kibana_address %>:<%= @kibana_port %>
ProxyPassReverse / http://<%= @kibana_address %>:<%= @kibana_port %>
RewriteEngine on
# Deleting is forbidden for viewers
RewriteCond %{REQUEST_METHOD} DELETE
RewriteRule .* - [F,L]
# Creation/update is forbidden for viewers
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{QUERY_STRING} op_type=create
RewriteRule .* - [F,L]
# Passthrough the request to Kibana with the original query string
RewriteRule .* http://<%= @kibana_address %>:<%= @kibana_port %>%{REQUEST_URI} [P,QSA,L]
ErrorLog "/var/log/apache2/kibana_error.log"
ServerSignature Off
CustomLog "/var/log/apache2/kibana_access.log" combined
</VirtualHost>

23
deployment_scripts/puppet/modules/lma_logging_analytics/templates/curator.yaml.erb
View File

@ -1,23 +0,0 @@
---
client:
hosts:
- <%= @host %>
port: <%= @port %>
url_prefix:
use_ssl: False
certificate:
client_cert:
client_key:
aws_key:
aws_secret_key:
aws_region:
ssl_no_validate: False
http_auth:
timeout: 30
master_only: True
logging:
loglevel: INFO
logfile:
logformat: default
blacklist: ['elasticsearch', 'urllib3']

23
deployment_scripts/puppet/modules/lma_logging_analytics/templates/delete_indices.yaml.erb
View File

@ -1,23 +0,0 @@
---
actions:
1:
action: delete_indices
description: >-
Delete indices older than <%= @real_retention_period %> days (based on index name).
options:
ignore_empty_list: True
timeout_override:
continue_if_exception: False
disable_action: False
filters:
- filtertype: pattern
kind: regex
value: "^<%= @regex %>-.*$"
exclude:
- filtertype: age
source: name
direction: older
timestring: '%Y.%m.%d'
unit: days
unit_count: <%= @real_retention_period %>
exclude:

22
deployment_scripts/puppet/modules/lma_logging_analytics/templates/elasticsearch_logrotate.conf.erb
View File

@ -1,22 +0,0 @@
# managed by puppet
<%= @logs_dir %>/*.log {
# Elasticsearch cannot be told to close its log file and re-open it so we need to
# use the copytruncate option
copytruncate
compress
delaycompress
missingok
notifempty
# logrotate allows to use only year, month, day and unix epoch
dateext
dateformat -%Y%m%d-%s
# number of rotated files to keep
rotate 10
# do not rotate files unless both size and time conditions are met
hourly
minsize 20M
# force rotate if filesize exceeded 100M
maxsize 100M
# this must map the /var/log directory group ownership
su root syslog
}

91
deployment_scripts/puppet/modules/lma_logging_analytics/templates/es_template_audit.json.erb
View File

@ -1,91 +0,0 @@
{
"mappings": {
"message": {
"properties": {
"Payload": {
"type": "string"
},
"Logger": {
"index": "not_analyzed",
"type": "string"
},
"Hostname": {
"index": "not_analyzed",
"type": "string"
},
"Pid": {
"index": "not_analyzed",
"type": "long"
},
"Severity": {
"index": "not_analyzed",
"type": "long"
},
"Type": {
"index": "not_analyzed",
"type": "string"
},
"severity_label": {
"index": "not_analyzed",
"type": "string"
},
"environment_label": {
"index": "not_analyzed",
"type": "string"
},
"action": {
"index": "not_analyzed",
"type": "string"
},
"event_type": {
"index": "not_analyzed",
"type": "string"
},
"outcome": {
"index": "not_analyzed",
"type": "string"
},
"notification_type": {
"index": "not_analyzed",
"type": "string"
},
"openstack_roles": {
"type": "string",
"analyzer": "ost_roles"
},
"openstack_region": {
"index": "not_analyzed",
"type": "string"
},
"openstack_release": {
"index": "not_analyzed",
"type": "string"
},
"deployment_id": {
"index": "not_analyzed",
"type": "string"
}
}
}
},
"settings": {
"analysis": {
"tokenizer": {
"comma" : {
"type": "pattern",
"pattern": ","
}
},
"analyzer": {
"ost_roles": {
"type": "custom",
"tokenizer": "comma",
"filter": ["lowercase"]
}
}
},
"number_of_shards": <%= @number_of_shards %>,
"number_of_replicas": <%= @number_of_replicas %>
},
"template": "<%= @template %>"
}

138
deployment_scripts/puppet/modules/lma_logging_analytics/templates/es_template_kibana4.json.erb
View File

@ -1,138 +0,0 @@
{
"mappings" : {
"index-pattern" : {
"properties" : {
"fieldFormatMap" : {
"type" : "string"
},
"fields" : {
"type" : "string"
},
"intervalName" : {
"type" : "string"
},
"notExpandable" : {
"type" : "boolean"
},
"timeFieldName" : {
"type" : "string"
},
"title" : {
"type" : "string"
}
}
},
"config" : {
"properties" : {
"buildNum" : {
"type" : "string",
"index" : "not_analyzed"
}
}
},
"search" : {
"properties" : {
"columns" : {
"type" : "string"
},
"description" : {
"type" : "string"
},
"hits" : {
"type" : "integer"
},
"kibanaSavedObjectMeta" : {
"properties" : {
"searchSourceJSON" : {
"type" : "string"
}
}
},
"sort" : {
"type" : "string"
},
"title" : {
"type" : "string"
},
"version" : {
"type" : "integer"
}
}
},
"visualization" : {
"properties" : {
"description" : {
"type" : "string"
},
"kibanaSavedObjectMeta" : {
"properties" : {
"searchSourceJSON" : {
"type" : "string"
}
}
},
"savedSearchId" : {
"type" : "string"
},
"title" : {
"type" : "string"
},
"uiStateJSON" : {
"type" : "string"
},
"version" : {
"type" : "integer"
},
"visState" : {
"type" : "string"
}
}
},
"dashboard" : {
"properties" : {
"description" : {
"type" : "string"
},
"hits" : {
"type" : "integer"
},
"kibanaSavedObjectMeta" : {
"properties" : {
"searchSourceJSON" : {
"type" : "string"
}
}
},
"optionsJSON" : {
"type" : "string"
},
"panelsJSON" : {
"type" : "string"
},
"timeFrom" : {
"type" : "string"
},
"timeRestore" : {
"type" : "boolean"
},
"timeTo" : {
"type" : "string"
},
"title" : {
"type" : "string"
},
"uiStateJSON" : {
"type" : "string"
},
"version" : {
"type" : "integer"
}
}
}
},
"settings": {
"number_of_shards": <%= @number_of_shards %>,
"number_of_replicas": <%= @number_of_replicas %>
},
"template": "<%= @template %>"
}

114
deployment_scripts/puppet/modules/lma_logging_analytics/templates/es_template_log.json.erb
View File

@ -1,114 +0,0 @@
{
"mappings": {
"message": {
"properties": {
"Logger": {
"index": "not_analyzed",
"type": "string"
},
"Hostname": {
"index": "not_analyzed",
"type": "string"
},
"Pid": {
"index": "not_analyzed",
"type": "long"
},
"Severity": {
"index": "not_analyzed",
"type": "long"
},
"Type": {
"index": "not_analyzed",
"type": "string"
},
"programname": {
"index": "not_analyzed",
"type": "string"
},
"python_module": {
"index": "not_analyzed",
"type": "string"
},
"severity_label": {
"index": "not_analyzed",
"type": "string"
},
"environment_label": {
"index": "not_analyzed",
"type": "string"
},
"openstack_roles": {
"type": "string",
"analyzer": "ost_roles"
},
"openstack_region": {
"index": "not_analyzed",
"type": "string"
},
"openstack_release": {
"index": "not_analyzed",
"type": "string"
},
"deployment_id": {
"index": "not_analyzed",
"type": "string"
},
"request_id": {
"index": "not_analyzed",
"type": "string"
},
"tenant_id": {
"index": "not_analyzed",
"type": "string"
},
"user_id": {
"index": "not_analyzed",
"type": "string"
},
"instance_id": {
"index": "not_analyzed",
"type": "string"
},
"http_response_time": {
"type": "float"
},
"http_status": {
"type": "integer"
},
"http_method": {
"index": "not_analyzed",
"type": "string"
},
"http_url": {
"index": "not_analyzed",
"type": "string"
},
"http_version": {
"index": "not_analyzed",
"type": "string"
}
}
}
},
"settings": {
"analysis": {
"tokenizer": {
"comma" : {
"type": "pattern",
"pattern": ","
}
},
"analyzer": {
"ost_roles": {
"type": "custom",
"tokenizer": "comma",
"filter": ["lowercase"]
}
}
},
"number_of_shards": <%= @number_of_shards %>,
"number_of_replicas": <%= @number_of_replicas %>
},
"template": "<%= @template %>"
}

111
deployment_scripts/puppet/modules/lma_logging_analytics/templates/es_template_notification.json.erb
View File

@ -1,111 +0,0 @@
{
"mappings": {
"message": {
"properties": {
"event_type": {
"index": "not_analyzed",
"type": "string"
},
"Payload": {
"type": "string"
},
"Logger": {
"index": "not_analyzed",
"type": "string"
},
"programname": {
"index": "not_analyzed",
"type": "string"
},
"Hostname": {
"index": "not_analyzed",
"type": "string"
},
"hostname": {
"index": "not_analyzed",
"type": "string"
},
"Pid": {
"index": "not_analyzed",
"type": "long"
},
"Severity": {
"index": "not_analyzed",
"type": "long"
},
"syslogfacility": {
"index": "not_analyzed",
"type": "long"
},
"Type": {
"index": "not_analyzed",
"type": "string"
},
"severity_label": {
"index": "not_analyzed",
"type": "string"
},
"environment_label": {
"index": "not_analyzed",
"type": "string"
},
"openstack_role": {
"type": "string",
"analyzer": "ost_roles"
},
"openstack_region": {
"index": "not_analyzed",
"type": "string"
},
"openstack_release": {
"index": "not_analyzed",
"type": "string"
},
"deployment_id": {
"index": "not_analyzed",
"type": "string"
},
"request_id": {
"index": "not_analyzed",
"type": "string"
},
"tenant_id": {
"index": "not_analyzed",
"type": "string"
},
"user_id": {
"index": "not_analyzed",
"type": "string"
},
"launched_at": {
"type": "date",
"format": "dateOptionalTime"
},
"created_at": {
"type": "date",
"format": "dateOptionalTime"
}
}
}
},
"settings": {
"analysis": {
"tokenizer": {
"comma" : {
"type": "pattern",
"pattern": ","
}
},
"analyzer": {
"ost_roles": {
"type": "custom",
"tokenizer": "comma",
"filter": ["lowercase"]
}
}
},
"number_of_shards": <%= @number_of_shards %>,
"number_of_replicas": <%= @number_of_replicas %>
},
"template": "<%= @template %>"
}

5
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4.yaml.erb
View File

@ -1,5 +0,0 @@
elasticsearch.url: "<%= @es_scheme %>://<%= @es_host %>:<%= @es_port %>"
server.host: <%= @listen_address %>
server.port: <%= @listen_port %>
kibana.defaultAppId: "dashboard/Logs"
logging.dest: "<%= @log_dir %>/kibana.log"

1
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/config.json
View File

@ -1 +0,0 @@
{"buildNum" : 9892, "defaultIndex" : "log-*"}

15
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/dashboard_logs.json
View File

@ -1,15 +0,0 @@
{
"title": "Logs",
"hits": 0,
"description": "",
"panelsJSON": "[{\"col\":1,\"columns\":[\"Hostname\",\"Logger\",\"programname\",\"severity_label\",\"Payload\",\"environment_label\"],\"id\":\"search-logs\",\"panelIndex\":5,\"row\":13,\"size_x\":12,\"size_y\":12,\"sort\":[\"Timestamp\",\"desc\"],\"type\":\"search\"},{\"col\":1,\"id\":\"NUMBER-OF-LOG-MESSAGES-PER-SEVERITY\",\"panelIndex\":7,\"row\":9,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"TOP-10-PROGRAMS\",\"panelIndex\":9,\"row\":5,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"LOG-MESSAGES-OVER-TIME-PER-SOURCE\",\"panelIndex\":10,\"row\":1,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":5,\"id\":\"TOP-10-HOSTS\",\"panelIndex\":11,\"row\":9,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":9,\"id\":\"NUMBER-OF-LOG-MESSAGES-PER-ROLE\",\"panelIndex\":12,\"row\":9,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"TOP-10-SOURCES\",\"panelIndex\":14,\"row\":5,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"LOG-MESSAGES-OVER-TIME-PER-SEVERITY\",\"panelIndex\":16,\"row\":1,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"}]",
"optionsJSON": "{\"darkTheme\":true}",
"uiStateJSON": "{\"P-10\":{\"vis\":{\"legendOpen\":true}},\"P-11\":{\"vis\":{\"colors\":{\"Count\":\"#629E51\"},\"legendOpen\":true}},\"P-12\":{\"spy\":{\"mode\":{\"fill\":false,\"name\":null}},\"vis\":{\"colors\":{\"Count\":\"#2F575E\"},\"legendOpen\":false}},\"P-14\":{\"vis\":{\"legendOpen\":true}},\"P-7\":{\"vis\":{\"legendOpen\":false}},\"P-9\":{\"vis\":{\"colors\":{\"Count\":\"#99440A\"},\"legendOpen\":true}}}",
"version": 1,
"timeRestore": true,
"timeTo": "now",
"timeFrom": "now-1h",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"
}
}

15
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/dashboard_notifications.json
View File

@ -1,15 +0,0 @@
{
"title": "Notifications",
"hits": 0,
"description": "",
"panelsJSON": "[{\"col\":1,\"columns\":[\"Logger\",\"publisher\",\"severity_label\",\"event_type\",\"old_state\",\"old_task_state\",\"state\",\"new_task_state\",\"environment_label\",\"display_name\"],\"id\":\"search-notifications\",\"panelIndex\":1,\"row\":14,\"size_x\":12,\"size_y\":11,\"sort\":[\"Timestamp\",\"desc\"],\"type\":\"search\"},{\"col\":1,\"id\":\"NOTIFICATIONS-OVER-TIME-PER-SOURCE\",\"panelIndex\":2,\"row\":1,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"NOTIFICATIONS-OVER-TIME-PER-SEVERITY\",\"panelIndex\":3,\"row\":1,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"EVENT-TYPE-BREAKDOWN\",\"panelIndex\":4,\"row\":5,\"size_x\":6,\"size_y\":5,\"type\":\"visualization\"},{\"col\":1,\"id\":\"SOURCE-BREAKDOWN\",\"panelIndex\":5,\"row\":5,\"size_x\":6,\"size_y\":5,\"type\":\"visualization\"},{\"col\":1,\"id\":\"HOST-BREAKDOWN\",\"panelIndex\":6,\"row\":10,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"NOTIFICATIONS-PER-SEVERITY\",\"panelIndex\":7,\"row\":10,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"}]",
"optionsJSON": "{\"darkTheme\":true}",
"uiStateJSON": "{\"P-4\":{\"vis\":{\"legendOpen\":true}},\"P-7\":{\"vis\":{\"legendOpen\":false}}}",
"version": 1,
"timeRestore": true,
"timeTo": "now",
"timeFrom": "now-1h",
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"
}
}

6
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/index-pattern_audit.json
View File

@ -1,6 +0,0 @@
{
"title": "audit-*",
"timeFieldName": "Timestamp",
"fields": "[{\"name\":\"openstack_release\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"openstack_roles\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"Type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"event_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"severity_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Logger\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Severity\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"action\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Pid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Hostname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Payload\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"notification_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"deployment_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"outcome\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"environment_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"openstack_region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false}]"
}

2
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/index-pattern_logs.json
View File

@ -1,2 +0,0 @@
{"title": "log-*", "timeFieldName" : "Timestamp", "fields" : "[{\"name\":\"openstack_release\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"openstack_roles\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"Type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"http_response_time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"tenant_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"http_url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Logger\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"severity_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Severity\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"user_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"programname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Pid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Hostname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"instance_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Payload\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"http_version\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"http_response_size\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"deployment_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"Timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"http_method\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"http_status\",\"type\":\"conflict\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":true},{\"name\":\"python_module\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"request_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"syslogfacility\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"environment_label\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"http_client_ip_address\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"openstack_region\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false}]"}

1
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/index-pattern_notifications.json
View File

File diff suppressed because one or more lines are too long

19
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/search_audit.json
View File

@ -1,19 +0,0 @@
{
"title": "Audit",
"description": "",
"hits": 0,
"columns": [
"Logger",
"notification_type",
"outcome",
"Payload"
],
"sort": [
"Timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"audit-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}"
}
}

21
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/search_logs.json
View File

@ -1,21 +0,0 @@
{
"title": "Logs",
"description": "",
"hits": 0,
"columns": [
"Hostname",
"Logger",
"programname",
"severity_label",
"Payload",
"environment_label"
],
"sort": [
"Timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"log-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}"
}
}

25
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/search_notifications.json
View File

@ -1,25 +0,0 @@
{
"title": "Notifications",
"description": "",
"hits": 0,
"columns": [
"Logger",
"publisher",
"severity_label",
"event_type",
"old_state",
"old_task_state",
"state",
"new_task_state",
"environment_label",
"display_name"
],
"sort": [
"Timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"notification-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_EVENT-TYPE-BREAKDOWN.json
View File

@ -1,10 +0,0 @@
{
"title": "EVENT TYPE BREAKDOWN",
"visState": "{\"title\":\"EVENT TYPE BREAKDOWN\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"grouped\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"event_type\",\"size\":30,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"notification-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_HOST-BREAKDOWN.json
View File

@ -1,10 +0,0 @@
{
"title": "HOST BREAKDOWN",
"visState": "{\"title\":\"HOST BREAKDOWN\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"Hostname\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Hostname\"}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity_label\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"notification-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_LOG-MESSAGES-OVER-TIME-PER-SEVERITY.json
View File

@ -1,10 +0,0 @@
{
"title": "LOG MESSAGES OVER TIME PER SEVERITY",
"visState": "{\n \"title\": \"LOG MESSAGES OVER TIME PER SEVERITY\",\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"Timestamp\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"\"\n }\n },\n {\n \"id\": \"3\",\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"severity_label\",\n \"size\": 15,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}",
"uiStateJSON": "{\n \"vis\": {\n \"colors\": {\n \"ERROR\": \"#BF1B00\",\n \"EMERGENCY\": \"#99440A\",\n \"WARNING\": \"#EF843C\",\n \"INFO\": \"#7EB26C\",\n \"DEBUG\": \"#1F78C1\",\n \"NOTICE\": \"#6ED0E0\",\n \"ALERT\": \"#1F78C1\"\n }\n }\n}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\n \"index\": \"log-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_LOG-MESSAGES-OVER-TIME-PER-SOURCE.json
View File

@ -1,10 +0,0 @@
{
"title": "LOG MESSAGES OVER TIME PER SOURCE",
"visState": "{\n \"title\": \"LOG MESSAGES OVER TIME PER SOURCE\",\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"Timestamp\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {},\n \"customLabel\": \"\"\n }\n },\n {\n \"id\": \"3\",\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"Logger\",\n \"size\": 15,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\n \"index\": \"log-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_NOTIFICATIONS-OVER-TIME-PER-SEVERITY.json
View File

@ -1,10 +0,0 @@
{
"title": "NOTIFICATIONS OVER TIME PER SEVERITY",
"visState": "{\"title\":\"NOTIFICATIONS OVER TIME PER SEVERITY\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"Timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity_label\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
"uiStateJSON": "{\"vis\":{\"colors\":{\"ERROR\":\"#E24D42\"}}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"notification-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_NOTIFICATIONS-OVER-TIME-PER-SOURCE.json
View File

@ -1,10 +0,0 @@
{
"title": "NOTIFICATIONS OVER TIME PER SOURCE",
"visState": "{\n \"title\": \"NOTIFICATIONS OVER TIME PER SOURCE\",\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"Timestamp\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {}\n }\n },\n {\n \"id\": \"3\",\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"Logger\",\n \"size\": 20,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\n \"index\": \"notification-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_NOTIFICATIONS-PER-SEVERITY.json
View File

@ -1,10 +0,0 @@
{
"title": "NOTIFICATIONS PER SEVERITY",
"visState": "{\n \"title\": \"New Visualization\",\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"severity_label\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}",
"uiStateJSON": "{\n \"vis\": {\n \"colors\": {\n \"ERROR\": \"#BF1B00\",\n \"EMERGENCY\": \"#99440A\",\n \"WARNING\": \"#EF843C\",\n \"INFO\": \"#7EB26C\",\n \"DEBUG\": \"#1F78C1\",\n \"NOTICE\": \"#6ED0E0\",\n \"ALERT\": \"#1F78C1\"\n }\n }\n}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\n \"index\": \"notification-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_NUMBER-OF-LOG-MESSAGES-PER-ROLE.json
View File

@ -1,10 +0,0 @@
{
"title": "NUMBER OF LOG MESSAGES PER ROLE",
"visState": "{\"title\":\"Number of log messages per role\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"openstack_roles\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Roles\"}}],\"listeners\":{}}",
"uiStateJSON": "{\"vis\":{\"colors\":{\"Count\":\"#CCA300\"}},\"spy\":{\"mode\":{\"name\":\"table\",\"fill\":false}}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"log-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_NUMBER-OF-LOG-MESSAGES-PER-SEVERITY.json
View File

@ -1,10 +0,0 @@
{
"title": "NUMBER OF LOG MESSAGES PER SEVERITY",
"visState": "{\"title\":\"NUMBER OF LOG MESSAGES PER SEVERITY\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"severity_label\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Number of log messages per severity\"}}],\"listeners\":{}}",
"uiStateJSON": "{\"vis\":{\"colors\":{\"Count\":\"#CCA300\"}}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"log-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_SOURCE-BREAKDOWN.json
View File

@ -1,10 +0,0 @@
{
"title": "SOURCE BREAKDOWN",
"visState": "{\"title\":\"New Visualization\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"grouped\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"Logger\",\"size\":15,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"notification-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_TOP-10-HOSTS.json
View File

@ -1,10 +0,0 @@
{
"title": "TOP 10 HOSTS",
"visState": "{\n \"title\": \"TOP 10 HOSTS\",\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"Hostname\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Nodes\"\n }\n },\n {\n \"id\": \"3\",\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"severity_label\",\n \"size\": 8,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}",
"uiStateJSON": "{\n \"vis\": {\n \"colors\": {\n \"ERROR\": \"#BF1B00\",\n \"EMERGENCY\": \"#99440A\",\n \"WARNING\": \"#EF843C\",\n \"INFO\": \"#7EB26C\",\n \"DEBUG\": \"#1F78C1\",\n \"NOTICE\": \"#6ED0E0\",\n \"ALERT\": \"#1F78C1\"\n }\n }\n}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\n \"index\": \"log-*\",\n \"query\": {\n \"query_string\": {\n \"analyze_wildcard\": true,\n \"query\": \"*\"\n }\n },\n \"filter\": []\n}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_TOP-10-PROGRAMS.json
View File

@ -1,10 +0,0 @@
{
"title": "TOP 10 PROGRAMS",
"visState": "{\n \"title\": \"TOP 10 PROGRAMS\",\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {\n \"customLabel\": \"\"\n }\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"programname\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"customLabel\": \"Number of log messages per programname\"\n }\n },\n {\n \"id\": \"3\",\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"severity_label\",\n \"size\": 8,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}",
"uiStateJSON": "{\n \"vis\": {\n \"colors\": {\n \"ERROR\": \"#BF1B00\",\n \"EMERGENCY\": \"#99440A\",\n \"WARNING\": \"#EF843C\",\n \"INFO\": \"#7EB26C\",\n \"DEBUG\": \"#1F78C1\",\n \"NOTICE\": \"#6ED0E0\",\n \"ALERT\": \"#1F78C1\"\n }\n }\n}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\n \"index\": \"log-*\",\n \"query\": {\n \"query_string\": {\n \"analyze_wildcard\": true,\n \"query\": \"*\"\n }\n },\n \"filter\": []\n}"
}
}

10
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana4_objects/visualization_TOP-10-SOURCES.json
View File

@ -1,10 +0,0 @@
{
"title": "TOP 10 SOURCES",
"visState": "{\"title\":\"TOP 10 SOURCES\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"Logger\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"Number of log messages per Logger\"}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"severity_label\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}",
"uiStateJSON": "{\n \"vis\": {\n \"colors\": {\n \"ERROR\": \"#BF1B00\",\n \"EMERGENCY\": \"#99440A\",\n \"WARNING\": \"#EF843C\",\n \"INFO\": \"#7EB26C\",\n \"DEBUG\": \"#1F78C1\",\n \"NOTICE\": \"#6ED0E0\",\n \"ALERT\": \"#1F78C1\"\n }\n }\n}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"log-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}"
}
}

423
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana_dashboards/logs.json
View File

@ -1,423 +0,0 @@
{
"title": "Logging, Monitoring and Alerting - Logs",
"services": {
"query": {
"list": {
"0": {
"query": "",
"alias": "",
"color": "#7EB26D",
"id": 0,
"pin": false,
"type": "lucene",
"enable": true
}
},
"ids": [
0
]
},
"filter": {
"list": {
"0": {
"type": "time",
"field": "Timestamp",
"from": "now-1h",
"to": "now",
"mandate": "must",
"active": true,
"alias": "",
"id": 0
}
},
"ids": [
0
]
}
},
"rows": [
{
"title": "Events over time",
"height": "150px",
"editable": true,
"collapse": false,
"collapsable": true,
"panels": [
{
"span": 8,
"editable": true,
"type": "histogram",
"loadingEditor": false,
"mode": "count",
"time_field": "Timestamp",
"value_field": null,
"x-axis": true,
"y-axis": true,
"scale": 1,
"y_format": "none",
"grid": {
"max": null,
"min": 0
},
"queries": {
"mode": "all",
"ids": [
0
]
},
"annotate": {
"enable": false,
"query": "*",
"size": 20,
"field": "_type",
"sort": [
"_score",
"desc"
]
},
"auto_int": true,
"resolution": 100,
"interval": "30s",
"intervals": [
"auto",
"1s",
"1m",
"5m",
"10m",
"30m",
"1h",
"3h",
"12h",
"1d",
"1w",
"1y"
],
"lines": false,
"fill": 0,
"linewidth": 3,
"points": false,
"pointradius": 5,
"bars": true,
"stack": true,
"spyable": true,
"zoomlinks": true,
"options": true,
"legend": true,
"show_query": true,
"interactive": true,
"legend_counts": true,
"timezone": "browser",
"percentage": false,
"zerofill": true,
"derivative": false,
"tooltip": {
"value_type": "cumulative",
"query_as_alias": true
},
"title": "Log messages over time"
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "Hostname",
"exclude": [],
"missing": false,
"other": false,
"size": 10,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Top 10 hosts"
},
{
"error": false,
"span": 8,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "Logger",
"exclude": [],
"missing": false,
"other": false,
"size": 10,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Top 10 sources"
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "severity_label",
"exclude": [],
"missing": false,
"other": false,
"size": 10,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Number of log messages per severity"
},
{
"error": false,
"span": 8,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "programname",
"exclude": [],
"missing": false,
"other": false,
"size": 10,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Top 10 programs"
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "openstack_roles",
"exclude": [],
"missing": false,
"other": false,
"size": 10,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Number of log messages per role"
}
],
"notice": false
},
{
"title": "Log messages",
"height": "150px",
"editable": true,
"collapse": false,
"collapsable": true,
"panels": [
{
"error": false,
"span": 12,
"editable": true,
"type": "table",
"loadingEditor": false,
"size": 100,
"pages": 5,
"offset": 0,
"sort": [
"Timestamp",
"desc"
],
"overflow": "min-height",
"fields": [
"Timestamp",
"Hostname",
"Logger",
"programname",
"severity_label",
"Payload",
"environment_label"
],
"highlight": [],
"sortable": true,
"header": true,
"paging": true,
"field_list": false,
"all_fields": true,
"trimFactor": 300,
"localTime": true,
"timeField": "Timestamp",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"style": {
"font-size": "9pt"
},
"normTimes": true,
"title": "Log messages"
}
],
"notice": false
}
],
"editable": true,
"failover": false,
"index": {
"interval": "day",
"pattern": "[log-]YYYY.MM.DD",
"default": "_all",
"warm_fields": true
},
"style": "dark",
"panel_hints": true,
"pulldowns": [
{
"type": "query",
"collapse": false,
"notice": false,
"enable": true,
"query": "*",
"pinned": true,
"history": [
""
],
"remember": 10
},
{
"type": "filtering",
"collapse": false,
"notice": true,
"enable": true
}
],
"nav": [
{
"type": "timepicker",
"collapse": false,
"notice": false,
"enable": true,
"status": "Stable",
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
],
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"timefield": "Timestamp",
"now": true,
"filter_id": 0
}
],
"loader": {
"save_gist": false,
"save_elasticsearch": true,
"save_local": true,
"save_default": true,
"save_temp": true,
"save_temp_ttl_enable": true,
"save_temp_ttl": "30d",
"load_gist": false,
"load_elasticsearch": true,
"load_elasticsearch_size": 20,
"load_local": false,
"hide": false
},
"refresh": "1m"
}

394
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana_dashboards/notifications.json
View File

@ -1,394 +0,0 @@
{
"title": "Logging, Monitoring and Alerting - Notifications",
"services": {
"query": {
"list": {
"0": {
"query": "",
"alias": "",
"color": "#7EB26D",
"id": 0,
"pin": false,
"type": "lucene",
"enable": true
}
},
"ids": [
0
]
},
"filter": {
"list": {
"0": {
"type": "time",
"field": "Timestamp",
"from": "now-1h",
"to": "now",
"mandate": "must",
"active": true,
"alias": "",
"id": 0
}
},
"ids": [
0
]
}
},
"rows": [
{
"title": "Events over time",
"height": "150px",
"editable": true,
"collapse": false,
"collapsable": true,
"panels": [
{
"span": 8,
"editable": true,
"type": "histogram",
"loadingEditor": false,
"mode": "count",
"time_field": "Timestamp",
"value_field": null,
"x-axis": true,
"y-axis": true,
"scale": 1,
"y_format": "none",
"grid": {
"max": null,
"min": 0
},
"queries": {
"mode": "all",
"ids": [
0
]
},
"annotate": {
"enable": false,
"query": "*",
"size": 20,
"field": "_type",
"sort": [
"_score",
"desc"
]
},
"auto_int": true,
"resolution": 100,
"interval": "30s",
"intervals": [
"auto",
"1s",
"1m",
"5m",
"10m",
"30m",
"1h",
"3h",
"12h",
"1d",
"1w",
"1y"
],
"lines": false,
"fill": 0,
"linewidth": 3,
"points": false,
"pointradius": 5,
"bars": true,
"stack": true,
"spyable": true,
"zoomlinks": true,
"options": true,
"legend": true,
"show_query": true,
"interactive": true,
"legend_counts": true,
"timezone": "browser",
"percentage": false,
"zerofill": true,
"derivative": false,
"tooltip": {
"value_type": "cumulative",
"query_as_alias": true
},
"title": "Notifications over time",
"scaleSeconds": false
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "event_type",
"exclude": [],
"missing": false,
"other": true,
"size": 10,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Event type breakdown"
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "severity_label",
"exclude": [],
"missing": false,
"other": true,
"size": 100000,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Notifications per severity"
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "Logger",
"exclude": [],
"missing": false,
"other": true,
"size": 1000000,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Source breakdown"
},
{
"error": false,
"span": 4,
"editable": true,
"type": "terms",
"loadingEditor": false,
"field": "Hostname",
"exclude": [],
"missing": false,
"other": true,
"size": 1000000,
"order": "count",
"style": {
"font-size": "10pt"
},
"donut": false,
"tilt": false,
"labels": true,
"arrangement": "horizontal",
"chart": "bar",
"counter_pos": "above",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"tmode": "terms",
"tstat": "count",
"valuefield": "",
"title": "Host breakdown"
}
],
"notice": false
},
{
"title": "Log messages",
"height": "150px",
"editable": true,
"collapse": false,
"collapsable": true,
"panels": [
{
"error": false,
"span": 12,
"editable": true,
"type": "table",
"loadingEditor": false,
"size": 100,
"pages": 5,
"offset": 0,
"sort": [
"Timestamp",
"desc"
],
"overflow": "min-height",
"fields": [
"Timestamp",
"Logger",
"publisher",
"severity_label",
"event_type",
"old_state",
"old_task_state",
"state",
"new_task_state",
"environment_label"
],
"highlight": [],
"sortable": true,
"header": true,
"paging": true,
"field_list": false,
"all_fields": true,
"trimFactor": 300,
"localTime": false,
"timeField": "@timestamp",
"spyable": true,
"queries": {
"mode": "all",
"ids": [
0
]
},
"style": {
"font-size": "9pt"
},
"normTimes": true,
"title": "Log messages"
}
],
"notice": false
}
],
"editable": true,
"failover": false,
"index": {
"interval": "day",
"pattern": "[notification-]YYYY.MM.DD",
"default": "_all",
"warm_fields": true
},
"style": "dark",
"panel_hints": true,
"pulldowns": [
{
"type": "query",
"collapse": false,
"notice": false,
"enable": true,
"query": "*",
"pinned": true,
"history": [
""
],
"remember": 10
},
{
"type": "filtering",
"collapse": false,
"notice": true,
"enable": true
}
],
"nav": [
{
"type": "timepicker",
"collapse": false,
"notice": false,
"enable": true,
"status": "Stable",
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
],
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"timefield": "Timestamp",
"now": true,
"filter_id": 0
}
],
"loader": {
"save_gist": false,
"save_elasticsearch": true,
"save_local": true,
"save_default": true,
"save_temp": true,
"save_temp_ttl_enable": true,
"save_temp_ttl": "30d",
"load_gist": false,
"load_elasticsearch": true,
"load_elasticsearch_size": 20,
"load_local": false,
"hide": false
},
"refresh": false
}

19
deployment_scripts/puppet/modules/lma_logging_analytics/templates/kibana_logrotate.conf.erb
View File

@ -1,19 +0,0 @@
# managed by puppet
<%= @log_dir %>/*.log {
copytruncate
compress
delaycompress
missingok
notifempty
# logrotate allows to use only year, month, day and unix epoch
dateext
dateformat -%Y%m%d-%s
# number of rotated files to keep
rotate 10
# do not rotate files unless both size and time conditions are met
hourly
minsize 20M
# force rotate if filesize exceeded 100M
maxsize 100M
}

288
deployment_tasks.yaml
View File

@ -1,288 +0,0 @@
# Groups definitions
####################
- id: primary-elasticsearch_kibana
type: group
version: 2.0.0
role: [primary-elasticsearch_kibana]
tasks:
- hiera
- setup_repositories
- fuel_pkgs
- globals
- tools
- logging
- elasticsearch-netconfig
- hosts
- elasticsearch-check-configuration
- elasticsearch-hiera
- elasticsearch-firewall
- elasticsearch-cluster
- elasticsearch-cluster-haproxy
- elasticsearch-virtual-ip
- elasticsearch-haproxy
- elasticsearch-installation
requires: [deploy_start]
required_for: [deploy_end]
parameters:
strategy:
type: one_by_one
- id: elasticsearch_kibana
type: group
version: 2.0.0
role: [elasticsearch_kibana]
tasks:
- hiera
- setup_repositories
- fuel_pkgs
- globals
- tools
- logging
- elasticsearch-netconfig
- hosts
- elasticsearch-check-configuration
- elasticsearch-hiera
- elasticsearch-firewall
- elasticsearch-cluster
- elasticsearch-cluster-haproxy
- elasticsearch-virtual-ip
- elasticsearch-haproxy
- elasticsearch-installation
requires: [deploy_start, primary-elasticsearch_kibana]
required_for: [deploy_end]
parameters:
strategy:
type: parallel
# Tasks definitions for the deployment
######################################
# This task needs to be reexecuted to adapt the configuration parameters which
# depend on the number of nodes in the cluster
- id: elasticsearch-hiera
type: puppet
version: 2.0.0
requires: [globals]
required_for: [deploy_end]
parameters:
puppet_manifest: "puppet/manifests/hiera_override.pp"
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
reexecute_on:
- deploy_changes
# This task needs to be reexecuted to recheck that the configuration parameters
# match the node's characteristics (eg JVM size).
- id: elasticsearch-check-configuration
type: puppet
version: 2.0.0
requires: [elasticsearch-hiera]
required_for: [deploy_end]
parameters:
puppet_manifest: puppet/manifests/check_environment_configuration.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
reexecute_on:
- deploy_changes
# We cannot use the legacy 'netconfig' task because with MOS 9, it won't create
# the proper dependency on the 'virtual_ips' task for the Elasticsearch-Kibana
# nodes. As a consequence, the deployment will fail because the nodes will
# perform operations that download stuff from the Internet (like running
# 'apt-get update') while the virtual router isn't ready yet. For MOS 8, the
# task depends on the 'tools' task and not on the 'virtual_ips' task otherwise
# it creates a dependency cycle. In this case, this isn't an issue because the
# default gateway is only changed at post-deployment (see the
# 'influxdb-configure-default-route' task).
- id: elasticsearch-netconfig
type: puppet
version: 2.0.0
requires: [elasticsearch-check-configuration, tools]
required_for: [deploy_end, hosts]
cross-depends:
- name: virtual_ips
role: [primary-controller, controller]
parameters:
puppet_manifest: "/etc/puppet/modules/osnailyfacter/modular/netconfig/netconfig.pp"
puppet_modules: /etc/puppet/modules
timeout: 600
reexecute_on:
- deploy_changes
- id: elasticsearch-firewall
type: puppet
version: 2.0.0
requires: [elasticsearch-netconfig]
required_for: [deploy_end]
parameters:
puppet_manifest: "puppet/manifests/firewall.pp"
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 3600
- id: elasticsearch-cluster
type: puppet
version: 2.0.0
requires: [elasticsearch-firewall]
required_for: [deploy_end]
parameters:
puppet_manifest: "puppet/manifests/cluster.pp"
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 3600
reexecute_on:
- deploy_changes
- id: elasticsearch-cluster-haproxy
type: puppet
version: 2.0.0
requires: [elasticsearch-cluster]
required_for: [deploy_end]
parameters:
puppet_manifest: "puppet/manifests/cluster-haproxy.pp"
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 3600
reexecute_on:
- deploy_changes
- id: elasticsearch-virtual-ip
type: puppet
version: 2.0.0
requires: [elasticsearch-cluster]
required_for: [deploy_end]
parameters:
puppet_manifest: "/etc/puppet/modules/osnailyfacter/modular/virtual_ips/virtual_ips.pp"
puppet_modules: /etc/puppet/modules
timeout: 3600
# This task needs to be reexecuted to reconfigure HAProxy backends
- id: elasticsearch-haproxy
type: puppet
version: 2.0.0
requires: [elasticsearch-cluster-haproxy, elasticsearch-virtual-ip]
required_for: [deploy_end]
parameters:
puppet_manifest: "puppet/manifests/haproxy.pp"
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
reexecute_on:
- deploy_changes
# This task needs to be reexecuted to reconfigure Elasticsearch instances
- id: elasticsearch-installation
type: puppet
version: 2.0.0
requires: [elasticsearch-haproxy]
required_for: [deploy_end]
cross-depends:
- name: telemetry-hiera
parameters:
puppet_manifest: puppet/manifests/elasticsearch.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 600
reexecute_on:
- deploy_changes
# Tasks defintions for the post-deployment
##########################################
- id: elasticsearch-dns-client
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana, elasticsearch_kibana]
requires: [post_deployment_start]
required_for: [post_deployment_end]
parameters:
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/dns/dns-client.pp
puppet_modules: /etc/puppet/modules
timeout: 600
- id: elasticsearch-ntp-client
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana, elasticsearch_kibana]
requires: [elasticsearch-dns-client]
required_for: [post_deployment_end]
parameters:
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/ntp/ntp-client.pp
puppet_modules: /etc/puppet/modules
timeout: 600
# Configure the default gateway (required for MOS 8 only)
- id: elasticsearch-configure-default-route
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana, elasticsearch_kibana]
requires: [post_deployment_start]
required_for: [post_deployment_end]
parameters:
puppet_manifest: "puppet/manifests/configure_default_route.pp"
puppet_modules: /etc/puppet/modules
timeout: 120
reexecute_on:
- deploy_changes
# In order to automatically import dashboards, it is mandatory to create and
# configure the Kibana index before Kibana4 starts. This task is ran at post-deployment
# stage because the index creation must occur when the Elasticsearch cluster is ready
# (eg. all instances are started). This is required for MOS 8 (role-based deployment).
- id: provision-kibana-index
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana]
requires: [post_deployment_start]
required_for: [post_deployment_end]
parameters:
puppet_manifest: puppet/manifests/kibana_index_configuration.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 600
- id: kibana-installation
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana, elasticsearch_kibana]
cross-depends:
- name: provision-kibana-index
role: [primary-elasticsearch_kibana]
requires: [post_deployment_start, provision-kibana-index]
required_for: [post_deployment_end]
parameters:
puppet_manifest: puppet/manifests/kibana.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 600
# This task needs to be reexecuted to reconfigure the index templates with an
# appropriate number_of_replicas.
# This is done at post_deployment time to ensure that the cluster is ready.
- id: elasticsearch-kibana-configuration
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana]
requires: [post_deployment_start, kibana-installation]
# We use upload_nodes_info as an anchor to order the post-deployment tasks executed
# by this plugin and the LMA collector plugin. The dependency chain is like this:
# elasticsearch-kibana-configuration -> upload_nodes_info -> (LMA collector tasks)
required_for: [upload_nodes_info, post_deployment_end]
cross-depended-by:
- name: lma-configure-apt
role: /.*/
parameters:
puppet_manifest: puppet/manifests/provision_services.pp
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 600
reexecute_on:
- deploy_changes
# This task needs to be reexecuted to reconfigure the no-quorum-policy every
# time the cluster is scaled up or down. In case of scale up, it should happen
# after the new nodes have added themselves to the Pacemaker cluster.
- id: elasticsearch-enable-quorum
type: puppet
version: 2.0.0
role: [primary-elasticsearch_kibana]
requires: [elasticsearch-kibana-configuration]
required_for: [post_deployment_end]
parameters:
puppet_manifest: "puppet/manifests/enable_quorum.pp"
puppet_modules: puppet/modules:/etc/puppet/modules
timeout: 120
reexecute_on:
- deploy_changes

1
doc/.gitignore vendored
View File

@ -1 +0,0 @@
build/

177
doc/Makefile
View File

@ -1,177 +0,0 @@
# Makefile for Sphinx documentation
#
# You can set these variables from the command line.
SPHINXOPTS =
SPHINXBUILD = sphinx-build
PAPER =
BUILDDIR = build
# User-friendly check for sphinx-build
ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1)
$(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/)
endif
# Internal variables.
PAPEROPT_a4 = -D latex_paper_size=a4
PAPEROPT_letter = -D latex_paper_size=letter
ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
# the i18n builder cannot share the environment and doctrees with the others
I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext
help:
@echo "Please use \`make <target>' where <target> is one of"
@echo " html to make standalone HTML files"
@echo " dirhtml to make HTML files named index.html in directories"
@echo " singlehtml to make a single large HTML file"
@echo " pickle to make pickle files"
@echo " json to make JSON files"
@echo " htmlhelp to make HTML files and a HTML help project"
@echo " qthelp to make HTML files and a qthelp project"
@echo " devhelp to make HTML files and a Devhelp project"
@echo " epub to make an epub"
@echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
@echo " latexpdf to make LaTeX files and run them through pdflatex"
@echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx"
@echo " text to make text files"
@echo " man to make manual pages"
@echo " texinfo to make Texinfo files"
@echo " info to make Texinfo files and run them through makeinfo"
@echo " gettext to make PO message catalogs"
@echo " changes to make an overview of all changed/added/deprecated items"
@echo " xml to make Docutils-native XML files"
@echo " pseudoxml to make pseudoxml-XML files for display purposes"
@echo " linkcheck to check all external links for integrity"
@echo " doctest to run all doctests embedded in the documentation (if enabled)"
clean:
rm -rf $(BUILDDIR)/*
html:
$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
@echo
@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
dirhtml:
$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml
@echo
@echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml."
singlehtml:
$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml
@echo
@echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml."
pickle:
$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle
@echo
@echo "Build finished; now you can process the pickle files."
json:
$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json
@echo
@echo "Build finished; now you can process the JSON files."
htmlhelp:
$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp
@echo
@echo "Build finished; now you can run HTML Help Workshop with the" \
".hhp project file in $(BUILDDIR)/htmlhelp."
qthelp:
$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp
@echo
@echo "Build finished; now you can run "qcollectiongenerator" with the" \
".qhcp project file in $(BUILDDIR)/qthelp, like this:"
@echo "# qcollectiongenerator $(BUILDDIR)/qthelp/LMAcollector.qhcp"
@echo "To view the help file:"
@echo "# assistant -collectionFile $(BUILDDIR)/qthelp/LMAcollector.qhc"
devhelp:
$(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp
@echo
@echo "Build finished."
@echo "To view the help file:"
@echo "# mkdir -p $$HOME/.local/share/devhelp/LMAcollector"
@echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/LMAcollector"
@echo "# devhelp"
epub:
$(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub
@echo
@echo "Build finished. The epub file is in $(BUILDDIR)/epub."
latex:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo
@echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex."
@echo "Run \`make' in that directory to run these through (pdf)latex" \
"(use \`make latexpdf' here to do that automatically)."
latexpdf:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo "Running LaTeX files through pdflatex..."
$(MAKE) -C $(BUILDDIR)/latex all-pdf
@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
latexpdfja:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo "Running LaTeX files through platex and dvipdfmx..."
$(MAKE) -C $(BUILDDIR)/latex all-pdf-ja
@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
text:
$(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text
@echo
@echo "Build finished. The text files are in $(BUILDDIR)/text."
man:
$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man
@echo
@echo "Build finished. The manual pages are in $(BUILDDIR)/man."
texinfo:
$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
@echo
@echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo."
@echo "Run \`make' in that directory to run these through makeinfo" \
"(use \`make info' here to do that automatically)."
info:
$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
@echo "Running Texinfo files through makeinfo..."
make -C $(BUILDDIR)/texinfo info
@echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo."
gettext:
$(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale
@echo
@echo "Build finished. The message catalogs are in $(BUILDDIR)/locale."
changes:
$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes
@echo
@echo "The overview file is in $(BUILDDIR)/changes."
linkcheck:
$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck
@echo
@echo "Link check complete; look for any errors in the above output " \
"or in $(BUILDDIR)/linkcheck/output.txt."
doctest:
$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest
@echo "Testing of doctests in the sources finished, look at the " \
"results in $(BUILDDIR)/doctest/output.txt."
xml:
$(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml
@echo
@echo "Build finished. The XML files are in $(BUILDDIR)/xml."
pseudoxml:
$(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml
@echo
@echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml."

BIN
doc/images/deploy_notif.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 304 KiB

BIN
doc/images/elastic_kibana_role.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 151 KiB

BIN
doc/images/elastic_kibana_settings.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 132 KiB

BIN
doc/images/kibana_dash.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 53 KiB

BIN
doc/images/kibana_logs_dash.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 587 KiB

BIN
doc/images/kibana_logs_filter1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 384 KiB

BIN
doc/images/kibana_logs_filter2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 66 KiB

BIN
doc/images/kibana_logs_query1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 382 KiB

BIN
doc/images/kibana_logs_sections_1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 614 KiB

BIN
doc/images/kibana_logs_sections_2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 570 KiB

BIN
doc/images/ldap_auth.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 279 KiB

Some files were not shown because too many files have changed in this diff Show More