From c2d3c44fd83ac98691cc4da47c8e8fcd0f16885c Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Tue, 4 Sep 2018 16:58:33 +0000 Subject: [PATCH] Enforce no_proxy when setting up ELK dashboards and rollups There is no guarantee that all container IP addressess will be included in an existing no_proxy environment variable. This will cause failures when an http proxy is configured, but the proxy does not allow traffic to 'hairpin' back to internal addresses. This change forces no_proxy to the specific address of the kibana and coordinator endpoints when the uri module is used to load dashboards and configure rollups. Change-Id: I669334c722cce79459b522e6e2d7e1aaec49ef24 --- elk_metrics_6x/roles/elastic_apm_server/tasks/apm_setup.yml | 2 ++ .../roles/elastic_auditbeat/tasks/auditbeat_setup.yml | 2 ++ .../roles/elastic_filebeat/tasks/filebeat_setup.yml | 2 ++ .../roles/elastic_metricbeat/tasks/metricbeat_setup.yml | 2 ++ .../roles/elastic_packetbeat/tasks/packetbeat_setup.yml | 2 ++ elk_metrics_6x/roles/elastic_retention/tasks/main.yml | 2 ++ elk_metrics_6x/roles/elastic_rollup/tasks/main.yml | 4 ++++ 7 files changed, 16 insertions(+) diff --git a/elk_metrics_6x/roles/elastic_apm_server/tasks/apm_setup.yml b/elk_metrics_6x/roles/elastic_apm_server/tasks/apm_setup.yml index 20c3643f..6d3572ca 100644 --- a/elk_metrics_6x/roles/elastic_apm_server/tasks/apm_setup.yml +++ b/elk_metrics_6x/roles/elastic_apm_server/tasks/apm_setup.yml @@ -24,6 +24,8 @@ - "--template" - "--dashboards" register: templates + environment: + no_proxy: "{{ hostvars[groups['kibana'][0]]['ansible_host'] }}" until: templates is success retries: 5 delay: 5 diff --git a/elk_metrics_6x/roles/elastic_auditbeat/tasks/auditbeat_setup.yml b/elk_metrics_6x/roles/elastic_auditbeat/tasks/auditbeat_setup.yml index 93542218..cf9b12ec 100644 --- a/elk_metrics_6x/roles/elastic_auditbeat/tasks/auditbeat_setup.yml +++ b/elk_metrics_6x/roles/elastic_auditbeat/tasks/auditbeat_setup.yml @@ -24,6 +24,8 @@ - "--template" - "--dashboards" register: templates + environment: + no_proxy: "{{ hostvars[groups['kibana'][0]]['ansible_host'] }}" until: templates is success retries: 5 delay: 5 diff --git a/elk_metrics_6x/roles/elastic_filebeat/tasks/filebeat_setup.yml b/elk_metrics_6x/roles/elastic_filebeat/tasks/filebeat_setup.yml index 4b917ed7..4a64784d 100644 --- a/elk_metrics_6x/roles/elastic_filebeat/tasks/filebeat_setup.yml +++ b/elk_metrics_6x/roles/elastic_filebeat/tasks/filebeat_setup.yml @@ -24,6 +24,8 @@ - "--template" - "--dashboards" register: templates + environment: + no_proxy: "{{ hostvars[groups['kibana'][0]]['ansible_host'] }}" until: templates is success retries: 5 delay: 5 diff --git a/elk_metrics_6x/roles/elastic_metricbeat/tasks/metricbeat_setup.yml b/elk_metrics_6x/roles/elastic_metricbeat/tasks/metricbeat_setup.yml index 86d56690..3864a8c1 100644 --- a/elk_metrics_6x/roles/elastic_metricbeat/tasks/metricbeat_setup.yml +++ b/elk_metrics_6x/roles/elastic_metricbeat/tasks/metricbeat_setup.yml @@ -24,6 +24,8 @@ - "--template" - "--dashboards" register: templates + environment: + no_proxy: "{{ hostvars[groups['kibana'][0]]['ansible_host'] }}" until: templates is success retries: 5 delay: 5 diff --git a/elk_metrics_6x/roles/elastic_packetbeat/tasks/packetbeat_setup.yml b/elk_metrics_6x/roles/elastic_packetbeat/tasks/packetbeat_setup.yml index 33dc703d..ca73d191 100644 --- a/elk_metrics_6x/roles/elastic_packetbeat/tasks/packetbeat_setup.yml +++ b/elk_metrics_6x/roles/elastic_packetbeat/tasks/packetbeat_setup.yml @@ -24,6 +24,8 @@ - "--template" - "--dashboards" register: templates + environment: + no_proxy: "{{ hostvars[groups['kibana'][0]]['ansible_host'] }}" until: templates is success retries: 5 delay: 5 diff --git a/elk_metrics_6x/roles/elastic_retention/tasks/main.yml b/elk_metrics_6x/roles/elastic_retention/tasks/main.yml index 9df9730c..4a344b82 100644 --- a/elk_metrics_6x/roles/elastic_retention/tasks/main.yml +++ b/elk_metrics_6x/roles/elastic_retention/tasks/main.yml @@ -18,6 +18,8 @@ url: "http://{{ coordination_nodes[0] }}/_nodes/{{ (data_nodes | map('extract', hostvars, 'ansible_host') | list) | join(',') }}/stats/fs" method: GET register: elk_data + environment: + no_proxy: "{{ coordination_nodes[0].split(':')[0] }}" until: - elk_data is success and elk_data['json'] is defined retries: 5 diff --git a/elk_metrics_6x/roles/elastic_rollup/tasks/main.yml b/elk_metrics_6x/roles/elastic_rollup/tasks/main.yml index a83fb66d..77cdf542 100644 --- a/elk_metrics_6x/roles/elastic_rollup/tasks/main.yml +++ b/elk_metrics_6x/roles/elastic_rollup/tasks/main.yml @@ -18,6 +18,8 @@ url: "http://{{ coordination_nodes[0] }}/_xpack/rollup/job/rollup_{{ index_name }}" method: GET register: check_rollup + environment: + no_proxy: "{{ coordination_nodes[0].split(':')[0] }}" until: check_rollup is success retries: 3 delay: 5 @@ -60,6 +62,8 @@ status_code: "{{ item.status_code }}" body_format: json register: elk_indexes + environment: + no_proxy: "{{ coordination_nodes[0].split(':')[0] }}" until: elk_indexes is success retries: 5 delay: 5