x/browbeat
Code Issues Proposed changes
Files
21f1f28ab3c0cdb79f0b1f89b3518b2738963152
browbeat/ansible/install/roles/filebeat/tasks/main.yml
Will Foster 21f1f28ab3 Add ELK stack and ELK client Ansible playbooks. 
Fixes for this patchset:
- split out elk-openstack-client.yml to match what's done elsewhere

Fixes for patchset #11:
- split out filebeat into separate role for openstack clients
- update README.md to use elk-openstack-client.yml for this purpose
- cleanup filebeat.yml.j2 to use correct syntax (no need for " anymore)

Fixes for patchset #10:
- add SELinux boolean "httpd_can_network_connect"
- add libsemanage-python package dependency for booleans

Fixes for patchset #9:
- fix for RHEL7 clients, we need to specify remote EPEL rpm
- RHEL7 clients need rpm_key module to import EPEL GPG key
- switch to using uri module instead of curl for checking elasticsearch indices
- add python-httplib2 dependency (needed for uri module)
- use curl -XPOST instead of PUT for filebeat index template in elasticsearch

Fixes from patchset #7
- remove unneeded rpm usage, switch to yum module
- add logic to heapsize tuning so systems > 64G of memory will
  never exceed the 32G recommended heapsize
- logic fix for prepopulating local logs into logstash
- remove elasticsearch.yml, rpm provides this and we're not
  customizing it yet

Fixes from patchset #6:
- use yum repo Ansible module where we can
- remove unecessary EPEL installation (only nginx needs it)
- disable EPEL repo after installation to avoid OpenStack breakage

This adds:

(ELK Server)
- Automated ELK stack deployment
- SSL client generation
- Heap size tuning (1/2 of available memory)
- Firewall port additions (depending on active or not)
  - Supports either firewalld or iptables-services
- Additional upstream Filebeat Kibana dashboards

(ELK Client)
- Sets up filebeat with appropriate SSL certificates
  - utilizes both hostnames and SubjectAltName support (for environments without
    DNS services).

(Usage)

ansible-playbook -i hosts install/elk.yml
ansible-playbook -i hosts install/elk-client.yml --extra-vars 'elk_server=X.X.X.X'

Change-Id: Iee29f985e0bbcdf706ad869f132d4c0f1593a6b6
2016-05-03 15:22:00 -04:00

54 lines
1.3 KiB
YAML
Raw Blame History

---
#
# install/run filebeat elk client for browbeat
#
- name: Copy filebeat yum repo file
copy:
src=filebeat.repo
dest=/etc/yum.repos.d/filebeat.repo
owner=root
group=root
mode=0644
become: true
- name: Import filebeat GPG key
command: rpm --import http://packages.elastic.co/GPG-KEY-elasticsearch
ignore_errors: true
become: true
- name: Install filebeat rpms
yum: name={{ item }} state=present
become: true
with_items:
- filebeat
- name: Generate filebeat configuration template
template:
src=filebeat.yml.j2
dest=/etc/filebeat/filebeat.yml
owner=root
group=root
mode=0644
become: true
register: filebeat_needs_restart
- name: Check ELK server SSL client certificate
stat: path=/etc/pki/tls/certs/filebeat-forwarder.crt
ignore_errors: true
register: elk_client_ssl_cert_exists
- name: Install ELK server SSL client certificate
shell: curl http://"{{ elk_server }}":8080/filebeat-forwarder.crt > /etc/pki/tls/certs/filebeat-forwarder.crt
become: true
when: elk_client_ssl_cert_exists != 0
- name: Start filebeat service
command: systemctl start filebeat.service
ignore_errors: true
when: filebeat_needs_restart != 0
- name: Setup filebeat service
service: name=filebeat state=started enabled=true
become: true
View Git Blame Copy Permalink