update elastic
This commit is contained in:
parent
ec0805bb67
commit
8ad9488998
|
@ -56,6 +56,3 @@
|
|||
timeout: 360
|
||||
fail: true
|
||||
- timestamps
|
||||
publishers:
|
||||
- email:
|
||||
recipients: infra-root+build@elastic.co
|
||||
|
|
|
@ -10,10 +10,18 @@
|
|||
#!/usr/local/bin/runbld
|
||||
set -euo pipefail
|
||||
|
||||
export RBENV_VERSION='2.3.0'
|
||||
export RBENV_VERSION='2.5.7'
|
||||
export PATH="$HOME/.rbenv/bin:$PATH"
|
||||
eval "$(rbenv init -)"
|
||||
rbenv local $RBENV_VERSION
|
||||
|
||||
make setup
|
||||
make verify PATTERN=$TEST_TYPE-$OS
|
||||
publishers:
|
||||
- slack:
|
||||
notify-back-to-normal: True
|
||||
notify-every-failure: True
|
||||
room: infra-release-notify
|
||||
team-domain: elastic
|
||||
auth-token-id: release-slack-integration-token
|
||||
auth-token-credential-id: release-slack-integration-token
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
#!/usr/local/bin/runbld
|
||||
set -euo pipefail
|
||||
|
||||
export RBENV_VERSION='2.3.0'
|
||||
export RBENV_VERSION='2.5.7'
|
||||
export PATH="$HOME/.rbenv/bin:$PATH"
|
||||
eval "$(rbenv init -)"
|
||||
rbenv local $RBENV_VERSION
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
<!--
|
||||
|
||||
** Please read the guidelines below. **
|
||||
|
||||
Issues that do not follow these guidelines are likely to be closed.
|
||||
|
||||
1. GitHub is reserved for bug reports and feature requests. The best place to
|
||||
ask a general question is at the Elastic [forums](https://discuss.elastic.co).
|
||||
GitHub is not the place for general questions.
|
||||
|
||||
2. Is this bug report or feature request for a supported OS? If not, it
|
||||
is likely to be closed. See https://www.elastic.co/support/matrix#show_os
|
||||
|
||||
3. Please fill out EITHER the feature request block or the bug report block
|
||||
below, and delete the other block.
|
||||
|
||||
-->
|
||||
|
||||
<!-- Feature request -->
|
||||
|
||||
**Describe the feature**:
|
||||
|
||||
<!-- Bug report -->
|
||||
|
||||
**Beats product**:
|
||||
|
||||
**Beats version**
|
||||
|
||||
**Role version**: (If using master please specify github sha)
|
||||
|
||||
**OS version** (`uname -a` if on a Unix-like system):
|
||||
|
||||
**Description of the problem including expected versus actual behaviour**:
|
||||
|
||||
**Playbook**:
|
||||
Please specify the full playbook used to reproduce this issue.
|
||||
|
||||
**Provide logs from Ansible**:
|
||||
|
||||
**Beats logs if relevant**:
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
# Number of days of inactivity before an issue becomes stale
|
||||
daysUntilStale: 90
|
||||
|
||||
# Number of days of inactivity before an stale issue is closed
|
||||
daysUntilClose: 30
|
||||
|
||||
# Label to use when marking an issue as stale
|
||||
staleLabel: triage/stale
|
||||
|
||||
issues:
|
||||
# Comment to post when marking an issue as stale.
|
||||
markComment: >
|
||||
This issue has been automatically marked as stale because it has not had
|
||||
recent activity. It will be closed if no further activity occurs. Thank
|
||||
you for your contributions.
|
||||
# Comment to post when closing a stale issue.
|
||||
closeComment: >
|
||||
This issue has been automatically closed because it has not had recent
|
||||
activity since being marked as stale.
|
||||
pulls:
|
||||
# Comment to post when marking a PR as stale.
|
||||
markComment: >
|
||||
This PR has been automatically marked as stale because it has not had
|
||||
recent activity. It will be closed if no further activity occurs. Thank you
|
||||
for your contributions.
|
||||
|
||||
To track this PR (even if closed), please open a corresponding issue if one
|
||||
does not already exist.
|
||||
# Comment to post when closing a stale PR.
|
||||
closeComment: >
|
||||
This PR has been automatically closed because it has not had recent
|
||||
activity since being marked as stale.
|
||||
|
||||
Please reopen when work resumes.
|
|
@ -2,6 +2,9 @@
|
|||
driver:
|
||||
name: docker
|
||||
|
||||
transport:
|
||||
max_ssh_sessions: 6
|
||||
|
||||
provisioner:
|
||||
name: ansible_playbook
|
||||
hosts: localhost
|
||||
|
@ -55,22 +58,36 @@ platforms:
|
|||
- apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
|
||||
- apt-get update && apt-get -y install ansible
|
||||
use_sudo: false
|
||||
- name: centos-6
|
||||
driver_config:
|
||||
image: centos:6
|
||||
privileged: true
|
||||
provision_command:
|
||||
- yum -y install epel-release
|
||||
- yum -y install ansible
|
||||
use_sudo: false
|
||||
- name: centos-7
|
||||
driver_config:
|
||||
image: centos:7
|
||||
provision_command:
|
||||
- yum -y install epel-release
|
||||
- yum -y install ansible
|
||||
run_command: "/usr/sbin/init"
|
||||
privileged: true
|
||||
use_sudo: false
|
||||
- name: centos-8
|
||||
driver_config:
|
||||
image: centos:8
|
||||
provision_command:
|
||||
- yum -y install epel-release
|
||||
- yum -y install ansible
|
||||
run_command: "/usr/sbin/init"
|
||||
privileged: true
|
||||
use_sudo: false
|
||||
- name: amazonlinux-2
|
||||
driver_config:
|
||||
image: amazonlinux:2
|
||||
provision_command:
|
||||
- yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
|
||||
- yum -y install ansible
|
||||
volume:
|
||||
- <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json
|
||||
- /etc # This fixes certain java file actions that check the mount point. Without this adding users fails for some docker storage drivers
|
||||
run_command: "/usr/sbin/init"
|
||||
privileged: true
|
||||
use_sudo: false
|
||||
suites:
|
||||
- name: standard
|
||||
provisioner:
|
||||
|
@ -99,4 +116,11 @@ suites:
|
|||
additional_copy_path:
|
||||
- "."
|
||||
run_list:
|
||||
attributes:
|
||||
attributes:
|
||||
- name: oss
|
||||
provisioner:
|
||||
playbook: test/integration/oss.yml
|
||||
additional_copy_path:
|
||||
- "."
|
||||
run_list:
|
||||
attributes:
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
2.5.7
|
|
@ -0,0 +1,179 @@
|
|||
# Changelog
|
||||
|
||||
## 7.11.1
|
||||
|
||||
* 7.11.1 as default version.
|
||||
* 6.8.14 as 6.x tested version
|
||||
|
||||
## 7.10.2
|
||||
|
||||
* 7.10.2 as default version.
|
||||
|
||||
|
||||
| PR | Author | Title |
|
||||
| --- | --- | --- |
|
||||
| [#123](https://github.com/elastic/ansible-beats/pull/123) | [@jmlrt](https://github.com/jmlrt) | Cleanup init_script variable |
|
||||
|
||||
|
||||
## 7.10.1
|
||||
|
||||
* 7.10.1 as default version.
|
||||
|
||||
|
||||
| PR | Author | Title |
|
||||
| --- | --- | --- |
|
||||
| [#115](https://github.com/elastic/ansible-beats/pull/115) | [@v1v](https://github.com/v1v) | Support CentOS-8 |
|
||||
| [#120](https://github.com/elastic/ansible-beats/pull/120) | [@jmlrt](https://github.com/jmlrt) | Remove CentOS 6 support |
|
||||
|
||||
|
||||
## 7.10.0
|
||||
|
||||
* 7.10.0 as default version.
|
||||
|
||||
|
||||
| PR | Author | Title |
|
||||
| --- | --- | --- |
|
||||
| [#113](https://github.com/elastic/ansible-beats/pull/113) | [@jmlrt](https://github.com/jmlrt) | [meta] clean deprecated bumper script |
|
||||
|
||||
|
||||
## 7.9.3
|
||||
|
||||
* 7.9.3 as default version.
|
||||
* 6.8.13 as 6.x tested version
|
||||
|
||||
## 7.9.2 - 2020/09/24
|
||||
|
||||
* 7.9.2 as default version
|
||||
|
||||
## 7.9.1 - 2020/09/03
|
||||
|
||||
* 7.9.1 as default version
|
||||
|
||||
## 7.9.0 - 2020/08/18
|
||||
|
||||
* 7.9.0 as default version
|
||||
* 6.8.12 as 6.x tested version
|
||||
|
||||
## 7.8.1 - 2020/07/28
|
||||
|
||||
* 7.8.1 as default version
|
||||
* 6.8.11 as 6.x tested version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|------------------------------------|--------------------------|
|
||||
| [#89](https://github.com/elastic/ansible-beats/pull/89) | [@jmlrt](https://github.com/jmlrt) | Add amazonlinux2 support |
|
||||
|
||||
|
||||
## 7.8.0 - 2020/06/18
|
||||
|
||||
* 7.8.0 as default version
|
||||
|
||||
## 7.7.1 - 2020/06/04
|
||||
|
||||
* 7.7.1 as default version
|
||||
* 6.8.10 as 6.x tested version
|
||||
|
||||
## 7.7.0 - 2020/05/13
|
||||
|
||||
* 7.7.0 as default version
|
||||
* 6.8.9 as 6.x tested version
|
||||
* Fix CentOS tests in [#86](https://github.com/elastic/ansible-beats/pull/86) ([@jmlrt](https://github.com/jmlrt))
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|------------------------------------------|---------------------------------------------|
|
||||
| [#84](https://github.com/elastic/ansible-beats/pull/84) | [@kravietz](https://github.com/kravietz) | Minor formatting fixes to pass ansible-lint |
|
||||
|
||||
|
||||
## 7.6.2 - 2020/03/31
|
||||
|
||||
* 7.6.2 as default version
|
||||
* 6.8.8 as 6.x tested version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|------------------------------------|---------------------------------------------------------------------------|
|
||||
| [#77](https://github.com/elastic/ansible-beats/pull/77) | [@jmlrt](https://github.com/jmlrt) | Add become to individual tasks |
|
||||
| [#75](https://github.com/elastic/ansible-beats/pull/75) | [@ktibi](https://github.com/ktibi) | Add option to disable the repo installation and lock package installation |
|
||||
| [#78](https://github.com/elastic/ansible-beats/pull/78) | [@astik](https://github.com/astik) | Aad task to create directory for default policies |
|
||||
|
||||
|
||||
## 7.6.1 - 2020/03/04
|
||||
|
||||
* 7.6.1 as default version
|
||||
|
||||
|
||||
## 7.6.0 - 2020/02/11
|
||||
|
||||
* 7.6.0 as default version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|--------------------------------------------------------|------------------------------------|
|
||||
| [#69](https://github.com/elastic/ansible-beats/pull/69) | [@dependabot[bot]](https://github.com/apps/dependabot) | Bump rubyzip from 1.2.2 to 2.0.0 |
|
||||
| [#71](https://github.com/elastic/ansible-beats/pull/71) | [@jmlrt](https://github.com/jmlrt) | Fix filebeat example configuration |
|
||||
| [#72](https://github.com/elastic/ansible-beats/pull/72) | [@beand](https://github.com/beand) | Fixed typo |
|
||||
|
||||
|
||||
## 7.5.2 - 2020/01/21
|
||||
|
||||
* 7.5.2 as default version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|------------------------------------|-----------------------------------------------|
|
||||
| [#66](https://github.com/elastic/ansible-beats/pull/66) | [@jmlrt](https://github.com/jmlrt) | [doc] switched relative URLs to absolute URLs |
|
||||
| [#67](https://github.com/elastic/ansible-beats/pull/67) | [@jmlrt](https://github.com/jmlrt) | [ci] bump ruby to 2.5.7 |
|
||||
|
||||
|
||||
## 7.5.1 - 2019/12/18
|
||||
|
||||
* 7.5.1 as default version
|
||||
* 6.8.6 as 6.x tested version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|----------------------------------------------------|--------------------------|
|
||||
| [#61](https://github.com/elastic/ansible-beats/pull/61) | [@robsonpeixoto](https://github.com/robsonpeixoto) | Allow use oss repository |
|
||||
|
||||
|
||||
## 7.5.0 - 2019/12/02
|
||||
|
||||
* 7.5.0 as default version
|
||||
* 6.8.5 as 6.x tested version in [#57](https://github.com/elastic/ansible-beats/pull/57) [@jmlrt](https://github.com/jmlrt)
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|--------------------------------------------------|-----------------------------------------------------------------|
|
||||
| [#50](https://github.com/elastic/ansible-beats/pull/50) | [@jmlrt](https://github.com/jmlrt) | Add bumper script |
|
||||
| [#55](https://github.com/elastic/ansible-beats/pull/55) | [@tgadiev](https://github.com/tgadiev) | Update syntax to make it compliant to modern ansible-lint rules |
|
||||
| [#53](https://github.com/elastic/ansible-beats/pull/53) | [@jmlrt](https://github.com/jmlrt) | Indent yaml for config file |
|
||||
| [#51](https://github.com/elastic/ansible-beats/pull/51) | [@ktibi](https://github.com/ktibi) | Rename the handlers |
|
||||
| [#59](https://github.com/elastic/ansible-beats/pull/59) | [@MartinVerges](https://github.com/MartinVerges) | Beat config improvements |
|
||||
|
||||
|
||||
## 7.4.1 - 2019/10/23
|
||||
|
||||
* 7.4.1 as default version
|
||||
* 6.8.4 as 6.x tested version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|------------------------------------|---------------------|
|
||||
| [#48](https://github.com/elastic/ansible-beats/pull/48) | [@jmlrt](https://github.com/jmlrt) | Fix probot newlines |
|
||||
|
||||
|
||||
## 7.4.0 - 2019/10/01
|
||||
|
||||
* 7.4.0 as default version
|
||||
|
||||
| PR | Author | Title |
|
||||
|---------------------------------------------------------|------------------------------------------|---------------------------------------------------------------------|
|
||||
| [#25](https://github.com/elastic/ansible-beats/pull/25) | [@jmlrt](https://github.com/jmlrt) | Update kitchen Gem dependencies |
|
||||
| [#6](https://github.com/elastic/ansible-beats/pull/6) | [@levonet](https://github.com/levonet) | Remove `beat_install` variable |
|
||||
| [#32](https://github.com/elastic/ansible-beats/pull/32) | [@astik](https://github.com/astik) | Remove unused `es_conf_dir` variable |
|
||||
| [#33](https://github.com/elastic/ansible-beats/pull/33) | [@astik](https://github.com/astik) | Replace custom filter with yaml handling |
|
||||
| [#10](https://github.com/elastic/ansible-beats/pull/10) | [@Meecr0b](https://github.com/Meecr0b) | Move the `repo_key` configuration to a variable |
|
||||
| [#34](https://github.com/elastic/ansible-beats/pull/34) | [@nyetwurk](https://github.com/nyetwurk) | Make sure the right beat service gets restarted |
|
||||
| [#38](https://github.com/elastic/ansible-beats/pull/38) | [@jmlrt](https://github.com/jmlrt) | Add probot config to manage stale issues/pr + GH issue template |
|
||||
| [#40](https://github.com/elastic/ansible-beats/pull/40) | [@nyetwurk](https://github.com/nyetwurk) | Make beats `repo_key` variable a unique name less likely to collide |
|
||||
| [#41](https://github.com/elastic/ansible-beats/pull/41) | [@jmlrt](https://github.com/jmlrt) | Enhance ansible-beats documentation |
|
||||
|
||||
|
||||
## 7.0.0 - 2019/05/09
|
||||
|
||||
* First release
|
||||
* 7.0.0 as default version
|
|
@ -1,6 +1,6 @@
|
|||
source 'https://rubygems.org'
|
||||
|
||||
gem 'test-kitchen', '1.21.1'
|
||||
gem "kitchen-docker", '2.6.0'
|
||||
gem 'kitchen-ansible', '0.48.3'
|
||||
gem 'net-ssh', '4.2.0'
|
||||
gem 'test-kitchen'
|
||||
gem 'kitchen-docker'
|
||||
gem 'kitchen-ansible'
|
||||
gem 'net-ssh'
|
||||
|
|
|
@ -1,75 +1,117 @@
|
|||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
builder (3.2.3)
|
||||
erubis (2.7.0)
|
||||
ffi (1.9.24)
|
||||
gssapi (1.2.0)
|
||||
bcrypt_pbkdf (1.0.1)
|
||||
builder (3.2.4)
|
||||
ed25519 (1.2.4)
|
||||
equatable (0.5.0)
|
||||
erubi (1.9.0)
|
||||
ffi (1.12.1)
|
||||
gssapi (1.3.0)
|
||||
ffi (>= 1.0.1)
|
||||
gyoku (1.3.1)
|
||||
builder (>= 2.1.2)
|
||||
httpclient (2.8.3)
|
||||
kitchen-ansible (0.48.3)
|
||||
kitchen-ansible (0.50.0)
|
||||
net-ssh (>= 3)
|
||||
test-kitchen (~> 1.4)
|
||||
kitchen-docker (2.6.0)
|
||||
test-kitchen (>= 1.4)
|
||||
kitchen-docker (2.9.0)
|
||||
test-kitchen (>= 1.0.0)
|
||||
license-acceptance (1.0.11)
|
||||
pastel (~> 0.7)
|
||||
tomlrb (~> 1.2)
|
||||
tty-box (~> 0.3)
|
||||
tty-prompt (~> 0.18)
|
||||
little-plugger (1.1.4)
|
||||
logging (2.2.2)
|
||||
little-plugger (~> 1.1)
|
||||
multi_json (~> 1.10)
|
||||
mixlib-install (3.9.3)
|
||||
mixlib-install (3.11.18)
|
||||
mixlib-shellout
|
||||
mixlib-versioning
|
||||
thor
|
||||
mixlib-shellout (2.3.2)
|
||||
mixlib-versioning (1.2.2)
|
||||
multi_json (1.13.1)
|
||||
net-scp (1.2.1)
|
||||
net-ssh (>= 2.6.5)
|
||||
net-ssh (4.2.0)
|
||||
net-ssh-gateway (1.3.0)
|
||||
net-ssh (>= 2.6.5)
|
||||
mixlib-shellout (2.4.4)
|
||||
mixlib-versioning (1.2.7)
|
||||
multi_json (1.14.1)
|
||||
necromancer (0.4.0)
|
||||
net-scp (2.0.0)
|
||||
net-ssh (>= 2.6.5, < 6.0.0)
|
||||
net-ssh (5.2.0)
|
||||
net-ssh-gateway (2.0.0)
|
||||
net-ssh (>= 4.0.0)
|
||||
nori (2.6.0)
|
||||
pastel (0.7.2)
|
||||
equatable (~> 0.5.0)
|
||||
tty-color (~> 0.4.0)
|
||||
rubyntlm (0.6.2)
|
||||
rubyzip (1.2.2)
|
||||
test-kitchen (1.21.1)
|
||||
rubyzip (2.0.0)
|
||||
strings (0.1.5)
|
||||
strings-ansi (~> 0.1)
|
||||
unicode-display_width (~> 1.5)
|
||||
unicode_utils (~> 1.4)
|
||||
strings-ansi (0.1.0)
|
||||
test-kitchen (2.2.5)
|
||||
bcrypt_pbkdf (~> 1.0)
|
||||
ed25519 (~> 1.2)
|
||||
license-acceptance (~> 1.0, >= 1.0.11)
|
||||
mixlib-install (~> 3.6)
|
||||
mixlib-shellout (>= 1.2, < 3.0)
|
||||
net-scp (~> 1.1)
|
||||
net-ssh (>= 2.9, < 5.0)
|
||||
net-ssh-gateway (~> 1.2)
|
||||
thor (~> 0.19, < 0.19.2)
|
||||
net-scp (>= 1.1, < 3.0)
|
||||
net-ssh (>= 2.9, < 6.0)
|
||||
net-ssh-gateway (>= 1.2, < 3.0)
|
||||
thor (~> 0.19)
|
||||
winrm (~> 2.0)
|
||||
winrm-elevated (~> 1.0)
|
||||
winrm-fs (~> 1.1)
|
||||
thor (0.19.1)
|
||||
winrm (2.2.3)
|
||||
thor (0.20.3)
|
||||
timers (4.3.0)
|
||||
tomlrb (1.2.8)
|
||||
tty-box (0.3.0)
|
||||
pastel (~> 0.7.2)
|
||||
strings (~> 0.1.4)
|
||||
tty-cursor (~> 0.6.0)
|
||||
tty-color (0.4.3)
|
||||
tty-cursor (0.6.1)
|
||||
tty-prompt (0.18.1)
|
||||
necromancer (~> 0.4.0)
|
||||
pastel (~> 0.7.0)
|
||||
timers (~> 4.0)
|
||||
tty-cursor (~> 0.6.0)
|
||||
tty-reader (~> 0.5.0)
|
||||
tty-reader (0.5.0)
|
||||
tty-cursor (~> 0.6.0)
|
||||
tty-screen (~> 0.6.4)
|
||||
wisper (~> 2.0.0)
|
||||
tty-screen (0.6.5)
|
||||
unicode-display_width (1.6.0)
|
||||
unicode_utils (1.4.0)
|
||||
winrm (2.3.4)
|
||||
builder (>= 2.1.2)
|
||||
erubis (~> 2.7)
|
||||
erubi (~> 1.8)
|
||||
gssapi (~> 1.2)
|
||||
gyoku (~> 1.0)
|
||||
httpclient (~> 2.2, >= 2.2.0.2)
|
||||
logging (>= 1.6.1, < 3.0)
|
||||
nori (~> 2.0)
|
||||
rubyntlm (~> 0.6.0, >= 0.6.1)
|
||||
winrm-elevated (1.1.0)
|
||||
winrm-elevated (1.1.1)
|
||||
winrm (~> 2.0)
|
||||
winrm-fs (~> 1.0)
|
||||
winrm-fs (1.2.0)
|
||||
erubis (~> 2.7)
|
||||
winrm-fs (1.3.4)
|
||||
erubi (~> 1.8)
|
||||
logging (>= 1.6.1, < 3.0)
|
||||
rubyzip (~> 1.1)
|
||||
rubyzip (~> 2.0)
|
||||
winrm (~> 2.0)
|
||||
wisper (2.0.0)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
|
||||
DEPENDENCIES
|
||||
kitchen-ansible (= 0.48.3)
|
||||
kitchen-docker (= 2.6.0)
|
||||
net-ssh (= 4.2.0)
|
||||
test-kitchen (= 1.21.1)
|
||||
kitchen-ansible
|
||||
kitchen-docker
|
||||
net-ssh
|
||||
test-kitchen
|
||||
|
||||
BUNDLED WITH
|
||||
1.16.1
|
||||
1.17.0
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
Copyright (c) 2012-2016 Elasticsearch <http://www.elastic.co>
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
|
@ -1,101 +1,66 @@
|
|||
Beats Role
|
||||
=========
|
||||
# ansible-beats
|
||||
[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+ansible-beats+master.svg)](https://devops-ci.elastic.co/job/elastic+ansible-beats+master/)
|
||||
[![Ansible Galaxy](https://img.shields.io/badge/ansible--galaxy-elastic.beats-blue.svg)](https://galaxy.ansible.com/elastic/beats/)
|
||||
|
||||
This role provides a generic means of installing Elastic supported beats using Ansible. Currently this includes:
|
||||
This role provides a generic means of installing Elastic supported Beats
|
||||
|
||||
- Filebeat
|
||||
- MetricBeat (TopBeat in 1.x)
|
||||
- Packetbeat
|
||||
**Tested Beats**
|
||||
|
||||
Requirements
|
||||
------------
|
||||
* Filebeat
|
||||
* MetricBeat (TopBeat in 1.x)
|
||||
* Packetbeat
|
||||
|
||||
This role requires:
|
||||
**Tested Versions**
|
||||
|
||||
- Ansible version > 2.0
|
||||
- Beats version >= 1.x
|
||||
- Target machines require access to an external repo, or means
|
||||
* 7.x
|
||||
* 6.x
|
||||
|
||||
The following OS are currently actively tested using kitchen:
|
||||
**Tested Platforms**
|
||||
|
||||
- Centos 6 & 7
|
||||
- Debian 8 & 9
|
||||
- Ubuntu 14.04, 16.04 & 18.04
|
||||
* Ubuntu 14.04
|
||||
* Ubuntu 16.04
|
||||
* Ubuntu 18.04
|
||||
* Debian 8
|
||||
* Debian 9
|
||||
* CentOS 7
|
||||
* CentOS 8
|
||||
* Amazon Linux 2
|
||||
|
||||
The above list is subject to change.
|
||||
## Usage
|
||||
|
||||
Role Variables
|
||||
--------------
|
||||
Create your Ansible playbook with your own tasks, and include the role beats. You will have to have this repository accessible within the context of playbook.
|
||||
|
||||
Supported variables are as follows:
|
||||
```sh
|
||||
ansible-galaxy install elastic.beats,v7.11.1
|
||||
```
|
||||
|
||||
- **beat** (*MANDATORY*): Beat product. Supported values are: "filebeat", "metricbeat" & "packetbeat".
|
||||
- **beat_conf** (*MANDATORY*): Beat Configuration. Should be defined as a map (see [Example Playbook](#example-playbook))
|
||||
- **beats_version** (*Defaults to `7.0.0`*): Beats version.
|
||||
- **version_lock** (*Defaults to `false`*): Locks the installed version if set to true, thus preventing other processes from updating. This will not impact the roles ability to update the beat on subsequent runs (it unlocks and re-locks if required).
|
||||
- **use_repository** (*Defaults to `true`*): Use elastic repo for yum or apt if true. If false, a custom custom_package_url must be provided.
|
||||
- **start_service** (*Defaults to `true`*): service will be started if true, false otherwise.
|
||||
- **restart_on_change** (*Defaults to `true`*): Changes to configuration or installed versions, will result in a restart if true.
|
||||
- **daemon_args** (*Applicable to version 1.x of beats*): Allows run time params to be passed to beats.
|
||||
- **logging_conf** (*Defaults to `{"files":{"rotateeverybytes":10485760}}`*): Logging configuration. Should be defined as a map (see [Example Playbook](#example-playbook)). Map is serialized into logging section of beat config.
|
||||
- **shipper_conf** (*Applicable to version 1.x of beats*): Shipper configuration. Should be defined as a map (see [Example Playbook](#example-playbook)). Map is serialized into shipper section of beat config.
|
||||
- **output_conf** (*Defaults to `{"elasticsearch":{"hosts":["localhost:9200"]}}`): Output configuration. Should be defined as a map (see [Example Playbook](#example-playbook)). Map is serialized into output section of beat config.
|
||||
- **beats_pid_dir** (*Defaults to `/var/run`*): Location of beats pid file.
|
||||
- **beats_conf_dir** (*Defaults to `/etc/{beat}`*): Location of conf directory for beats configuration file.
|
||||
Then create your playbook yaml adding the role beats.
|
||||
The application of the beats role results in the installation of a node on a host.
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
The simplest configuration therefore consists of:
|
||||
|
||||
- Ansible version > 2.0
|
||||
- Beats version >= 6.x
|
||||
```yaml
|
||||
hosts: localhost
|
||||
roles:
|
||||
- role: elastic.beats
|
||||
vars:
|
||||
beats_version: 7.11.1
|
||||
beat: filebeat
|
||||
beat_conf:
|
||||
filebeat:
|
||||
inputs:
|
||||
- type: log
|
||||
enabled: true
|
||||
paths:
|
||||
- /var/log/*.log
|
||||
```
|
||||
|
||||
Example Playbook
|
||||
----------------
|
||||
The above installs Filebeat 7.11.1 on the hosts 'localhost'.
|
||||
|
||||
Example playbook is provided below. This installs Packetbeat and illustrates the need for configuration sections to be specified as maps.
|
||||
|
||||
- name: Example playbook for installing packetbeat
|
||||
hosts: localhost
|
||||
roles:
|
||||
- { role: beats, beat: "packetbeat",
|
||||
beat_conf: {
|
||||
"interfaces": {"device":"any"},
|
||||
"protocols": {
|
||||
"dns": {
|
||||
"ports": [53],
|
||||
"include_authorities":true
|
||||
},
|
||||
"http": {
|
||||
"ports": [80, 8080, 8000, 5000, 8002]
|
||||
},
|
||||
"memcache": {
|
||||
"ports": [11211]
|
||||
},
|
||||
"mysql": {
|
||||
"ports": [3306]
|
||||
},
|
||||
"pgsql": {
|
||||
"ports": [5432]
|
||||
},
|
||||
"redis": {
|
||||
"ports": [6379]
|
||||
},
|
||||
"thrift": {
|
||||
"ports": [9090]
|
||||
},
|
||||
"mongodb": {
|
||||
"ports": [27017]
|
||||
}
|
||||
}
|
||||
},
|
||||
output_conf : {
|
||||
"elasticsearch": {
|
||||
"hosts": ["localhost:9200"]
|
||||
}
|
||||
}
|
||||
}
|
||||
vars:
|
||||
use_repository: "true"
|
||||
**Notes**:
|
||||
- Beats default version is described in [`beats_version`](https://github.com/elastic/ansible-beats/blob/master/defaults/main.yml#L4). You can override this variable in your playbook to install another version.
|
||||
While we are testing this role only with one 7.x and one 6.x version (respectively [7.11.1](https://github.com/elastic/ansible-beats/blob/master/defaults/main.yml#L4) and [6.8.14](https://github.com/elastic/ansible-beats/blob/master/test/integration/standard-6x.yml#L7) at the time of writing), this role should work with others version also in most cases.
|
||||
- Beat product is described in `beat` variable. While currently tested Beats are Filebeat, Metricbeat & Packetbeat, this role should work also with other member of [The Beats Family](https://www.elastic.co/products/beats) in most cases.
|
||||
|
||||
## Testing
|
||||
|
||||
|
@ -140,20 +105,113 @@ When you are finished testing you can clean up everything with
|
|||
$ make destroy-all
|
||||
```
|
||||
|
||||
License
|
||||
-------
|
||||
### Basic Beats configuration
|
||||
|
||||
All Beats configuration parameters are supported. This is achieved using a configuration map parameter `beat_conf` which is serialized into the `${beat}.yml` file.
|
||||
The use of a map ensures the Ansible playbook does not need to be updated to reflect new/deprecated/plugin configuration parameters.
|
||||
|
||||
In addition to the `beat_conf` map, several other parameters are supported for additional functions e.g. script installation. These can be found in the role's `defaults/main.yml` file.
|
||||
|
||||
The following illustrates applying configuration parameters to Packetbeat instance.
|
||||
|
||||
```yaml
|
||||
- name: Example playbook for installing packetbeat
|
||||
hosts: localhost
|
||||
roles:
|
||||
- { role: beats, beat: "packetbeat",
|
||||
beat_conf: {
|
||||
"interfaces": {"device":"any"},
|
||||
"protocols": {
|
||||
"dns": {
|
||||
"ports": [53],
|
||||
"include_authorities":true
|
||||
},
|
||||
"http": {
|
||||
"ports": [80, 8080, 8000, 5000, 8002]
|
||||
},
|
||||
"memcache": {
|
||||
"ports": [11211]
|
||||
},
|
||||
"mysql": {
|
||||
"ports": [3306]
|
||||
},
|
||||
"pgsql": {
|
||||
"ports": [5432]
|
||||
},
|
||||
"redis": {
|
||||
"ports": [6379]
|
||||
},
|
||||
"thrift": {
|
||||
"ports": [9090]
|
||||
},
|
||||
"mongodb": {
|
||||
"ports": [27017]
|
||||
}
|
||||
}
|
||||
},
|
||||
output_conf : {
|
||||
"elasticsearch": {
|
||||
"hosts": ["localhost:9200"]
|
||||
}
|
||||
}
|
||||
}
|
||||
vars:
|
||||
use_repository: "true"
|
||||
```
|
||||
|
||||
### Additional Configuration
|
||||
|
||||
Supported variables are as follows:
|
||||
|
||||
- **beat** (*MANDATORY*): Beat product. Supported values are: "filebeat", "metricbeat" & "packetbeat" (others beats from [The Beats Family](https://www.elastic.co/products/beats) should work in most cases but aren't currently tested).
|
||||
- **beat_conf** (*MANDATORY*): Beat Configuration. Should be defined as a map.
|
||||
- **beats_version** (*Defaults to `7.11.1`*): Beats version.
|
||||
- **version_lock** (*Defaults to `false`*): Locks the installed version if set to true, thus preventing other processes from updating. This will not impact the roles ability to update the beat on subsequent runs (it unlocks and re-locks if required).
|
||||
- **use_repository** (*Defaults to `true`*): Use elastic repo for yum or apt if true. If false, a custom custom_package_url must be provided.
|
||||
- **beats_add_repository** (*Defaults to `{use_repository}`*): Install elastic repo for yum or apt if true. If false, the present repositories will be used. Useful if you already have beats packages in your repo.
|
||||
- **start_service** (*Defaults to `true`*): service will be started if true, false otherwise.
|
||||
- **restart_on_change** (*Defaults to `true`*): Changes to configuration or installed versions, will result in a restart if true.
|
||||
- **daemon_args** (*Applicable to version 1.x of beats*): Allows run time params to be passed to beats.
|
||||
- **logging_conf** (*Defaults to `{"files":{"rotateeverybytes":10485760}}`*): Logging configuration. Should be defined as a map. Map is serialized into logging section of beat config.
|
||||
- **shipper_conf** (*Applicable to version 1.x of beats*): Shipper configuration. Should be defined as a map . Map is serialized into shipper section of beat config.
|
||||
- **output_conf** (*Defaults to `{"elasticsearch":{"hosts":["localhost:9200"]}}`*): Output configuration. Map is serialized into output section of beat config.
|
||||
- **beats_pid_dir** (*Defaults to `/var/run`*): Location of beats pid file.
|
||||
- **beats_conf_dir** (*Defaults to `/etc/{beat}`*): Location of conf directory for beats configuration file.
|
||||
- **default_ilm_policy** (*Defaults undefined*): local path to default policy if any custom one is defined
|
||||
|
||||
### Focus on ILM
|
||||
|
||||
By default, *beat* will create a default policy defined as part of the beat being deployed.
|
||||
You can override default ILM setup by defining ILM conf as part of *beat_conf*.
|
||||
For example:
|
||||
|
||||
```
|
||||
- role: ansible-beats
|
||||
beat: metricbeat
|
||||
beat_conf:
|
||||
setup:
|
||||
ilm:
|
||||
policy_file: /etc/filebeat/policies/my-default-metricbeat.json
|
||||
overwrite: true
|
||||
metricbeat.modules:
|
||||
...
|
||||
default_ilm_policy: conf/my-default-metricbeat.json
|
||||
become: yes
|
||||
```
|
||||
|
||||
This will copy *conf/my-default-filebeat.json* to */etc/filebeat/policies/my-default-filebeat.json*.
|
||||
This policy will be used as default one for this beat.
|
||||
|
||||
## License
|
||||
|
||||
Apache 2.0
|
||||
|
||||
Limitations
|
||||
------------
|
||||
## Limitations
|
||||
|
||||
Multiple instances of the same beat cannot be installed on the same target server.
|
||||
|
||||
Author Information
|
||||
------------------
|
||||
## Questions on Usage
|
||||
|
||||
Dale McDiarmid
|
||||
For further assistance, outside of issues, please use discuss.elastic.co.
|
||||
We welcome questions on how to use the role. However, in order to keep the GitHub issues list focused on "issues" we ask the community to raise questions at https://discuss.elastic.co/c/beats. This is monitored by the maintainers.
|
||||
|
||||
Community Contributions always appreciated and welcome! Please ensure all contributions include tests as appropriate.
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
---
|
||||
# defaults file for beats
|
||||
|
||||
beats_version: 7.0.0
|
||||
beats_version: 7.11.1
|
||||
oss_version: false
|
||||
version_lock: false
|
||||
use_repository: true
|
||||
beats_add_repository: "{{ use_repository }}"
|
||||
start_service: true
|
||||
restart_on_change: true
|
||||
daemon_args: ""
|
||||
logging_conf: {"files":{"rotateeverybytes":10485760}}
|
||||
output_conf: {"elasticsearch":{"hosts":["localhost:9200"]}}
|
||||
beats_pid_dir: "/var/run"
|
||||
beats_conf_dir: "/etc/{{beat}}"
|
||||
beats_conf_dir: "/etc/{{beat}}"
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
__author__ = 'dale mcdiarmid'
|
||||
|
||||
def merge_config(config={}, key=''):
|
||||
return {key:config}
|
||||
|
||||
class FilterModule(object):
|
||||
def filters(self):
|
||||
return {'merge_config': merge_config}
|
|
@ -1,6 +1,10 @@
|
|||
---
|
||||
# handlers file for beats
|
||||
|
||||
- name: restart beat
|
||||
service: name={{ beat }} state=restarted enabled=yes
|
||||
when: start_service and restart_on_change and not beats_started.changed and beat_install.changed
|
||||
- name: restart the service
|
||||
become: yes
|
||||
service:
|
||||
name: "{{ beat_product }}"
|
||||
state: restarted
|
||||
enabled: true
|
||||
when: start_service and restart_on_change and not beats_started.changed
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
install_date: Sat Jul 6 01:04:40 2019
|
||||
version: 7.0.0
|
||||
install_date: Thu Mar 4 17:26:32 2021
|
||||
version: v7.11.1
|
||||
|
|
|
@ -1,26 +1,26 @@
|
|||
---
|
||||
|
||||
allow_duplicates: yes
|
||||
|
||||
allow_duplicates: true
|
||||
dependencies: []
|
||||
galaxy_info:
|
||||
role_name: beats
|
||||
author: Dale McDiarmid
|
||||
description: Beats for Linux
|
||||
company: "Elastic.co"
|
||||
issue_tracker_url: https://github.com/elastic/ansible-beats/issues
|
||||
license: "license (Apache)"
|
||||
min_ansible_version: 2.0
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 6
|
||||
- 7
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- all
|
||||
categories:
|
||||
- name: EL
|
||||
versions:
|
||||
- 6
|
||||
- 7
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- all
|
||||
galaxy_tags:
|
||||
- beats
|
||||
- elastic
|
||||
- elk
|
||||
|
|
|
@ -1,33 +1,79 @@
|
|||
---
|
||||
# Configure Beats Node
|
||||
|
||||
- set_fact: pid_file={{ beats_pid_dir }}/{{beat}}.pid
|
||||
- set_fact: instance_default_file={{ default_file }}/{{beat}}
|
||||
- set_fact: conf_file={{ beats_conf_dir }}/{{beat}}.yml
|
||||
- name: Set default facts
|
||||
set_fact:
|
||||
pid_file: '{{ beats_pid_dir }}/{{ beat }}.pid'
|
||||
instance_default_file: '{{ default_file }}/{{ beat }}'
|
||||
conf_file: '{{ beats_conf_dir }}/{{ beat }}.yml'
|
||||
beat_output_conf:
|
||||
output: '{{ output_conf }}'
|
||||
|
||||
- set_fact: beat_output_conf={{ output_conf | merge_config('output') }}
|
||||
- set_fact: beat_shipper_conf={{ shipper_conf | merge_config('shipper') }}
|
||||
- name: Set beat_shipper_conf
|
||||
set_fact:
|
||||
beat_shipper_conf:
|
||||
shipper: '{{ shipper_conf }}'
|
||||
when: shipper_conf is defined
|
||||
- set_fact: beat_logging_conf={{ logging_conf | merge_config('logging') }}
|
||||
|
||||
- stat: path={{beats_pid_dir}}
|
||||
- name: Set beat_logging_conf
|
||||
set_fact:
|
||||
beat_logging_conf:
|
||||
logging: '{{ logging_conf }}'
|
||||
|
||||
- name: Check pid_dir status
|
||||
stat:
|
||||
path: '{{ beats_pid_dir }}'
|
||||
register: pid_stat
|
||||
|
||||
- name: Create PID Directory
|
||||
file: path={{ beats_pid_dir }} state=directory
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ beats_pid_dir }}'
|
||||
state: directory
|
||||
when: pid_stat.stat.isdir is not defined or pid_stat.stat.islnk is not defined
|
||||
|
||||
#fail if pid and config directories are not links or not directories i.e files
|
||||
# fail if pid and config directories are not links or not directories i.e files
|
||||
|
||||
- name: Create Config Directory
|
||||
file: path={{ beats_conf_dir }} state=directory
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ beats_conf_dir }}'
|
||||
state: directory
|
||||
|
||||
#Copy the default file
|
||||
# Copy the default file
|
||||
- name: Copy Default File for Instance
|
||||
template: src=beat.j2 dest={{instance_default_file}} mode=0644 force=yes owner=root group=root
|
||||
notify: restart beat
|
||||
become: yes
|
||||
template:
|
||||
src: beat.j2
|
||||
dest: '{{ instance_default_file }}'
|
||||
mode: 0644
|
||||
force: true
|
||||
owner: root
|
||||
group: root
|
||||
notify: restart the service
|
||||
|
||||
#Copy templated config file
|
||||
- name: Copy Configuration File
|
||||
template: src=beat.yml.j2 dest={{conf_file}} mode=0644 force=yes owner=root group=root
|
||||
notify: restart beat
|
||||
# Copy templated config file
|
||||
- name: Copy Configuration File for {{ beat }}
|
||||
become: yes
|
||||
template:
|
||||
src: beat.yml.j2
|
||||
dest: '{{ conf_file }}'
|
||||
mode: 0644
|
||||
force: true
|
||||
owner: root
|
||||
group: root
|
||||
notify: restart the service
|
||||
|
||||
# Copy default ILM policy file
|
||||
- name: Create default policies config directory
|
||||
file:
|
||||
path: '{{ beat_conf.setup.ilm.policy_file | dirname }}'
|
||||
state: directory
|
||||
when: default_ilm_policy is defined
|
||||
|
||||
- name: Copy default ILM policy file for {{ beat }}
|
||||
copy:
|
||||
src: '{{default_ilm_policy}}'
|
||||
dest: '{{ beat_conf.setup.ilm.policy_file }}'
|
||||
when: default_ilm_policy is defined
|
||||
notify: restart the service
|
||||
|
|
|
@ -1,45 +1,100 @@
|
|||
---
|
||||
|
||||
- name: Debian - Ensure apt-transport-https is installed
|
||||
apt: name=apt-transport-https state=present cache_valid_time=86400
|
||||
when: use_repository
|
||||
become: yes
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
state: present
|
||||
cache_valid_time: 86400
|
||||
when: use_repository | bool
|
||||
register: beat_install
|
||||
notify: restart beat
|
||||
until: beat_install is succeeded
|
||||
notify: restart the service
|
||||
|
||||
- name: Debian - Ensure python-urllib3, python-openssl, python-pyasn1 & python-pip are installed
|
||||
become: yes
|
||||
apt:
|
||||
name:
|
||||
- python-urllib3
|
||||
- python-openssl
|
||||
- python-pyasn1
|
||||
- python-pip
|
||||
state: present
|
||||
register: libs_install
|
||||
until: libs_install is succeeded
|
||||
when:
|
||||
- use_repository | bool
|
||||
- ansible_distribution_release == "trusty"
|
||||
|
||||
- name: Debian - ensure ndg-httpsclient pip is installed
|
||||
become: yes
|
||||
pip:
|
||||
name: ndg-httpsclient
|
||||
state: present
|
||||
register: ndg_install
|
||||
until: ndg_install is succeeded
|
||||
when:
|
||||
- use_repository | bool
|
||||
- ansible_distribution_release == "trusty"
|
||||
|
||||
- name: Debian - Add Beats repository key
|
||||
apt_key: url="http://packages.elasticsearch.org/GPG-KEY-elasticsearch" state=present
|
||||
when: use_repository
|
||||
become: yes
|
||||
apt_key:
|
||||
url: '{{ elastic_repo_key }}'
|
||||
state: present
|
||||
register: apt_key_install
|
||||
until: apt_key_install is succeeded
|
||||
when: beats_add_repository | bool
|
||||
|
||||
- name: Debian - add beats repository
|
||||
apt_repository: repo="deb {{ repo_url }} stable main" state=present
|
||||
when: use_repository
|
||||
become: yes
|
||||
apt_repository:
|
||||
repo: 'deb {{ repo_url }} stable main'
|
||||
state: present
|
||||
register: repo_install
|
||||
until: repo_install is succeeded
|
||||
when: beats_add_repository | bool
|
||||
|
||||
- name: Debian - unhold {{beat}} version for install
|
||||
command: apt-mark unhold {{beat}}
|
||||
changed_when: False
|
||||
- name: Debian - unhold {{ beat }} version for install
|
||||
become: yes
|
||||
command: apt-mark unhold {{ beat }}
|
||||
changed_when: false
|
||||
|
||||
- name: Debian - Ensure {{beat}} is installed
|
||||
apt: name={{beat}}{% if beats_version is defined and beats_version != "" %}={{ beats_version }}{% endif %} state=present cache_valid_time=86400
|
||||
when: use_repository
|
||||
- name: Debian - Ensure {{ beat }} is installed
|
||||
become: yes
|
||||
apt:
|
||||
name: >-
|
||||
{{ beat }}{% if beats_version is defined and beats_version|length>0 %}={{ beats_version }}{% endif %}
|
||||
state: present
|
||||
cache_valid_time: 86400
|
||||
register: beat_install
|
||||
notify: restart beat
|
||||
until: beat_install is succeeded
|
||||
when: use_repository | bool
|
||||
notify: restart the service
|
||||
|
||||
- name: Debian - hold {{beat}} version
|
||||
command: apt-mark hold {{beat}}
|
||||
- name: Debian - hold {{ beat }} version
|
||||
become: yes
|
||||
command: apt-mark hold {{ beat }}
|
||||
when: version_lock
|
||||
changed_when: False
|
||||
changed_when: false
|
||||
|
||||
- set_fact: os_arch="i386"
|
||||
- name: Set os_arch
|
||||
set_fact:
|
||||
os_arch: >-
|
||||
{{ ansible_architecture == 'x86_64' | ternary('amd64', 'i386') }}
|
||||
|
||||
- set_fact: os_arch="amd64"
|
||||
when: ansible_architecture == "x86_64"
|
||||
- name: Debian - Download {{ beat }} from url
|
||||
get_url:
|
||||
url: >-
|
||||
{% if custom_package_url is defined %}{{ custom_package_url }}{%
|
||||
else %}{{ beats_package_url }}/{{ beat }}/{{ beat }}_{{ beats_version }}_{{ os_arch }}.deb{% endif %}
|
||||
dest: '/tmp/{{ beat }}_{{ beats_version }}_{{ os_arch }}.deb'
|
||||
validate_certs: false
|
||||
when: not use_repository | bool
|
||||
|
||||
- name: Debian - Download {{beat}} from url
|
||||
get_url: url={% if custom_package_url is defined %}{{ custom_package_url }}{% else %}{{ beats_package_url }}/{{beat}}/{{beat}}_{{ beats_version }}_{{os_arch}}.deb{% endif %} dest=/tmp/{{beat}}_{{ beats_version }}_{{os_arch}}.deb validate_certs=no
|
||||
when: not use_repository
|
||||
|
||||
- name: Debian - Ensure {{beat}} is installed from downloaded package
|
||||
apt: deb=/tmp/{{beat}}_{{ beats_version }}_{{os_arch}}.deb
|
||||
when: not use_repository
|
||||
register: beat_install
|
||||
notify: restart beat
|
||||
- name: Debian - Ensure {{ beat }} is installed from downloaded package
|
||||
become: yes
|
||||
apt:
|
||||
deb: '/tmp/{{ beat }}_{{ beats_version }}_{{ os_arch }}.deb'
|
||||
when: not use_repository | bool
|
||||
notify: restart the service
|
||||
|
|
|
@ -1,9 +1,19 @@
|
|||
---
|
||||
- name: Check beat variable
|
||||
fail:
|
||||
msg: "beat must be specified and cannot be blank e.g. filebeat"
|
||||
when: beat is not defined or (beat | length == 0)
|
||||
|
||||
- fail: msg="beat must be specified and cannot be blank e.g. filebeat"
|
||||
when: beat is not defined or beat == ''
|
||||
|
||||
- fail: msg="beat_conf must be specified"
|
||||
- name: Check beat_conf variable
|
||||
fail:
|
||||
msg: "beat_conf must be specified"
|
||||
when: beat_conf is not defined
|
||||
|
||||
- set_fact: "beats_major_version={{ beats_version[0] }}.x"
|
||||
- name: Check ILM variables
|
||||
fail:
|
||||
msg: "beat_conf.setup.ilm.policy_file must be specified if default_ilm_policy is used"
|
||||
when: default_ilm_policy is defined and beat_conf.setup.ilm.policy_file is not defined
|
||||
|
||||
- name: Set beats_major_version
|
||||
set_fact:
|
||||
beats_major_version: '{% if oss_version %}oss-{% endif %}{{ beats_version.split(".")[0] }}.x'
|
||||
|
|
|
@ -1,33 +1,59 @@
|
|||
---
|
||||
|
||||
- name: Ensure libselinux-python on CentOS 6.x
|
||||
yum: name=libselinux-python state=present update_cache=yes
|
||||
when: ( ansible_distribution == "CentOS" ) and ( ansible_distribution_major_version == "6" )
|
||||
|
||||
- name: Redhat - add beats repository
|
||||
template: src=beats.repo.j2 dest=/etc/yum.repos.d/beats.repo
|
||||
when: use_repository
|
||||
become: yes
|
||||
template:
|
||||
src: beats.repo.j2
|
||||
dest: /etc/yum.repos.d/beats.repo
|
||||
when: beats_add_repository | bool
|
||||
|
||||
- name: RedHat - install yum-version-lock
|
||||
yum: name=yum-plugin-versionlock state=present update_cache=yes
|
||||
become: yes
|
||||
yum:
|
||||
name: yum-plugin-versionlock
|
||||
state: present
|
||||
update_cache: true
|
||||
when: version_lock | bool
|
||||
register: versionlock_install
|
||||
until: versionlock_install is succeeded
|
||||
|
||||
- name: RedHat - unlock {{beat}} for install
|
||||
shell: yum versionlock delete {{beat}} || true
|
||||
changed_when: False
|
||||
- name: RedHat - unlock {{ beat }} for install
|
||||
become: yes
|
||||
shell: yum versionlock delete {{ beat }} || true
|
||||
changed_when: false
|
||||
when: version_lock | bool
|
||||
tags:
|
||||
- skip_ansible_lint
|
||||
|
||||
- name: RedHat - Ensure {{beat}} is installed
|
||||
yum: name={{beat}}{% if beats_version is defined and beats_version != "" %}-{{ beats_version }}{% endif %} state=present update_cache=yes
|
||||
when: use_repository
|
||||
- name: RedHat - Ensure {{ beat }} is installed
|
||||
become: yes
|
||||
yum:
|
||||
name: >-
|
||||
{{ beat }}{% if beats_version is defined and beats_version|length %}-{{ beats_version }}{% endif %}
|
||||
state: present
|
||||
update_cache: true
|
||||
register: beat_install
|
||||
notify: restart beat
|
||||
until: beat_install is succeeded
|
||||
when: use_repository | bool
|
||||
notify: restart the service
|
||||
|
||||
- name: RedHat - lock {{beat}} version
|
||||
shell: yum versionlock add {{beat}}{% if beats_version is defined and beats_version != "" %}-{{ beats_version }}{% endif %}
|
||||
when: version_lock
|
||||
changed_when: False
|
||||
- name: RedHat - lock {{ beat }} version
|
||||
become: yes
|
||||
shell: >-
|
||||
yum versionlock add
|
||||
{{ beat }}{% if beats_version is defined and beats_version|length %}-{{ beats_version }}{% endif %}
|
||||
when: version_lock | bool
|
||||
changed_when: false
|
||||
tags:
|
||||
- skip_ansible_lint
|
||||
|
||||
- name: RedHat - Install {{beat}} from url
|
||||
yum: name={% if custom_package_url is defined %}{{ custom_package_url }}{% else %}{{ beats_package_url }}/{{beat}}-{{ beats_version }}-{{ansible_architecture}}.rpm{% endif %} state=present
|
||||
- name: RedHat - Install {{ beat }} from url
|
||||
become: yes
|
||||
yum:
|
||||
name: >-
|
||||
{% if custom_package_url is defined %}{{ custom_package_url }}{%
|
||||
else %}{{ beats_package_url }}/{{ beat }}-{{ beats_version }}-{{ ansible_architecture }}.rpm{% endif %}
|
||||
state: present
|
||||
register: beat_install
|
||||
until: beat_install is succeeded
|
||||
when: not use_repository
|
||||
register: beat_install
|
||||
notify: restart beat
|
||||
notify: restart the service
|
||||
|
|
|
@ -2,19 +2,23 @@
|
|||
# Install OS specific beats
|
||||
|
||||
- name: Include specific Beats
|
||||
include: beats-debian.yml
|
||||
include_tasks: beats-debian.yml
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Include specific Beats
|
||||
include: beats-redhat.yml
|
||||
include_tasks: beats-redhat.yml
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
#Configuration file for beats
|
||||
# Configuration file for beats
|
||||
- name: Beats configuration
|
||||
include: beats-config.yml
|
||||
include_tasks: beats-config.yml
|
||||
|
||||
# Make sure the service is started, and restart if necessary
|
||||
- name: Start beats service
|
||||
service: name={{ beat }} state=started enabled=yes
|
||||
- name: Start {{ beat_product }} service
|
||||
become: yes
|
||||
service:
|
||||
name: '{{ beat }}'
|
||||
state: started
|
||||
enabled: true
|
||||
when: start_service
|
||||
register: beats_started
|
||||
|
|
|
@ -2,9 +2,16 @@
|
|||
# tasks file for beats
|
||||
|
||||
- name: check-parameters
|
||||
include: beats-param-check.yml
|
||||
include_tasks: beats-param-check.yml
|
||||
|
||||
- name: define beat product
|
||||
set_fact:
|
||||
beat_product: "{{ beat }}"
|
||||
|
||||
- name: os-specific vars
|
||||
include_vars: "{{ansible_os_family}}.yml"
|
||||
include_vars: '{{ ansible_os_family }}.yml'
|
||||
|
||||
- include: beats.yml
|
||||
- include_tasks: beats.yml
|
||||
|
||||
- name: Force all notified handlers to run at this point, not waiting for normal sync points
|
||||
meta: flush_handlers
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
################### {{beat}} Configuration #########################
|
||||
|
||||
############################# {{beat}} ######################################
|
||||
{{beat_conf | to_nice_yaml}}
|
||||
{{ beat_conf | to_nice_yaml(indent=2) }}
|
||||
|
||||
###############################################################################
|
||||
############################# Libbeat Config ##################################
|
||||
|
@ -9,12 +11,12 @@
|
|||
|
||||
############################# Output ##########################################
|
||||
|
||||
{{ beat_output_conf | to_nice_yaml }}
|
||||
{{ beat_output_conf | to_nice_yaml(indent=2) }}
|
||||
|
||||
{% if shipper_conf is defined %}############################# Shipper #########################################
|
||||
|
||||
{{ beat_shipper_conf | to_nice_yaml }}
|
||||
{{ beat_shipper_conf | to_nice_yaml(indent=2) }}
|
||||
{% endif %}
|
||||
############################# Logging #########################################
|
||||
|
||||
{{ beat_logging_conf | to_nice_yaml }}
|
||||
{{ beat_logging_conf | to_nice_yaml(indent=2) }}
|
||||
|
|
|
@ -2,5 +2,5 @@
|
|||
name=Elastic Beats Repository
|
||||
baseurl={{ repo_url }}
|
||||
enabled=1
|
||||
gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch
|
||||
gpgkey={{ elastic_repo_key }}
|
||||
gpgcheck=1
|
||||
|
|
|
@ -1,44 +1,46 @@
|
|||
---
|
||||
#Install specific version here
|
||||
- name: wrapper playbook for kitchen testing "beats"
|
||||
# Install specific version here
|
||||
- name: wrapper playbook for kitchen testing beats
|
||||
hosts: localhost
|
||||
roles:
|
||||
- { role: "ansible-beats", beat: "packetbeat", version_lock: true,
|
||||
beat_conf: {
|
||||
"interfaces": {"device":"any"},
|
||||
"protocols": {
|
||||
"dns": {
|
||||
"ports": [53],
|
||||
"include_authorities":true
|
||||
},
|
||||
"http": {
|
||||
"ports": [80, 8080, 8000, 5000, 8002]
|
||||
},
|
||||
"memcache": {
|
||||
"ports": [11211]
|
||||
},
|
||||
"mysql": {
|
||||
"ports": [3306]
|
||||
},
|
||||
"pgsql": {
|
||||
"ports": [5432]
|
||||
},
|
||||
"redis": {
|
||||
"ports": [6379]
|
||||
},
|
||||
"thrift": {
|
||||
"ports": [9090]
|
||||
},
|
||||
"mongodb": {
|
||||
"ports": [27017]
|
||||
}
|
||||
}
|
||||
},
|
||||
output_conf : {
|
||||
"elasticsearch": {
|
||||
"hosts": ["localhost:9200"]
|
||||
}
|
||||
}
|
||||
}
|
||||
- role: ansible-beats
|
||||
beat: packetbeat
|
||||
version_lock: true
|
||||
beat_conf:
|
||||
interfaces:
|
||||
device: any
|
||||
protocols:
|
||||
dns:
|
||||
ports:
|
||||
- 53
|
||||
include_authorities: true
|
||||
http:
|
||||
ports:
|
||||
- 80
|
||||
- 8080
|
||||
- 8000
|
||||
- 5000
|
||||
- 8002
|
||||
memcache:
|
||||
ports:
|
||||
- 11211
|
||||
mysql:
|
||||
ports:
|
||||
- 3306
|
||||
pgsql:
|
||||
ports:
|
||||
- 5432
|
||||
redis:
|
||||
ports:
|
||||
- 6379
|
||||
thrift:
|
||||
ports:
|
||||
- 9090
|
||||
mongodb:
|
||||
ports:
|
||||
- 27017
|
||||
output_conf:
|
||||
elasticsearch:
|
||||
hosts: ["localhost:9200"]
|
||||
vars:
|
||||
use_repository: "true"
|
||||
use_repository: true
|
||||
|
|
|
@ -2,7 +2,28 @@
|
|||
- name: wrapper playbook for kitchen testing "beats"
|
||||
hosts: localhost
|
||||
roles:
|
||||
- { role: "ansible-beats", beat: "filebeat", beat_conf: {"filebeat": {"inputs":[{"paths":["/var/log/*.log"],"type":"log"}]} } }
|
||||
- { role: "ansible-beats", beat: "metricbeat", beat_conf: { "metricbeat.modules": [{"module": "system", "metricsets": ["cpu", "filesystem", "network", "process"], "enabled": true, "period": "10s", "processes":[".*"], "cpu_ticks": false } ] } }
|
||||
- role: ansible-beats
|
||||
beat: filebeat
|
||||
beat_conf:
|
||||
filebeat:
|
||||
inputs:
|
||||
- paths:
|
||||
- /var/log/*.log
|
||||
type: log
|
||||
- role: ansible-beats
|
||||
beat: metricbeat
|
||||
beat_conf:
|
||||
metricbeat:
|
||||
modules:
|
||||
- module: "system"
|
||||
metricsets:
|
||||
- cpu
|
||||
- filesystem
|
||||
- network
|
||||
- process
|
||||
enabled: true
|
||||
period: 10s
|
||||
processes: [".*"]
|
||||
cpu_ticks: false
|
||||
vars:
|
||||
use_repository: "true"
|
||||
use_repository: true
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: wrapper playbook for kitchen testing "beats"
|
||||
hosts: localhost
|
||||
roles:
|
||||
- role: ansible-beats
|
||||
beat: filebeat
|
||||
beat_conf:
|
||||
filebeat:
|
||||
inputs:
|
||||
- paths:
|
||||
- /var/log/*.log
|
||||
type: log
|
||||
vars:
|
||||
use_repository: true
|
||||
oss_version: true
|
|
@ -0,0 +1,39 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'Open Source Tests' do
|
||||
|
||||
describe service('filebeat') do
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe package('filebeat') do
|
||||
it { should be_installed }
|
||||
end
|
||||
|
||||
describe file('/etc/filebeat/filebeat.yml') do
|
||||
it { should be_file }
|
||||
it { should be_owned_by 'root' }
|
||||
end
|
||||
|
||||
describe file('/etc/filebeat/filebeat.yml') do
|
||||
it { should contain 'filebeat:' }
|
||||
it { should contain 'logging:' }
|
||||
it { should contain 'output:' }
|
||||
end
|
||||
|
||||
describe file('/etc/init.d/filebeat') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
if os[:family] == 'redhat'
|
||||
describe command('yum versionlock list | grep filebeat') do
|
||||
its(:stdout) { should_not match /filebeat/ }
|
||||
end
|
||||
elsif ['debian', 'ubuntu'].include?(os[:family])
|
||||
describe command('sudo apt-mark showhold | grep filebeat') do
|
||||
its(:stdout) { should_not match /filebeat/ }
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
|
@ -2,7 +2,15 @@
|
|||
- name: wrapper playbook for kitchen testing "beats"
|
||||
hosts: localhost
|
||||
roles:
|
||||
- { role: "ansible-beats", beat: "filebeat", beat_conf: {"filebeat": {"prospectors":[{"paths":["/var/log/*.log"],"input_type":"log"}], "registry_file": "/var/lib/filebeat/registry"} } }
|
||||
- role: ansible-beats
|
||||
beat: filebeat
|
||||
beat_conf:
|
||||
filebeat:
|
||||
prospectors:
|
||||
- paths:
|
||||
- /var/log/*.log
|
||||
input_type: log
|
||||
registry_file: /var/lib/filebeat/registry
|
||||
vars:
|
||||
beats_version: 6.7.1
|
||||
use_repository: "true"
|
||||
beats_version: 6.8.14
|
||||
use_repository: "true"
|
||||
|
|
|
@ -2,6 +2,13 @@
|
|||
- name: wrapper playbook for kitchen testing "beats"
|
||||
hosts: localhost
|
||||
roles:
|
||||
- { role: "ansible-beats", beat: "filebeat", beat_conf: {"filebeat": {"inputs":[{"paths":["/var/log/*.log"],"type":"log"}]} } }
|
||||
- role: ansible-beats
|
||||
beat: filebeat
|
||||
beat_conf:
|
||||
filebeat:
|
||||
inputs:
|
||||
- paths:
|
||||
- /var/log/*.log
|
||||
type: log
|
||||
vars:
|
||||
use_repository: "true"
|
||||
use_repository: true
|
||||
|
|
|
@ -1,13 +1,16 @@
|
|||
---
|
||||
OS:
|
||||
- ubuntu-1404
|
||||
- ubuntu-1604
|
||||
- ubuntu-1804
|
||||
- debian-8
|
||||
- debian-9
|
||||
- centos-6
|
||||
- centos-7
|
||||
- centos-8
|
||||
- amazonlinux-2
|
||||
TEST_TYPE:
|
||||
- standard
|
||||
- standard-6x
|
||||
- multi
|
||||
- config
|
||||
- oss
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
---
|
||||
|
||||
default_file: "/etc/default"
|
||||
init_script: "/etc/init.d"
|
||||
repo_url: "https://artifacts.elastic.co/packages/{{ beats_major_version }}/apt"
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
---
|
||||
|
||||
default_file: "/etc/sysconfig"
|
||||
init_script: "/etc/init.d"
|
||||
repo_url: "https://artifacts.elastic.co/packages/{{ beats_major_version }}/yum"
|
||||
repo_url: "https://artifacts.elastic.co/packages/{{ beats_major_version }}/yum"
|
||||
|
|
|
@ -2,4 +2,4 @@
|
|||
# vars file for beats
|
||||
|
||||
beats_package_url: "https://download.elastic.co/beats"
|
||||
es_conf_dir: "/etc"
|
||||
elastic_repo_key: "https://packages.elastic.co/GPG-KEY-elasticsearch"
|
||||
|
|
Loading…
Reference in New Issue