c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

update elastic

This commit is contained in:
Daniel Poelzleithner 2021-03-04 18:32:20 +01:00
parent ec0805bb67
commit 8ad9488998
35 changed files with 951 additions and 316 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible/roles/elastic.beats/.ci/jobs/defaults.yml
View File

@ -56,6 +56,3 @@
timeout: 360
fail: true
- timestamps
publishers:
- email:
recipients: infra-root+build@elastic.co

10
ansible/roles/elastic.beats/.ci/jobs/elastic+ansible-beats+master.yml
View File

@ -10,10 +10,18 @@
#!/usr/local/bin/runbld
set -euo pipefail
export RBENV_VERSION='2.3.0'
export RBENV_VERSION='2.5.7'
export PATH="$HOME/.rbenv/bin:$PATH"
eval "$(rbenv init -)"
rbenv local $RBENV_VERSION
make setup
make verify PATTERN=$TEST_TYPE-$OS
publishers:
- slack:
notify-back-to-normal: True
notify-every-failure: True
room: infra-release-notify
team-domain: elastic
auth-token-id: release-slack-integration-token
auth-token-credential-id: release-slack-integration-token

2
ansible/roles/elastic.beats/.ci/jobs/elastic+ansible-beats+pull-request.yml
View File

@ -22,7 +22,7 @@
#!/usr/local/bin/runbld
set -euo pipefail
export RBENV_VERSION='2.3.0'
export RBENV_VERSION='2.5.7'
export PATH="$HOME/.rbenv/bin:$PATH"
eval "$(rbenv init -)"
rbenv local $RBENV_VERSION

40
ansible/roles/elastic.beats/.github/issue_template.md vendored Normal file
View File

@ -0,0 +1,40 @@
<!--
** Please read the guidelines below. **
Issues that do not follow these guidelines are likely to be closed.
1. GitHub is reserved for bug reports and feature requests. The best place to
ask a general question is at the Elastic [forums](https://discuss.elastic.co).
GitHub is not the place for general questions.
2. Is this bug report or feature request for a supported OS? If not, it
is likely to be closed. See https://www.elastic.co/support/matrix#show_os
3. Please fill out EITHER the feature request block or the bug report block
below, and delete the other block.
-->
<!-- Feature request -->
**Describe the feature**:
<!-- Bug report -->
**Beats product**:
**Beats version**
**Role version**: (If using master please specify github sha)
**OS version** (`uname -a` if on a Unix-like system):
**Description of the problem including expected versus actual behaviour**:
**Playbook**:
Please specify the full playbook used to reproduce this issue.
**Provide logs from Ansible**:
**Beats logs if relevant**:

35
ansible/roles/elastic.beats/.github/stale.yml vendored Normal file
View File

@ -0,0 +1,35 @@
---
# Number of days of inactivity before an issue becomes stale
daysUntilStale: 90
# Number of days of inactivity before an stale issue is closed
daysUntilClose: 30
# Label to use when marking an issue as stale
staleLabel: triage/stale
issues:
# Comment to post when marking an issue as stale.
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank
you for your contributions.
# Comment to post when closing a stale issue.
closeComment: >
This issue has been automatically closed because it has not had recent
activity since being marked as stale.
pulls:
# Comment to post when marking a PR as stale.
markComment: >
This PR has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank you
for your contributions.
To track this PR (even if closed), please open a corresponding issue if one
does not already exist.
# Comment to post when closing a stale PR.
closeComment: >
This PR has been automatically closed because it has not had recent
activity since being marked as stale.
Please reopen when work resumes.

42
ansible/roles/elastic.beats/.kitchen.yml
View File

@ -2,6 +2,9 @@
driver:
name: docker
transport:
max_ssh_sessions: 6
provisioner:
name: ansible_playbook
hosts: localhost
@ -55,22 +58,36 @@ platforms:
- apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
- apt-get update && apt-get -y install ansible
use_sudo: false
- name: centos-6
driver_config:
image: centos:6
privileged: true
provision_command:
- yum -y install epel-release
- yum -y install ansible
use_sudo: false
- name: centos-7
driver_config:
image: centos:7
provision_command:
- yum -y install epel-release
- yum -y install ansible
run_command: "/usr/sbin/init"
privileged: true
use_sudo: false
- name: centos-8
driver_config:
image: centos:8
provision_command:
- yum -y install epel-release
- yum -y install ansible
run_command: "/usr/sbin/init"
privileged: true
use_sudo: false
- name: amazonlinux-2
driver_config:
image: amazonlinux:2
provision_command:
- yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
- yum -y install ansible
volume:
- <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json
- /etc # This fixes certain java file actions that check the mount point. Without this adding users fails for some docker storage drivers
run_command: "/usr/sbin/init"
privileged: true
use_sudo: false
suites:
- name: standard
provisioner:
@ -99,4 +116,11 @@ suites:
additional_copy_path:
- "."
run_list:
attributes:
attributes:
- name: oss
provisioner:
playbook: test/integration/oss.yml
additional_copy_path:
- "."
run_list:
attributes:

1
ansible/roles/elastic.beats/.ruby-version Normal file
View File

@ -0,0 +1 @@
2.5.7

179
ansible/roles/elastic.beats/CHANGELOG.md Normal file
View File

@ -0,0 +1,179 @@
# Changelog
## 7.11.1
* 7.11.1 as default version.
* 6.8.14 as 6.x tested version
## 7.10.2
* 7.10.2 as default version.
| PR | Author | Title |
| --- | --- | --- |
| [#123](https://github.com/elastic/ansible-beats/pull/123) | [@jmlrt](https://github.com/jmlrt) | Cleanup init_script variable |
## 7.10.1
* 7.10.1 as default version.
| PR | Author | Title |
| --- | --- | --- |
| [#115](https://github.com/elastic/ansible-beats/pull/115) | [@v1v](https://github.com/v1v) | Support CentOS-8 |
| [#120](https://github.com/elastic/ansible-beats/pull/120) | [@jmlrt](https://github.com/jmlrt) | Remove CentOS 6 support |
## 7.10.0
* 7.10.0 as default version.
| PR | Author | Title |
| --- | --- | --- |
| [#113](https://github.com/elastic/ansible-beats/pull/113) | [@jmlrt](https://github.com/jmlrt) | [meta] clean deprecated bumper script |
## 7.9.3
* 7.9.3 as default version.
* 6.8.13 as 6.x tested version
## 7.9.2 - 2020/09/24
* 7.9.2 as default version
## 7.9.1 - 2020/09/03
* 7.9.1 as default version
## 7.9.0 - 2020/08/18
* 7.9.0 as default version
* 6.8.12 as 6.x tested version
## 7.8.1 - 2020/07/28
* 7.8.1 as default version
* 6.8.11 as 6.x tested version
| PR | Author | Title |
|---------------------------------------------------------|------------------------------------|--------------------------|
| [#89](https://github.com/elastic/ansible-beats/pull/89) | [@jmlrt](https://github.com/jmlrt) | Add amazonlinux2 support |
## 7.8.0 - 2020/06/18
* 7.8.0 as default version
## 7.7.1 - 2020/06/04
* 7.7.1 as default version
* 6.8.10 as 6.x tested version
## 7.7.0 - 2020/05/13
* 7.7.0 as default version
* 6.8.9 as 6.x tested version
* Fix CentOS tests in [#86](https://github.com/elastic/ansible-beats/pull/86) ([@jmlrt](https://github.com/jmlrt))
| PR | Author | Title |
|---------------------------------------------------------|------------------------------------------|---------------------------------------------|
| [#84](https://github.com/elastic/ansible-beats/pull/84) | [@kravietz](https://github.com/kravietz) | Minor formatting fixes to pass ansible-lint |
## 7.6.2 - 2020/03/31
* 7.6.2 as default version
* 6.8.8 as 6.x tested version
| PR | Author | Title |
|---------------------------------------------------------|------------------------------------|---------------------------------------------------------------------------|
| [#77](https://github.com/elastic/ansible-beats/pull/77) | [@jmlrt](https://github.com/jmlrt) | Add become to individual tasks |
| [#75](https://github.com/elastic/ansible-beats/pull/75) | [@ktibi](https://github.com/ktibi) | Add option to disable the repo installation and lock package installation |
| [#78](https://github.com/elastic/ansible-beats/pull/78) | [@astik](https://github.com/astik) | Aad task to create directory for default policies |
## 7.6.1 - 2020/03/04
* 7.6.1 as default version
## 7.6.0 - 2020/02/11
* 7.6.0 as default version
| PR | Author | Title |
|---------------------------------------------------------|--------------------------------------------------------|------------------------------------|
| [#69](https://github.com/elastic/ansible-beats/pull/69) | [@dependabot[bot]](https://github.com/apps/dependabot) | Bump rubyzip from 1.2.2 to 2.0.0 |
| [#71](https://github.com/elastic/ansible-beats/pull/71) | [@jmlrt](https://github.com/jmlrt) | Fix filebeat example configuration |
| [#72](https://github.com/elastic/ansible-beats/pull/72) | [@beand](https://github.com/beand) | Fixed typo |
## 7.5.2 - 2020/01/21
* 7.5.2 as default version
| PR | Author | Title |
|---------------------------------------------------------|------------------------------------|-----------------------------------------------|
| [#66](https://github.com/elastic/ansible-beats/pull/66) | [@jmlrt](https://github.com/jmlrt) | [doc] switched relative URLs to absolute URLs |
| [#67](https://github.com/elastic/ansible-beats/pull/67) | [@jmlrt](https://github.com/jmlrt) | [ci] bump ruby to 2.5.7 |
## 7.5.1 - 2019/12/18
* 7.5.1 as default version
* 6.8.6 as 6.x tested version
| PR | Author | Title |
|---------------------------------------------------------|----------------------------------------------------|--------------------------|
| [#61](https://github.com/elastic/ansible-beats/pull/61) | [@robsonpeixoto](https://github.com/robsonpeixoto) | Allow use oss repository |
## 7.5.0 - 2019/12/02
* 7.5.0 as default version
* 6.8.5 as 6.x tested version in [#57](https://github.com/elastic/ansible-beats/pull/57) [@jmlrt](https://github.com/jmlrt)
| PR | Author | Title |
|---------------------------------------------------------|--------------------------------------------------|-----------------------------------------------------------------|
| [#50](https://github.com/elastic/ansible-beats/pull/50) | [@jmlrt](https://github.com/jmlrt) | Add bumper script |
| [#55](https://github.com/elastic/ansible-beats/pull/55) | [@tgadiev](https://github.com/tgadiev) | Update syntax to make it compliant to modern ansible-lint rules |
| [#53](https://github.com/elastic/ansible-beats/pull/53) | [@jmlrt](https://github.com/jmlrt) | Indent yaml for config file |
| [#51](https://github.com/elastic/ansible-beats/pull/51) | [@ktibi](https://github.com/ktibi) | Rename the handlers |
| [#59](https://github.com/elastic/ansible-beats/pull/59) | [@MartinVerges](https://github.com/MartinVerges) | Beat config improvements |
## 7.4.1 - 2019/10/23
* 7.4.1 as default version
* 6.8.4 as 6.x tested version
| PR | Author | Title |
|---------------------------------------------------------|------------------------------------|---------------------|
| [#48](https://github.com/elastic/ansible-beats/pull/48) | [@jmlrt](https://github.com/jmlrt) | Fix probot newlines |
## 7.4.0 - 2019/10/01
* 7.4.0 as default version
| PR | Author | Title |
|---------------------------------------------------------|------------------------------------------|---------------------------------------------------------------------|
| [#25](https://github.com/elastic/ansible-beats/pull/25) | [@jmlrt](https://github.com/jmlrt) | Update kitchen Gem dependencies |
| [#6](https://github.com/elastic/ansible-beats/pull/6) | [@levonet](https://github.com/levonet) | Remove `beat_install` variable |
| [#32](https://github.com/elastic/ansible-beats/pull/32) | [@astik](https://github.com/astik) | Remove unused `es_conf_dir` variable |
| [#33](https://github.com/elastic/ansible-beats/pull/33) | [@astik](https://github.com/astik) | Replace custom filter with yaml handling |
| [#10](https://github.com/elastic/ansible-beats/pull/10) | [@Meecr0b](https://github.com/Meecr0b) | Move the `repo_key` configuration to a variable |
| [#34](https://github.com/elastic/ansible-beats/pull/34) | [@nyetwurk](https://github.com/nyetwurk) | Make sure the right beat service gets restarted |
| [#38](https://github.com/elastic/ansible-beats/pull/38) | [@jmlrt](https://github.com/jmlrt) | Add probot config to manage stale issues/pr + GH issue template |
| [#40](https://github.com/elastic/ansible-beats/pull/40) | [@nyetwurk](https://github.com/nyetwurk) | Make beats `repo_key` variable a unique name less likely to collide |
| [#41](https://github.com/elastic/ansible-beats/pull/41) | [@jmlrt](https://github.com/jmlrt) | Enhance ansible-beats documentation |
## 7.0.0 - 2019/05/09
* First release
* 7.0.0 as default version

8
ansible/roles/elastic.beats/Gemfile
View File

@ -1,6 +1,6 @@
source 'https://rubygems.org'
gem 'test-kitchen', '1.21.1'
gem "kitchen-docker", '2.6.0'
gem 'kitchen-ansible', '0.48.3'
gem 'net-ssh', '4.2.0'
gem 'test-kitchen'
gem 'kitchen-docker'
gem 'kitchen-ansible'
gem 'net-ssh'

110
ansible/roles/elastic.beats/Gemfile.lock
View File

@ -1,75 +1,117 @@
GEM
remote: https://rubygems.org/
specs:
builder (3.2.3)
erubis (2.7.0)
ffi (1.9.24)
gssapi (1.2.0)
bcrypt_pbkdf (1.0.1)
builder (3.2.4)
ed25519 (1.2.4)
equatable (0.5.0)
erubi (1.9.0)
ffi (1.12.1)
gssapi (1.3.0)
ffi (>= 1.0.1)
gyoku (1.3.1)
builder (>= 2.1.2)
httpclient (2.8.3)
kitchen-ansible (0.48.3)
kitchen-ansible (0.50.0)
net-ssh (>= 3)
test-kitchen (~> 1.4)
kitchen-docker (2.6.0)
test-kitchen (>= 1.4)
kitchen-docker (2.9.0)
test-kitchen (>= 1.0.0)
license-acceptance (1.0.11)
pastel (~> 0.7)
tomlrb (~> 1.2)
tty-box (~> 0.3)
tty-prompt (~> 0.18)
little-plugger (1.1.4)
logging (2.2.2)
little-plugger (~> 1.1)
multi_json (~> 1.10)
mixlib-install (3.9.3)
mixlib-install (3.11.18)
mixlib-shellout
mixlib-versioning
thor
mixlib-shellout (2.3.2)
mixlib-versioning (1.2.2)
multi_json (1.13.1)
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-ssh (4.2.0)
net-ssh-gateway (1.3.0)
net-ssh (>= 2.6.5)
mixlib-shellout (2.4.4)
mixlib-versioning (1.2.7)
multi_json (1.14.1)
necromancer (0.4.0)
net-scp (2.0.0)
net-ssh (>= 2.6.5, < 6.0.0)
net-ssh (5.2.0)
net-ssh-gateway (2.0.0)
net-ssh (>= 4.0.0)
nori (2.6.0)
pastel (0.7.2)
equatable (~> 0.5.0)
tty-color (~> 0.4.0)
rubyntlm (0.6.2)
rubyzip (1.2.2)
test-kitchen (1.21.1)
rubyzip (2.0.0)
strings (0.1.5)
strings-ansi (~> 0.1)
unicode-display_width (~> 1.5)
unicode_utils (~> 1.4)
strings-ansi (0.1.0)
test-kitchen (2.2.5)
bcrypt_pbkdf (~> 1.0)
ed25519 (~> 1.2)
license-acceptance (~> 1.0, >= 1.0.11)
mixlib-install (~> 3.6)
mixlib-shellout (>= 1.2, < 3.0)
net-scp (~> 1.1)
net-ssh (>= 2.9, < 5.0)
net-ssh-gateway (~> 1.2)
thor (~> 0.19, < 0.19.2)
net-scp (>= 1.1, < 3.0)
net-ssh (>= 2.9, < 6.0)
net-ssh-gateway (>= 1.2, < 3.0)
thor (~> 0.19)
winrm (~> 2.0)
winrm-elevated (~> 1.0)
winrm-fs (~> 1.1)
thor (0.19.1)
winrm (2.2.3)
thor (0.20.3)
timers (4.3.0)
tomlrb (1.2.8)
tty-box (0.3.0)
pastel (~> 0.7.2)
strings (~> 0.1.4)
tty-cursor (~> 0.6.0)
tty-color (0.4.3)
tty-cursor (0.6.1)
tty-prompt (0.18.1)
necromancer (~> 0.4.0)
pastel (~> 0.7.0)
timers (~> 4.0)
tty-cursor (~> 0.6.0)
tty-reader (~> 0.5.0)
tty-reader (0.5.0)
tty-cursor (~> 0.6.0)
tty-screen (~> 0.6.4)
wisper (~> 2.0.0)
tty-screen (0.6.5)
unicode-display_width (1.6.0)
unicode_utils (1.4.0)
winrm (2.3.4)
builder (>= 2.1.2)
erubis (~> 2.7)
erubi (~> 1.8)
gssapi (~> 1.2)
gyoku (~> 1.0)
httpclient (~> 2.2, >= 2.2.0.2)
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.1)
winrm-elevated (1.1.0)
winrm-elevated (1.1.1)
winrm (~> 2.0)
winrm-fs (~> 1.0)
winrm-fs (1.2.0)
erubis (~> 2.7)
winrm-fs (1.3.4)
erubi (~> 1.8)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 1.1)
rubyzip (~> 2.0)
winrm (~> 2.0)
wisper (2.0.0)
PLATFORMS
ruby
DEPENDENCIES
kitchen-ansible (= 0.48.3)
kitchen-docker (= 2.6.0)
net-ssh (= 4.2.0)
test-kitchen (= 1.21.1)
kitchen-ansible
kitchen-docker
net-ssh
test-kitchen
BUNDLED WITH
1.16.1
1.17.0

13
ansible/roles/elastic.beats/LICENSE Normal file
View File

@ -0,0 +1,13 @@
Copyright (c) 2012-2016 Elasticsearch <http://www.elastic.co>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

240
ansible/roles/elastic.beats/README.md
View File

@ -1,101 +1,66 @@
Beats Role
=========
# ansible-beats
[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+ansible-beats+master.svg)](https://devops-ci.elastic.co/job/elastic+ansible-beats+master/)
[![Ansible Galaxy](https://img.shields.io/badge/ansible--galaxy-elastic.beats-blue.svg)](https://galaxy.ansible.com/elastic/beats/)
This role provides a generic means of installing Elastic supported beats using Ansible. Currently this includes:
This role provides a generic means of installing Elastic supported Beats
- Filebeat
- MetricBeat (TopBeat in 1.x)
- Packetbeat
**Tested Beats**
Requirements
------------
* Filebeat
* MetricBeat (TopBeat in 1.x)
* Packetbeat
This role requires:
**Tested Versions**
- Ansible version > 2.0
- Beats version >= 1.x
- Target machines require access to an external repo, or means
* 7.x
* 6.x
The following OS are currently actively tested using kitchen:
**Tested Platforms**
- Centos 6 & 7
- Debian 8 & 9
- Ubuntu 14.04, 16.04 & 18.04
* Ubuntu 14.04
* Ubuntu 16.04
* Ubuntu 18.04
* Debian 8
* Debian 9
* CentOS 7
* CentOS 8
* Amazon Linux 2
The above list is subject to change.
## Usage
Role Variables
--------------
Create your Ansible playbook with your own tasks, and include the role beats. You will have to have this repository accessible within the context of playbook.
Supported variables are as follows:
```sh
ansible-galaxy install elastic.beats,v7.11.1
```
- **beat** (*MANDATORY*): Beat product. Supported values are: "filebeat", "metricbeat" & "packetbeat".
- **beat_conf** (*MANDATORY*): Beat Configuration. Should be defined as a map (see [Example Playbook](#example-playbook))
- **beats_version** (*Defaults to `7.0.0`*): Beats version.
- **version_lock** (*Defaults to `false`*): Locks the installed version if set to true, thus preventing other processes from updating. This will not impact the roles ability to update the beat on subsequent runs (it unlocks and re-locks if required).
- **use_repository** (*Defaults to `true`*): Use elastic repo for yum or apt if true. If false, a custom custom_package_url must be provided.
- **start_service** (*Defaults to `true`*): service will be started if true, false otherwise.
- **restart_on_change** (*Defaults to `true`*): Changes to configuration or installed versions, will result in a restart if true.
- **daemon_args** (*Applicable to version 1.x of beats*): Allows run time params to be passed to beats.
- **logging_conf** (*Defaults to `{"files":{"rotateeverybytes":10485760}}`*): Logging configuration. Should be defined as a map (see [Example Playbook](#example-playbook)). Map is serialized into logging section of beat config.
- **shipper_conf** (*Applicable to version 1.x of beats*): Shipper configuration. Should be defined as a map (see [Example Playbook](#example-playbook)). Map is serialized into shipper section of beat config.
- **output_conf** (*Defaults to `{"elasticsearch":{"hosts":["localhost:9200"]}}`): Output configuration. Should be defined as a map (see [Example Playbook](#example-playbook)). Map is serialized into output section of beat config.
- **beats_pid_dir** (*Defaults to `/var/run`*): Location of beats pid file.
- **beats_conf_dir** (*Defaults to `/etc/{beat}`*): Location of conf directory for beats configuration file.
Then create your playbook yaml adding the role beats.
The application of the beats role results in the installation of a node on a host.
Dependencies
------------
The simplest configuration therefore consists of:
- Ansible version > 2.0
- Beats version >= 6.x
```yaml
hosts: localhost
roles:
- role: elastic.beats
vars:
beats_version: 7.11.1
beat: filebeat
beat_conf:
filebeat:
inputs:
- type: log
enabled: true
paths:
- /var/log/*.log
```
Example Playbook
----------------
The above installs Filebeat 7.11.1 on the hosts 'localhost'.
Example playbook is provided below. This installs Packetbeat and illustrates the need for configuration sections to be specified as maps.
- name: Example playbook for installing packetbeat
hosts: localhost
roles:
- { role: beats, beat: "packetbeat",
beat_conf: {
"interfaces": {"device":"any"},
"protocols": {
"dns": {
"ports": [53],
"include_authorities":true
},
"http": {
"ports": [80, 8080, 8000, 5000, 8002]
},
"memcache": {
"ports": [11211]
},
"mysql": {
"ports": [3306]
},
"pgsql": {
"ports": [5432]
},
"redis": {
"ports": [6379]
},
"thrift": {
"ports": [9090]
},
"mongodb": {
"ports": [27017]
}
}
},
output_conf : {
"elasticsearch": {
"hosts": ["localhost:9200"]
}
}
}
vars:
use_repository: "true"
**Notes**:
- Beats default version is described in [`beats_version`](https://github.com/elastic/ansible-beats/blob/master/defaults/main.yml#L4). You can override this variable in your playbook to install another version.
While we are testing this role only with one 7.x and one 6.x version (respectively [7.11.1](https://github.com/elastic/ansible-beats/blob/master/defaults/main.yml#L4) and [6.8.14](https://github.com/elastic/ansible-beats/blob/master/test/integration/standard-6x.yml#L7) at the time of writing), this role should work with others version also in most cases.
- Beat product is described in `beat` variable. While currently tested Beats are Filebeat, Metricbeat & Packetbeat, this role should work also with other member of [The Beats Family](https://www.elastic.co/products/beats) in most cases.
## Testing
@ -140,20 +105,113 @@ When you are finished testing you can clean up everything with
$ make destroy-all
```
License
-------
### Basic Beats configuration
All Beats configuration parameters are supported. This is achieved using a configuration map parameter `beat_conf` which is serialized into the `${beat}.yml` file.
The use of a map ensures the Ansible playbook does not need to be updated to reflect new/deprecated/plugin configuration parameters.
In addition to the `beat_conf` map, several other parameters are supported for additional functions e.g. script installation. These can be found in the role's `defaults/main.yml` file.
The following illustrates applying configuration parameters to Packetbeat instance.
```yaml
- name: Example playbook for installing packetbeat
hosts: localhost
roles:
- { role: beats, beat: "packetbeat",
beat_conf: {
"interfaces": {"device":"any"},
"protocols": {
"dns": {
"ports": [53],
"include_authorities":true
},
"http": {
"ports": [80, 8080, 8000, 5000, 8002]
},
"memcache": {
"ports": [11211]
},
"mysql": {
"ports": [3306]
},
"pgsql": {
"ports": [5432]
},
"redis": {
"ports": [6379]
},
"thrift": {
"ports": [9090]
},
"mongodb": {
"ports": [27017]
}
}
},
output_conf : {
"elasticsearch": {
"hosts": ["localhost:9200"]
}
}
}
vars:
use_repository: "true"
```
### Additional Configuration
Supported variables are as follows:
- **beat** (*MANDATORY*): Beat product. Supported values are: "filebeat", "metricbeat" & "packetbeat" (others beats from [The Beats Family](https://www.elastic.co/products/beats) should work in most cases but aren't currently tested).
- **beat_conf** (*MANDATORY*): Beat Configuration. Should be defined as a map.
- **beats_version** (*Defaults to `7.11.1`*): Beats version.
- **version_lock** (*Defaults to `false`*): Locks the installed version if set to true, thus preventing other processes from updating. This will not impact the roles ability to update the beat on subsequent runs (it unlocks and re-locks if required).
- **use_repository** (*Defaults to `true`*): Use elastic repo for yum or apt if true. If false, a custom custom_package_url must be provided.
- **beats_add_repository** (*Defaults to `{use_repository}`*): Install elastic repo for yum or apt if true. If false, the present repositories will be used. Useful if you already have beats packages in your repo.
- **start_service** (*Defaults to `true`*): service will be started if true, false otherwise.
- **restart_on_change** (*Defaults to `true`*): Changes to configuration or installed versions, will result in a restart if true.
- **daemon_args** (*Applicable to version 1.x of beats*): Allows run time params to be passed to beats.
- **logging_conf** (*Defaults to `{"files":{"rotateeverybytes":10485760}}`*): Logging configuration. Should be defined as a map. Map is serialized into logging section of beat config.
- **shipper_conf** (*Applicable to version 1.x of beats*): Shipper configuration. Should be defined as a map . Map is serialized into shipper section of beat config.
- **output_conf** (*Defaults to `{"elasticsearch":{"hosts":["localhost:9200"]}}`*): Output configuration. Map is serialized into output section of beat config.
- **beats_pid_dir** (*Defaults to `/var/run`*): Location of beats pid file.
- **beats_conf_dir** (*Defaults to `/etc/{beat}`*): Location of conf directory for beats configuration file.
- **default_ilm_policy** (*Defaults undefined*): local path to default policy if any custom one is defined
### Focus on ILM
By default, *beat* will create a default policy defined as part of the beat being deployed.
You can override default ILM setup by defining ILM conf as part of *beat_conf*.
For example:
```
- role: ansible-beats
beat: metricbeat
beat_conf:
setup:
ilm:
policy_file: /etc/filebeat/policies/my-default-metricbeat.json
overwrite: true
metricbeat.modules:
...
default_ilm_policy: conf/my-default-metricbeat.json
become: yes
```
This will copy *conf/my-default-filebeat.json* to */etc/filebeat/policies/my-default-filebeat.json*.
This policy will be used as default one for this beat.
## License
Apache 2.0
Limitations
------------
## Limitations
Multiple instances of the same beat cannot be installed on the same target server.
Author Information
------------------
## Questions on Usage
Dale McDiarmid
For further assistance, outside of issues, please use discuss.elastic.co.
We welcome questions on how to use the role. However, in order to keep the GitHub issues list focused on "issues" we ask the community to raise questions at https://discuss.elastic.co/c/beats. This is monitored by the maintainers.
Community Contributions always appreciated and welcome! Please ensure all contributions include tests as appropriate.

7
ansible/roles/elastic.beats/defaults/main.yml
View File

@ -1,13 +1,14 @@
---
# defaults file for beats
beats_version: 7.0.0
beats_version: 7.11.1
oss_version: false
version_lock: false
use_repository: true
beats_add_repository: "{{ use_repository }}"
start_service: true
restart_on_change: true
daemon_args: ""
logging_conf: {"files":{"rotateeverybytes":10485760}}
output_conf: {"elasticsearch":{"hosts":["localhost:9200"]}}
beats_pid_dir: "/var/run"
beats_conf_dir: "/etc/{{beat}}"
beats_conf_dir: "/etc/{{beat}}"

8
ansible/roles/elastic.beats/filter_plugins/custom.py
View File

@ -1,8 +0,0 @@
__author__ = 'dale mcdiarmid'
def merge_config(config={}, key=''):
return {key:config}
class FilterModule(object):
def filters(self):
return {'merge_config': merge_config}

10
ansible/roles/elastic.beats/handlers/main.yml
View File

@ -1,6 +1,10 @@
---
# handlers file for beats
- name: restart beat
service: name={{ beat }} state=restarted enabled=yes
when: start_service and restart_on_change and not beats_started.changed and beat_install.changed
- name: restart the service
become: yes
service:
name: "{{ beat_product }}"
state: restarted
enabled: true
when: start_service and restart_on_change and not beats_started.changed

4
ansible/roles/elastic.beats/meta/.galaxy_install_info
View File

@ -1,2 +1,2 @@
install_date: Sat Jul 6 01:04:40 2019
version: 7.0.0
install_date: Thu Mar 4 17:26:32 2021
version: v7.11.1

28
ansible/roles/elastic.beats/meta/main.yml
View File

@ -1,26 +1,26 @@
---
allow_duplicates: yes
allow_duplicates: true
dependencies: []
galaxy_info:
role_name: beats
author: Dale McDiarmid
description: Beats for Linux
company: "Elastic.co"
issue_tracker_url: https://github.com/elastic/ansible-beats/issues
license: "license (Apache)"
min_ansible_version: 2.0
platforms:
- name: EL
versions:
- 6
- 7
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- all
categories:
- name: EL
versions:
- 6
- 7
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- all
galaxy_tags:
- beats
- elastic
- elk

80
ansible/roles/elastic.beats/tasks/beats-config.yml
View File

@ -1,33 +1,79 @@
---
# Configure Beats Node
- set_fact: pid_file={{ beats_pid_dir }}/{{beat}}.pid
- set_fact: instance_default_file={{ default_file }}/{{beat}}
- set_fact: conf_file={{ beats_conf_dir }}/{{beat}}.yml
- name: Set default facts
set_fact:
pid_file: '{{ beats_pid_dir }}/{{ beat }}.pid'
instance_default_file: '{{ default_file }}/{{ beat }}'
conf_file: '{{ beats_conf_dir }}/{{ beat }}.yml'
beat_output_conf:
output: '{{ output_conf }}'
- set_fact: beat_output_conf={{ output_conf | merge_config('output') }}
- set_fact: beat_shipper_conf={{ shipper_conf | merge_config('shipper') }}
- name: Set beat_shipper_conf
set_fact:
beat_shipper_conf:
shipper: '{{ shipper_conf }}'
when: shipper_conf is defined
- set_fact: beat_logging_conf={{ logging_conf | merge_config('logging') }}
- stat: path={{beats_pid_dir}}
- name: Set beat_logging_conf
set_fact:
beat_logging_conf:
logging: '{{ logging_conf }}'
- name: Check pid_dir status
stat:
path: '{{ beats_pid_dir }}'
register: pid_stat
- name: Create PID Directory
file: path={{ beats_pid_dir }} state=directory
become: yes
file:
path: '{{ beats_pid_dir }}'
state: directory
when: pid_stat.stat.isdir is not defined or pid_stat.stat.islnk is not defined
#fail if pid and config directories are not links or not directories i.e files
# fail if pid and config directories are not links or not directories i.e files
- name: Create Config Directory
file: path={{ beats_conf_dir }} state=directory
become: yes
file:
path: '{{ beats_conf_dir }}'
state: directory
#Copy the default file
# Copy the default file
- name: Copy Default File for Instance
template: src=beat.j2 dest={{instance_default_file}} mode=0644 force=yes owner=root group=root
notify: restart beat
become: yes
template:
src: beat.j2
dest: '{{ instance_default_file }}'
mode: 0644
force: true
owner: root
group: root
notify: restart the service
#Copy templated config file
- name: Copy Configuration File
template: src=beat.yml.j2 dest={{conf_file}} mode=0644 force=yes owner=root group=root
notify: restart beat
# Copy templated config file
- name: Copy Configuration File for {{ beat }}
become: yes
template:
src: beat.yml.j2
dest: '{{ conf_file }}'
mode: 0644
force: true
owner: root
group: root
notify: restart the service
# Copy default ILM policy file
- name: Create default policies config directory
file:
path: '{{ beat_conf.setup.ilm.policy_file | dirname }}'
state: directory
when: default_ilm_policy is defined
- name: Copy default ILM policy file for {{ beat }}
copy:
src: '{{default_ilm_policy}}'
dest: '{{ beat_conf.setup.ilm.policy_file }}'
when: default_ilm_policy is defined
notify: restart the service

113
ansible/roles/elastic.beats/tasks/beats-debian.yml
View File

@ -1,45 +1,100 @@
---
- name: Debian - Ensure apt-transport-https is installed
apt: name=apt-transport-https state=present cache_valid_time=86400
when: use_repository
become: yes
apt:
name: apt-transport-https
state: present
cache_valid_time: 86400
when: use_repository | bool
register: beat_install
notify: restart beat
until: beat_install is succeeded
notify: restart the service
- name: Debian - Ensure python-urllib3, python-openssl, python-pyasn1 & python-pip are installed
become: yes
apt:
name:
- python-urllib3
- python-openssl
- python-pyasn1
- python-pip
state: present
register: libs_install
until: libs_install is succeeded
when:
- use_repository | bool
- ansible_distribution_release == "trusty"
- name: Debian - ensure ndg-httpsclient pip is installed
become: yes
pip:
name: ndg-httpsclient
state: present
register: ndg_install
until: ndg_install is succeeded
when:
- use_repository | bool
- ansible_distribution_release == "trusty"
- name: Debian - Add Beats repository key
apt_key: url="http://packages.elasticsearch.org/GPG-KEY-elasticsearch" state=present
when: use_repository
become: yes
apt_key:
url: '{{ elastic_repo_key }}'
state: present
register: apt_key_install
until: apt_key_install is succeeded
when: beats_add_repository | bool
- name: Debian - add beats repository
apt_repository: repo="deb {{ repo_url }} stable main" state=present
when: use_repository
become: yes
apt_repository:
repo: 'deb {{ repo_url }} stable main'
state: present
register: repo_install
until: repo_install is succeeded
when: beats_add_repository | bool
- name: Debian - unhold {{beat}} version for install
command: apt-mark unhold {{beat}}
changed_when: False
- name: Debian - unhold {{ beat }} version for install
become: yes
command: apt-mark unhold {{ beat }}
changed_when: false
- name: Debian - Ensure {{beat}} is installed
apt: name={{beat}}{% if beats_version is defined and beats_version != "" %}={{ beats_version }}{% endif %} state=present cache_valid_time=86400
when: use_repository
- name: Debian - Ensure {{ beat }} is installed
become: yes
apt:
name: >-
{{ beat }}{% if beats_version is defined and beats_version|length>0 %}={{ beats_version }}{% endif %}
state: present
cache_valid_time: 86400
register: beat_install
notify: restart beat
until: beat_install is succeeded
when: use_repository | bool
notify: restart the service
- name: Debian - hold {{beat}} version
command: apt-mark hold {{beat}}
- name: Debian - hold {{ beat }} version
become: yes
command: apt-mark hold {{ beat }}
when: version_lock
changed_when: False
changed_when: false
- set_fact: os_arch="i386"
- name: Set os_arch
set_fact:
os_arch: >-
{{ ansible_architecture == 'x86_64' | ternary('amd64', 'i386') }}
- set_fact: os_arch="amd64"
when: ansible_architecture == "x86_64"
- name: Debian - Download {{ beat }} from url
get_url:
url: >-
{% if custom_package_url is defined %}{{ custom_package_url }}{%
else %}{{ beats_package_url }}/{{ beat }}/{{ beat }}_{{ beats_version }}_{{ os_arch }}.deb{% endif %}
dest: '/tmp/{{ beat }}_{{ beats_version }}_{{ os_arch }}.deb'
validate_certs: false
when: not use_repository | bool
- name: Debian - Download {{beat}} from url
get_url: url={% if custom_package_url is defined %}{{ custom_package_url }}{% else %}{{ beats_package_url }}/{{beat}}/{{beat}}_{{ beats_version }}_{{os_arch}}.deb{% endif %} dest=/tmp/{{beat}}_{{ beats_version }}_{{os_arch}}.deb validate_certs=no
when: not use_repository
- name: Debian - Ensure {{beat}} is installed from downloaded package
apt: deb=/tmp/{{beat}}_{{ beats_version }}_{{os_arch}}.deb
when: not use_repository
register: beat_install
notify: restart beat
- name: Debian - Ensure {{ beat }} is installed from downloaded package
become: yes
apt:
deb: '/tmp/{{ beat }}_{{ beats_version }}_{{ os_arch }}.deb'
when: not use_repository | bool
notify: restart the service

20
ansible/roles/elastic.beats/tasks/beats-param-check.yml
View File

@ -1,9 +1,19 @@
---
- name: Check beat variable
fail:
msg: "beat must be specified and cannot be blank e.g. filebeat"
when: beat is not defined or (beat | length == 0)
- fail: msg="beat must be specified and cannot be blank e.g. filebeat"
when: beat is not defined or beat == ''
- fail: msg="beat_conf must be specified"
- name: Check beat_conf variable
fail:
msg: "beat_conf must be specified"
when: beat_conf is not defined
- set_fact: "beats_major_version={{ beats_version[0] }}.x"
- name: Check ILM variables
fail:
msg: "beat_conf.setup.ilm.policy_file must be specified if default_ilm_policy is used"
when: default_ilm_policy is defined and beat_conf.setup.ilm.policy_file is not defined
- name: Set beats_major_version
set_fact:
beats_major_version: '{% if oss_version %}oss-{% endif %}{{ beats_version.split(".")[0] }}.x'

72
ansible/roles/elastic.beats/tasks/beats-redhat.yml
View File

@ -1,33 +1,59 @@
---
- name: Ensure libselinux-python on CentOS 6.x
yum: name=libselinux-python state=present update_cache=yes
when: ( ansible_distribution == "CentOS" ) and ( ansible_distribution_major_version == "6" )
- name: Redhat - add beats repository
template: src=beats.repo.j2 dest=/etc/yum.repos.d/beats.repo
when: use_repository
become: yes
template:
src: beats.repo.j2
dest: /etc/yum.repos.d/beats.repo
when: beats_add_repository | bool
- name: RedHat - install yum-version-lock
yum: name=yum-plugin-versionlock state=present update_cache=yes
become: yes
yum:
name: yum-plugin-versionlock
state: present
update_cache: true
when: version_lock | bool
register: versionlock_install
until: versionlock_install is succeeded
- name: RedHat - unlock {{beat}} for install
shell: yum versionlock delete {{beat}} || true
changed_when: False
- name: RedHat - unlock {{ beat }} for install
become: yes
shell: yum versionlock delete {{ beat }} || true
changed_when: false
when: version_lock | bool
tags:
- skip_ansible_lint
- name: RedHat - Ensure {{beat}} is installed
yum: name={{beat}}{% if beats_version is defined and beats_version != "" %}-{{ beats_version }}{% endif %} state=present update_cache=yes
when: use_repository
- name: RedHat - Ensure {{ beat }} is installed
become: yes
yum:
name: >-
{{ beat }}{% if beats_version is defined and beats_version|length %}-{{ beats_version }}{% endif %}
state: present
update_cache: true
register: beat_install
notify: restart beat
until: beat_install is succeeded
when: use_repository | bool
notify: restart the service
- name: RedHat - lock {{beat}} version
shell: yum versionlock add {{beat}}{% if beats_version is defined and beats_version != "" %}-{{ beats_version }}{% endif %}
when: version_lock
changed_when: False
- name: RedHat - lock {{ beat }} version
become: yes
shell: >-
yum versionlock add
{{ beat }}{% if beats_version is defined and beats_version|length %}-{{ beats_version }}{% endif %}
when: version_lock | bool
changed_when: false
tags:
- skip_ansible_lint
- name: RedHat - Install {{beat}} from url
yum: name={% if custom_package_url is defined %}{{ custom_package_url }}{% else %}{{ beats_package_url }}/{{beat}}-{{ beats_version }}-{{ansible_architecture}}.rpm{% endif %} state=present
- name: RedHat - Install {{ beat }} from url
become: yes
yum:
name: >-
{% if custom_package_url is defined %}{{ custom_package_url }}{%
else %}{{ beats_package_url }}/{{ beat }}-{{ beats_version }}-{{ ansible_architecture }}.rpm{% endif %}
state: present
register: beat_install
until: beat_install is succeeded
when: not use_repository
register: beat_install
notify: restart beat
notify: restart the service

16
ansible/roles/elastic.beats/tasks/beats.yml
View File

@ -2,19 +2,23 @@
# Install OS specific beats
- name: Include specific Beats
include: beats-debian.yml
include_tasks: beats-debian.yml
when: ansible_os_family == 'Debian'
- name: Include specific Beats
include: beats-redhat.yml
include_tasks: beats-redhat.yml
when: ansible_os_family == 'RedHat'
#Configuration file for beats
# Configuration file for beats
- name: Beats configuration
include: beats-config.yml
include_tasks: beats-config.yml
# Make sure the service is started, and restart if necessary
- name: Start beats service
service: name={{ beat }} state=started enabled=yes
- name: Start {{ beat_product }} service
become: yes
service:
name: '{{ beat }}'
state: started
enabled: true
when: start_service
register: beats_started

13
ansible/roles/elastic.beats/tasks/main.yml
View File

@ -2,9 +2,16 @@
# tasks file for beats
- name: check-parameters
include: beats-param-check.yml
include_tasks: beats-param-check.yml
- name: define beat product
set_fact:
beat_product: "{{ beat }}"
- name: os-specific vars
include_vars: "{{ansible_os_family}}.yml"
include_vars: '{{ ansible_os_family }}.yml'
- include: beats.yml
- include_tasks: beats.yml
- name: Force all notified handlers to run at this point, not waiting for normal sync points
meta: flush_handlers

10
ansible/roles/elastic.beats/templates/beat.yml.j2
View File

@ -1,7 +1,9 @@
# {{ ansible_managed }}
################### {{beat}} Configuration #########################
############################# {{beat}} ######################################
{{beat_conf | to_nice_yaml}}
{{ beat_conf | to_nice_yaml(indent=2) }}
###############################################################################
############################# Libbeat Config ##################################
@ -9,12 +11,12 @@
############################# Output ##########################################
{{ beat_output_conf | to_nice_yaml }}
{{ beat_output_conf | to_nice_yaml(indent=2) }}
{% if shipper_conf is defined %}############################# Shipper #########################################
{{ beat_shipper_conf | to_nice_yaml }}
{{ beat_shipper_conf | to_nice_yaml(indent=2) }}
{% endif %}
############################# Logging #########################################
{{ beat_logging_conf | to_nice_yaml }}
{{ beat_logging_conf | to_nice_yaml(indent=2) }}

2
ansible/roles/elastic.beats/templates/beats.repo.j2
View File

@ -2,5 +2,5 @@
name=Elastic Beats Repository
baseurl={{ repo_url }}
enabled=1
gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch
gpgkey={{ elastic_repo_key }}
gpgcheck=1

82
ansible/roles/elastic.beats/test/integration/config.yml
View File

@ -1,44 +1,46 @@
---
#Install specific version here
- name: wrapper playbook for kitchen testing "beats"
# Install specific version here
- name: wrapper playbook for kitchen testing beats
hosts: localhost
roles:
- { role: "ansible-beats", beat: "packetbeat", version_lock: true,
beat_conf: {
"interfaces": {"device":"any"},
"protocols": {
"dns": {
"ports": [53],
"include_authorities":true
},
"http": {
"ports": [80, 8080, 8000, 5000, 8002]
},
"memcache": {
"ports": [11211]
},
"mysql": {
"ports": [3306]
},
"pgsql": {
"ports": [5432]
},
"redis": {
"ports": [6379]
},
"thrift": {
"ports": [9090]
},
"mongodb": {
"ports": [27017]
}
}
},
output_conf : {
"elasticsearch": {
"hosts": ["localhost:9200"]
}
}
}
- role: ansible-beats
beat: packetbeat
version_lock: true
beat_conf:
interfaces:
device: any
protocols:
dns:
ports:
- 53
include_authorities: true
http:
ports:
- 80
- 8080
- 8000
- 5000
- 8002
memcache:
ports:
- 11211
mysql:
ports:
- 3306
pgsql:
ports:
- 5432
redis:
ports:
- 6379
thrift:
ports:
- 9090
mongodb:
ports:
- 27017
output_conf:
elasticsearch:
hosts: ["localhost:9200"]
vars:
use_repository: "true"
use_repository: true

27
ansible/roles/elastic.beats/test/integration/multi.yml
View File

@ -2,7 +2,28 @@
- name: wrapper playbook for kitchen testing "beats"
hosts: localhost
roles:
- { role: "ansible-beats", beat: "filebeat", beat_conf: {"filebeat": {"inputs":[{"paths":["/var/log/*.log"],"type":"log"}]} } }
- { role: "ansible-beats", beat: "metricbeat", beat_conf: { "metricbeat.modules": [{"module": "system", "metricsets": ["cpu", "filesystem", "network", "process"], "enabled": true, "period": "10s", "processes":[".*"], "cpu_ticks": false } ] } }
- role: ansible-beats
beat: filebeat
beat_conf:
filebeat:
inputs:
- paths:
- /var/log/*.log
type: log
- role: ansible-beats
beat: metricbeat
beat_conf:
metricbeat:
modules:
- module: "system"
metricsets:
- cpu
- filesystem
- network
- process
enabled: true
period: 10s
processes: [".*"]
cpu_ticks: false
vars:
use_repository: "true"
use_repository: true

15
ansible/roles/elastic.beats/test/integration/oss.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: wrapper playbook for kitchen testing "beats"
hosts: localhost
roles:
- role: ansible-beats
beat: filebeat
beat_conf:
filebeat:
inputs:
- paths:
- /var/log/*.log
type: log
vars:
use_repository: true
oss_version: true

39
ansible/roles/elastic.beats/test/integration/oss/serverspec/default_spec.rb Normal file
View File

@ -0,0 +1,39 @@
require 'spec_helper'
describe 'Open Source Tests' do
describe service('filebeat') do
it { should be_running }
end
describe package('filebeat') do
it { should be_installed }
end
describe file('/etc/filebeat/filebeat.yml') do
it { should be_file }
it { should be_owned_by 'root' }
end
describe file('/etc/filebeat/filebeat.yml') do
it { should contain 'filebeat:' }
it { should contain 'logging:' }
it { should contain 'output:' }
end
describe file('/etc/init.d/filebeat') do
it { should exist }
end
if os[:family] == 'redhat'
describe command('yum versionlock list | grep filebeat') do
its(:stdout) { should_not match /filebeat/ }
end
elsif ['debian', 'ubuntu'].include?(os[:family])
describe command('sudo apt-mark showhold | grep filebeat') do
its(:stdout) { should_not match /filebeat/ }
end
end
end

14
ansible/roles/elastic.beats/test/integration/standard-6x.yml
View File

@ -2,7 +2,15 @@
- name: wrapper playbook for kitchen testing "beats"
hosts: localhost
roles:
- { role: "ansible-beats", beat: "filebeat", beat_conf: {"filebeat": {"prospectors":[{"paths":["/var/log/*.log"],"input_type":"log"}], "registry_file": "/var/lib/filebeat/registry"} } }
- role: ansible-beats
beat: filebeat
beat_conf:
filebeat:
prospectors:
- paths:
- /var/log/*.log
input_type: log
registry_file: /var/lib/filebeat/registry
vars:
beats_version: 6.7.1
use_repository: "true"
beats_version: 6.8.14
use_repository: "true"

11
ansible/roles/elastic.beats/test/integration/standard.yml
View File

@ -2,6 +2,13 @@
- name: wrapper playbook for kitchen testing "beats"
hosts: localhost
roles:
- { role: "ansible-beats", beat: "filebeat", beat_conf: {"filebeat": {"inputs":[{"paths":["/var/log/*.log"],"type":"log"}]} } }
- role: ansible-beats
beat: filebeat
beat_conf:
filebeat:
inputs:
- paths:
- /var/log/*.log
type: log
vars:
use_repository: "true"
use_repository: true

5
ansible/roles/elastic.beats/test/matrix.yml
View File

@ -1,13 +1,16 @@
---
OS:
- ubuntu-1404
- ubuntu-1604
- ubuntu-1804
- debian-8
- debian-9
- centos-6
- centos-7
- centos-8
- amazonlinux-2
TEST_TYPE:
- standard
- standard-6x
- multi
- config
- oss

2
ansible/roles/elastic.beats/vars/Debian.yml
View File

@ -1,5 +1,3 @@
---
default_file: "/etc/default"
init_script: "/etc/init.d"
repo_url: "https://artifacts.elastic.co/packages/{{ beats_major_version }}/apt"

4
ansible/roles/elastic.beats/vars/RedHat.yml
View File

@ -1,5 +1,3 @@
---
default_file: "/etc/sysconfig"
init_script: "/etc/init.d"
repo_url: "https://artifacts.elastic.co/packages/{{ beats_major_version }}/yum"
repo_url: "https://artifacts.elastic.co/packages/{{ beats_major_version }}/yum"

2
ansible/roles/elastic.beats/vars/main.yml
View File

@ -2,4 +2,4 @@
# vars file for beats
beats_package_url: "https://download.elastic.co/beats"
es_conf_dir: "/etc"
elastic_repo_key: "https://packages.elastic.co/GPG-KEY-elasticsearch"