Big changes to Elastic services
Install-Client and Install-Server are now valid. They will install what is needed per the hosts file. Computers in Linux will get client and computers in Elastic will get server.
This commit is contained in:
parent
b4f0af6963
commit
02c5a9c632
32
playbook/README.md
Normal file
32
playbook/README.md
Normal file
@ -0,0 +1,32 @@
|
||||
# Playbook
|
||||
|
||||
This is the collection of playbooks that have been made. Each folder here ties back into the hosts file.
|
||||
|
||||
## Linux
|
||||
|
||||
This contains files that are designed to be ran against all linux based hosts. Some files are just general security updates and some will install packages that all servers need.
|
||||
|
||||
Installable services
|
||||
|
||||
* elastic-heartbeat
|
||||
* elastic-metricbeat
|
||||
|
||||
### Docker
|
||||
|
||||
This contains files that will maintain and deploy docker servers.
|
||||
|
||||
Docker servers will be a sub under Linux for basic up keep on the servers.
|
||||
|
||||
|
||||
### Elastic
|
||||
|
||||
This folder contains the files needed for a host that runs Elastic services as a server.
|
||||
|
||||
* ElasticSearch
|
||||
* Kibana
|
||||
|
||||
## Windows
|
||||
|
||||
Just like its Linux counter part, this contains the information and playbooks that are designed to be ran against all windows servers. Keeping baseline firewall, users, groups and windows updates are some examples.
|
||||
|
||||
|
44
playbook/linux/elastic/config-elasticsearch.yml
Normal file
44
playbook/linux/elastic/config-elasticsearch.yml
Normal file
@ -0,0 +1,44 @@
|
||||
# This will work on a new install.
|
||||
# If any changes are needed to the cluster name on an existing install add another function
|
||||
- name: Config - cluster.name 'elastic-DMI01'
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/elasticsearch/elasticsearch.yml
|
||||
regex: '^cluster.name'
|
||||
insertafter: '#cluster.name: my-application'
|
||||
line: 'cluster.name: elastic-DMI01'
|
||||
backup: yes
|
||||
|
||||
# We define the name of the host we are working on
|
||||
- name: Config - node.name
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/elasticsearch/elasticsearch.yml
|
||||
regex: '^node.name'
|
||||
insertafter: '#node.name: node-1'
|
||||
line: "node.name: {{ ansible_eno1.ipv4.address }}"
|
||||
|
||||
# Allow 9200 so we can access it over the network
|
||||
- name: Allow port 9200 though UFW
|
||||
become: true
|
||||
ufw:
|
||||
rule: allow
|
||||
port: 9200
|
||||
#name: ElasticSearch
|
||||
|
||||
- name: Service reload daemon
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: systemd - enable ElasticSearch on startup
|
||||
become: true
|
||||
systemd:
|
||||
name: elasticsearch
|
||||
enabled: yes
|
||||
|
||||
- name: systemd - restart ElasticSearch service
|
||||
become: true
|
||||
systemd:
|
||||
name: elasticsearch
|
||||
state: restarted
|
25
playbook/linux/elastic/config-heartbeat.yml
Normal file
25
playbook/linux/elastic/config-heartbeat.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
- name: define kibana host
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/heartbeat/heartbeat.yml
|
||||
regex: '^host: "dm-nagios.local:5601"'
|
||||
insertafter: '#host: "localhost:5601"'
|
||||
line: 'host: "dm-nagios.local:5601"'
|
||||
|
||||
- name: systemd - daemon reload
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: system - enable on startup
|
||||
become: true
|
||||
systemd:
|
||||
name: heartbeat-elastic
|
||||
enabled: yes
|
||||
|
||||
- name: systemd - restart heartbeat
|
||||
become: true
|
||||
systemd:
|
||||
name: heartbeat-elastic
|
||||
state: restarted
|
49
playbook/linux/elastic/config-kibana.yml
Normal file
49
playbook/linux/elastic/config-kibana.yml
Normal file
@ -0,0 +1,49 @@
|
||||
|
||||
- name: Config - Server.Port 5601
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/kibana/kibana.yml
|
||||
regex: '^server.port'
|
||||
insertafter: '#server.port: 5601'
|
||||
line: 'server.port: 5601'
|
||||
backup: yes
|
||||
|
||||
|
||||
- name: Config - Server.host
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/kibana/kibana.yml
|
||||
regex: '^server.host'
|
||||
insertafter: '#server.host'
|
||||
line: 'server.host: {{ ansible_eno1.ipv4.address }}'
|
||||
|
||||
- name: Config - elasticsearch.hosts
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/kibana/kibana.yml
|
||||
regex: '^elasticsearch.hosts'
|
||||
insertafter: '#elasticsearch.hosts:'
|
||||
line: 'elasticsearch.hosts: ["http://localhost:9200"]'
|
||||
|
||||
- name: Allow port 5601
|
||||
become: true
|
||||
ufw:
|
||||
rule: allow
|
||||
port: 5601
|
||||
|
||||
- name: systemd - daemon reload
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: systemd - enable Kibana on startup
|
||||
become: true
|
||||
systemd:
|
||||
name: kibana
|
||||
enabled: yes
|
||||
|
||||
- name: systemd - restart Kibana
|
||||
become: true
|
||||
systemd:
|
||||
name: kibana
|
||||
state: restarted
|
29
playbook/linux/elastic/config-metricbeat.yml
Normal file
29
playbook/linux/elastic/config-metricbeat.yml
Normal file
@ -0,0 +1,29 @@
|
||||
|
||||
# - name: enable modules
|
||||
|
||||
- name: define kibana host
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/metricbeat/metricbeat.yml
|
||||
regex: '^host: "dm-nagios.local:5601"'
|
||||
insertafter: '#host: "localhost:5601"'
|
||||
line: 'host: "dm-nagios.local:5601"'
|
||||
|
||||
#- name: config where to send information
|
||||
|
||||
- name: systemd - daemon reload
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: Enable service on system startup
|
||||
become: true
|
||||
systemd:
|
||||
name: metricbeat
|
||||
enabled: yes
|
||||
|
||||
- name: systemd - restart Metricbeat
|
||||
become: true
|
||||
systemd:
|
||||
name: metricbeat
|
||||
state: restarted
|
25
playbook/linux/elastic/install-client.yml
Normal file
25
playbook/linux/elastic/install-client.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
# This will install all the client parts needed for elastic to monitor client computers
|
||||
|
||||
- name: Install elastic client programs
|
||||
hosts: linux
|
||||
|
||||
tasks:
|
||||
- name: Install elastic repo
|
||||
include: install-repo.yml
|
||||
|
||||
- name: Install elastic heartbeat
|
||||
become: true
|
||||
apt:
|
||||
name: heartbeat-elastic
|
||||
|
||||
- name: Configure elastic heartbeazt
|
||||
include: config-heartbeat.yml
|
||||
|
||||
- name: Install elastic metricbeat
|
||||
become: true
|
||||
apt:
|
||||
name: metricbeat
|
||||
|
||||
- name: Configure elastic metricbeat
|
||||
include: config-metricbeat.yml
|
@ -1,80 +0,0 @@
|
||||
|
||||
|
||||
- name: Install Elasticsearch
|
||||
hosts: elastic
|
||||
|
||||
tasks:
|
||||
- name: Install Elastic GPG Key
|
||||
become: true
|
||||
apt_key:
|
||||
url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
|
||||
state: present
|
||||
id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
|
||||
|
||||
- name: Install apt-transport-https
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
|
||||
- name: Add Elastic Repo
|
||||
become: true
|
||||
copy:
|
||||
src: elastic-7.x.list
|
||||
dest: /etc/apt/sources.list.d/
|
||||
backup: yes
|
||||
|
||||
- name: Update Packages
|
||||
become: true
|
||||
apt:
|
||||
update_cache: true
|
||||
|
||||
- name: Install ElasticSearch
|
||||
become: true
|
||||
apt:
|
||||
name: elasticsearch
|
||||
|
||||
|
||||
# This will work on a new install.
|
||||
# If any changes are needed to the cluster name on an existing install add another function
|
||||
- name: Config - cluster.name 'elastic-DMI01'
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/elasticsearch/elasticsearch.yml
|
||||
regex: '^cluster.name'
|
||||
insertafter: '#cluster.name: my-application'
|
||||
line: 'cluster.name: elastic-DMI01'
|
||||
backup: yes
|
||||
|
||||
# We define the name of the host we are working on
|
||||
- name: Config - node.name
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/elasticsearch/elasticsearch.yml
|
||||
regex: '^node.name'
|
||||
insertafter: '#node.name: node-1'
|
||||
line: "node.name: {{ ansible_eno1.ipv4.address }}"
|
||||
|
||||
# Allow 9200 so we can access it over the network
|
||||
- name: Allow port 9200 though UFW
|
||||
become: true
|
||||
ufw:
|
||||
rule: allow
|
||||
port: 9200
|
||||
#name: ElasticSearch
|
||||
|
||||
- name: Service reload daemon
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: systemd - enable ElasticSearch on startup
|
||||
become: true
|
||||
systemd:
|
||||
name: elasticsearch
|
||||
enabled: yes
|
||||
|
||||
- name: systemd - restart ElasticSearch service
|
||||
become: true
|
||||
systemd:
|
||||
name: elasticsearch
|
||||
state: restarted
|
||||
|
@ -1,83 +0,0 @@
|
||||
|
||||
- name: Install Kibana
|
||||
hosts: elastic
|
||||
|
||||
tasks:
|
||||
- name: Install Elastic GPG Key
|
||||
become: true
|
||||
apt_key:
|
||||
url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
|
||||
state: present
|
||||
id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
|
||||
|
||||
- name: Install apt-transport-https
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
|
||||
- name: Add Elastic Repo
|
||||
become: true
|
||||
copy:
|
||||
src: elastic-7.x.list
|
||||
dest: /etc/apt/sources.list.d/
|
||||
backup: yes
|
||||
|
||||
- name: Update Packages
|
||||
become: true
|
||||
apt:
|
||||
update_cache: true
|
||||
|
||||
- name: Install kibana
|
||||
become: true
|
||||
apt:
|
||||
name: kibana
|
||||
|
||||
|
||||
- name: Config - Server.Port 5601
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/kibana/kibana.yml
|
||||
regex: '^server.port'
|
||||
insertafter: '#server.port: 5601'
|
||||
line: 'server.port: 5601'
|
||||
backup: yes
|
||||
|
||||
|
||||
- name: Config - Server.host
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/kibana/kibana.yml
|
||||
regex: '^server.host'
|
||||
insertafter: '#server.host'
|
||||
line: 'server.host: {{ ansible_eno1.ipv4.address }}'
|
||||
|
||||
- name: Config - elasticsearch.hosts
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/kibana/kibana.yml
|
||||
regex: '^elasticsearch.hosts'
|
||||
insertafter: '#elasticsearch.hosts:'
|
||||
line: 'elasticsearch.hosts: ["http://localhost:9200"]'
|
||||
|
||||
- name: Allow port 5601
|
||||
become: true
|
||||
ufw:
|
||||
rule: allow
|
||||
port: 5601
|
||||
|
||||
- name: systemd - daemon reload
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: systemd - enable Kibana on startup
|
||||
become: true
|
||||
systemd:
|
||||
name: kibana
|
||||
enabled: yes
|
||||
|
||||
- name: systemd - restart Kibana
|
||||
become: true
|
||||
systemd:
|
||||
name: kibana
|
||||
state: restarted
|
||||
|
@ -1,44 +0,0 @@
|
||||
|
||||
- name: Install Metricbeat
|
||||
hosts: elastic
|
||||
|
||||
tasks:
|
||||
- name: Download metricbeat deb
|
||||
get_url:
|
||||
url: 'https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-7.0.0-amd64.deb'
|
||||
dest: /tmp/metricbeat.deb
|
||||
|
||||
- name: Install metricbeat
|
||||
become: true
|
||||
apt:
|
||||
deb: /tmp/metricbeat.deb
|
||||
|
||||
# - name: enable modules
|
||||
|
||||
- name: define kibana host:
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/metricbeat/metricbeat.yml
|
||||
regex: '^host: "localhost:5601"'
|
||||
insertafter: '#host: "localhost:5601"'
|
||||
line: 'host: '
|
||||
|
||||
|
||||
- name: config where to send information
|
||||
|
||||
- name: systemd - daemon reload
|
||||
become: true
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: Enable service on system startup
|
||||
become: true
|
||||
systemd:
|
||||
name: metricbeat
|
||||
enabed: yes
|
||||
|
||||
- name: systemd - restart Metricbeat
|
||||
become: true
|
||||
systemd:
|
||||
name: metricbeat
|
||||
state: restarted
|
29
playbook/linux/elastic/install-repo.yml
Normal file
29
playbook/linux/elastic/install-repo.yml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
|
||||
- name: Install Elastic GPG Key
|
||||
become: true
|
||||
apt_key:
|
||||
url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
|
||||
state: present
|
||||
id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
|
||||
|
||||
- name: Install apt-transport-https
|
||||
become: true
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
|
||||
- name: Add Elastic Repo
|
||||
become: true
|
||||
copy:
|
||||
dest: '/etc/apt/sources.list.d/elastic-7.x.list'
|
||||
content: "deb https://artifacts.elastic.co/packages/7.x/apt stable main"
|
||||
# copy:
|
||||
#src: elastic-7.x.list
|
||||
# dest: /etc/apt/sources.list.d/
|
||||
# backup: yes
|
||||
|
||||
- name: Update Packages
|
||||
become: true
|
||||
apt:
|
||||
update_cache: true
|
||||
|
27
playbook/linux/elastic/install-server.yml
Normal file
27
playbook/linux/elastic/install-server.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
# This will install all elastic services for a elastic server
|
||||
# ElasticSearch
|
||||
# Kibana
|
||||
|
||||
- name: Install Elastic server programs
|
||||
hosts: elastic
|
||||
|
||||
tasks:
|
||||
- name: Install Requrements
|
||||
include: install-repo.yml
|
||||
|
||||
- name: Install ElasticSearch from apt
|
||||
become: true
|
||||
apt:
|
||||
name: elasticsearch
|
||||
|
||||
- name: Configure ElasticSearch
|
||||
include: config-elasticsearch.yml
|
||||
|
||||
- name: Install Kibana from apt
|
||||
become: true
|
||||
apt:
|
||||
name: kibana
|
||||
|
||||
- name: Configure Kibana
|
||||
include: config-kibana.yml
|
@ -1,25 +0,0 @@
|
||||
- name: Install Nagios Core
|
||||
hosts: nagios
|
||||
|
||||
tasks:
|
||||
- name: Install requrements
|
||||
apt:
|
||||
name: {{ packages }}
|
||||
vars:
|
||||
packages:
|
||||
- install
|
||||
- build-essential
|
||||
- libgd-dev
|
||||
- openssl
|
||||
- libssl-dev
|
||||
- unzip
|
||||
- apache2
|
||||
|
||||
- name: Make Group: Nagios
|
||||
|
||||
|
||||
|
||||
|
||||
- name: Make User: Nagios
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user