Set up ELK using Ansible.
This guide details the steps to set up Windows Subsystem for Linux 2 (WSL 2) with Ubuntu and install Ansible for automation tasks.
Prerequisites:
- Windows 10 version 2004 or later (check
winvercommand) - Administrator privileges
- Virtualization enabled in BIOS (check manufacturer instructions)
-
Turn on WSL features:
- Open Settings > Apps > Optional features.
- Click "Add a feature" and search for "Windows Subsystem for Linux."
- Select it and click "Install."
-
Enable WSL 2 kernel:
- Open a PowerShell window as administrator (right-click Start menu and select "Windows PowerShell (Admin)").
- Run the command:
Set-DefaultFeature -Name VirtualMachinePlatform -Version latest
- Restart your computer when prompted.
-
Install Ubuntu distribution:
- Open the Microsoft Store app.
- Search for "Ubuntu" and choose the desired version (e.g., "Ubuntu 22.04 LTS").
- Click "Install" and wait for the download to complete.
-
Launch Ubuntu:
- Open the Start menu and search for your installed Ubuntu distribution.
- Click on it to launch the Ubuntu terminal.
-
Set up username and password:
- Follow the on-screen instructions to create a username and password for your Ubuntu environment.
-
Update and upgrade packages:
- In the Ubuntu terminal, run the following commands:
sudo apt update sudo apt upgrade -y
-
Add Ansible repository:
sudo apt add-repository ppa:ansible/ansible sudo apt update
-
Install Ansible:
sudo apt install ansible -y
Verification:
-
Check Ansible version:
ansible --version
This command should display the installed Ansible version.
By following these steps, you should successfully set up WSL 2 with Ubuntu and have Ansible installed for automation tasks within your Ubuntu environment. Remember to adjust commands and paths based on your specific version and needs.
Purpose: We need the PEM key file within the WSL environment for SSH to recognize it.
-
Open a WSL terminal.
-
Navigate to your desired directory for the key (e.g.,
cd ~). -
Use the
cpcommand to copy the key from your Windows file system:cp /mnt/c/Path/To/Your/Key.pem ~/.ssh/Replace
/mnt/c/Path/To/Your/Key.pemwith the actual path to your PEM key file on Windows.
chmod 600 ~/.ssh/Key.pemThis ensures only your user can read the key for security. Replace Key.pem with the actual name of your key file.
- Open the configuration file for editing:
nano ~/.ssh/config- Add the following lines, replacing placeholders with your details:
Host YourServerName # Replace with your server's hostname or IP
HostName YourRemoteHost # Replace with your server's hostname or IP
User your_remote_username # Replace with your username on the server
IdentityFile ~/.ssh/Key.pem
- Save and close the file (Ctrl+X, then Y and Enter in nano).
Test the passwordless login before relying on it:
ssh your_remote_username@YourRemoteHost # Replace with your details- Start the ssh-agent:
eval `ssh-agent -s`- Add the private key to the ssh-agent:
ssh-add <path-to-private-key>- Confirm the key has been added:
ssh-add -lYou should see the name of your key.
- Now, ssh into your server using ssh-agent:
ssh -A ubuntu@public-ipReplace public-ip with your server's public IP address.
- Create an Ansible Playbook:
- Create a file named Install_elk.yml in the directory ~/observability_code..
- Paste the following content into the file:
---
- name: Install ELK Stack on Ubuntu with Beats
hosts: elk
become: yes
tasks:
- name: Install Elasticsearch
apt:
name: elasticsearch
state: present
notify: restart elasticsearch
- name: Install Logstash
apt:
name: logstash
state: present
notify: restart logstash
- name: Install Kibana
apt:
name: kibana
state: present
notify: restart kibana
- name: Install Filebeat
apt:
name: filebeat
state: present
notify: restart filebeat
handlers:
- name: restart elasticsearch
service:
name: elasticsearch
state: restarted
enabled: yes
- name: restart logstash
service:
name: logstash
state: restarted
enabled: yes
- name: restart kibana
service:
name: kibana
state: restarted
enabled: yes
- name: restart filebeat
service:
name: filebeat
state: restarted
enabled: yes
Inventory File:
- Ensure that you have an Ansible inventory file named hosts.ini in the same directory as the playbook.
- This file should define the host or hosts where you want to deploy the ELK Stack. In this case, it should contain a group named elk with the hostname or IP address of your target host.
- Run the Playbook:
Open a WSL terminal and navigate to the directory containing Install_elk.yml.
Run the following command to execute the playbook:
ansible-playbook -i hosts.ini install_elk.yml
- Edit the Kibana Configuration File:
- Open a WSL terminal and execute the following command to edit the Kibana configuration file:
sudo nano /etc/kibana/kibana.yml- Make the Necessary Changes:
-
Find and modify the following settings within the configuration file:
- Server.port: 5601 (Ensure this line is present and uncommented)
- server.host: "0.0.0.0" (Set to "0.0.0.0" for accessibility from outside)
- elasticsearch.hosts: ["http://localhost:9200"] (Ensure Elasticsearch address is correct)
- kibana.index: ".kibana" (Ensure this index name is set)
- logging.dest: stdout (Optional for logging to the console)
- Save and Restart Kibana:
-
Press Ctrl+X to exit the editor, pressing Y to confirm saving changes.
-
Restart Kibana for the changes to take effect:
sudo service kibana restart