-
Notifications
You must be signed in to change notification settings - Fork 78
/
main.yml
231 lines (208 loc) · 6.31 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
- "{{ ansible_os_family | lower }}.yml"
tags:
- always
- name: Ensure Logstash is installed
package:
name: "{{ logstash_distro_packages }}"
state: "{{ elk_package_state | default('present') }}"
update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
register: _package_task
until: _package_task is success
retries: 3
delay: 2
notify:
- Enable and restart logstash
tags:
- package_install
- name: Create logstash systemd service config dir
file:
path: "/etc/systemd/system/logstash.service.d"
state: "directory"
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/logstash.service.d/logstash-overrides.conf"
notify:
- Enable and restart logstash
- name: Set sysconfig service defaults
lineinfile:
path: "{{ logstash_sysconfig_path }}"
regexp: '^{{ item.key }}='
line: '{{ item.key }}={{ item.value }}'
with_items:
- key: LS_OPEN_FILES
value: 32768
- name: Set service specific haap size
set_fact:
_service_heap_size: "{{ logstash_heap_size }}"
when:
- logstash_heap_size is defined
- name: Drop jvm conf file(s)
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- src: "jvm.options.j2"
dest: "/etc/logstash/jvm.options"
notify:
- Enable and restart logstash
- name: Check queue type
block:
- name: Get block device for logstash
command: findmnt -vno SOURCE --target=/var/lib/logstash
changed_when: false
register: _logstash_block_device
- name: Set device fact
set_fact:
_logstash_device: "{{ _logstash_block_device.stdout.split('/')[-1] | regex_replace('[0-9]$','') }}"
- name: Set device info fact
set_fact:
_logstash_device_info: "{{ ansible_devices[_logstash_device] }}"
- name: Set persisted queue fact
set_fact:
logstash_queue_type: "{{ ((_logstash_device_info['rotational'] | int) != 1) | ternary('persisted', 'memory') }}"
rescue:
- name: Set persisted queue fact (fallback)
set_fact:
logstash_queue_type: memory
when:
- logstash_queue_type is undefined
- name: Systemd memory backed queue block
block:
- name: Get logstash UID
command: id -u logstash
register: logstash_uid
changed_when: false
when:
- ansible_service_mgr == 'systemd'
- name: Get logstash GID
command: id -g logstash
register: logstash_gid
changed_when: false
when:
- ansible_service_mgr == 'systemd'
- name: Read logstash queue path
command: "readlink -f /var/lib/logstash/queue"
register: logstash_queue_path
changed_when: false
- name: Run the systemd mount role
include_role:
name: systemd_mount
vars:
systemd_mounts:
- what: "tmpfs"
where: "{{ logstash_queue_path.stdout.strip() }}"
type: "tmpfs"
options: "size={{ (q_mem | int) // 2 }}m,uid={{ logstash_uid.stdout }},gid={{ logstash_gid.stdout }},nodev,nodiratime,noatime"
unit:
Before:
- logstash.service
state: 'started'
enabled: true
when:
- ansible_service_mgr == 'systemd'
- name: Apply fstab options for memory queues
mount:
path: "{{ logstash_queue_path.stdout.strip() }}"
src: tmpfs
fstype: tmpfs
opts: size={{ (q_mem | int) // 2 }}m
state: mounted
when:
- ansible_service_mgr != 'systemd'
when:
- logstash_queue_type == 'memory'
- name: Create patterns directory
file:
name: "/opt/logstash/patterns"
owner: "logstash"
group: "logstash"
state: directory
tags:
- logstash-patterns
- name: Logstash Extra Patterns
template:
src: "extras"
dest: "/opt/logstash/patterns/extras"
owner: "logstash"
group: "logstash"
when:
- logstash_deploy_filters
notify:
- Enable and restart logstash
tags:
- logstash-filters
- config
- name: Run kafka ssl deployment
include_tasks: logstash_kafka_ssl.yml
when:
- logstash_kafka_options is defined
- logstash_kafka_ssl_keystore_location is defined
- name: Drop logstash conf file(s)
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- src: "logstash.yml.j2"
dest: "/etc/logstash/logstash.yml"
- src: "logstash-pipelines.yml.j2"
dest: "/etc/logstash/pipelines.yml"
notify:
- Enable and restart logstash
tags:
- config
- name: Ensure logstash ownership
file:
path: "/var/lib/logstash/"
owner: logstash
group: logstash
recurse: true
register: l_perms
until: l_perms is success
retries: 3
delay: 1
- name: Ensure logstash tmp dir
file:
path: "/var/lib/logstash/tmp"
state: directory
owner: "logstash"
group: "logstash"
mode: "0750"
- name: Deploy arcsight collector
include_tasks: logstash_arcsight.yml
when:
- logstash_arcsight_smart_connectors or
logstash_arcsight_event_brokers