Fixes for Elasticsearch issue #184 - Testing Elasticsearch functionality when network.host is not localhost.

[rshad]

Hi team!

In this PR, we resolved the error reported in the issue #184.

As @kravietz reported

The test in roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml line 87 only works if the elasticsearch_network_host is set to localhost but ElasticSearch uses this parameter to configure its bind address, so in many real-world instances it will be set to 0.0.0.0 or ::, in which case the test fails.

• name: Make sure Elasticsearch is running before proceeding
  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
  tags:
  - configure
  - init

To solve such issue it's needed to have 2 different variables, 1 for network.host and one for representing Elasticsearch host. In this case, we now have:

• elasticsearch_network_host: 0.0.0.0 : Indicates the hosts which Elasticsearch API will accepts requests from.

network.host
By default, Elasticsearch binds to loopback addresses only — e.g. 127.0.0.1 and [::1]. This is sufficient to run a single development node on a serve

• elasticsearch_host: 127.0.0.1 : By now, it's used to check if Elasticsearch is running by checking if 127.0.0.1:9200 is available.

wazuh-ansible/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml

Lines 261 to 265 in fcb584a

	- name: Make sure Elasticsearch is running before proceeding
	wait_for: host={{ elasticsearch_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
	tags:
	- configure
	- init

wazuh-ansible/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml

Lines 4 to 6 in fcb584a

	elasticsearch_http_port: 9200
	elasticsearch_network_host: 0.0.0.0
	elasticsearch_host: 127.0.0.1

In this case, we set elasticsearch_host to 127.0.0.1 instead of 0.0.0.0 because 0.0.0.0 will not be considered as a valid IP, but will refer to the big-world domain.

We also fixed some Ansible-Linting errors by refactoring Ansible tasks in the role of Elasticsearch.

Kind regards,

Rshad

[manuasir]

Please @rshad , change the PR title.

[manuasir]

I think we should set this default value as 127.0.0.1

[rshad]

Hi @manuasir ,

No problem. We set it to 0.0.0.0 to simulate the error reported in the related issue.

I've just changed its value to 127.0.0.1 in 125b211 .

wazuh-ansible/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml

Line 5 in 125b211

elasticsearch_network_host: 127.0.0.1

.

Kind regards,

Rshad

[manuasir]

Why is the state=latest statement not needed anymore?

[rshad]

Hi @manuasir,

This change came as result to Ansible-Linting error:

Package installs should not use latest reported in this issue: ansible/ansible-lint#479

This change was made in this commit: ansible/ansible-lint@f5fcee4#diff-42252eea388ddb7d54414f584e9ebc78.

Sincerely, and like many other users facing this issue, I think this restriction has no logic due to the need to upgrade a package to its latest version without worrying about specifying a determined one.

Anyway, I think apt will take the last version by default, so no worries.

Kind regards,

Rshad