Last-modified: 2020-11-13 (金) 23:25:44 (1474d)

pb_redmine_server-els_kibana.yml

# install elasticsearch & kibana
# https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rpm.html
# require httpd

- hosts: redmine_servers
  become: true
  become_method: su
  environment: "{{ proxy_env }}"

  tasks:
    - name: facts check
      fail:
        msg: "Not compatible with [{{ ansible_os_family }}] {{ ansible_distribution }} {{ ansible_distribution_major_version }}."
      when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int < 7

    - rpm_key:
        key: https://artifacts.elastic.co/GPG-KEY-elasticsearch
        state: present


    - copy:
        dest: /etc/yum.repos.d/elasticsearch.repo
        force: no
        content: |
          [elasticsearch]
          name=Elasticsearch repository for 7.x packages
          baseurl=https://artifacts.elastic.co/packages/7.x/yum
          gpgcheck=1
          gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
          enabled=1
          autorefresh=1
          type=rpm-md

    - name: install elasticsearch
      yum:
        name: elasticsearch
        state: latest

    - lineinfile:
        dest: /etc/elasticsearch/elasticsearch.yml
        line: "{{ item }}"
      with_items:
        - 'network.host: _local_,_site_'
        - 'transport.host: _local_'

    - name: start elasticsearch
      systemd:
        name: elasticsearch
        state: started
        daemon_reload: yes
        enabled: yes

    - firewalld:
        port: 9200/tcp
        state: enabled
        permanent: true
        immediate: yes


    - copy:
        dest: /etc/yum.repos.d/kibana.repo
        force: no
        content: |
          [kibana-7.x]
          name=Kibana repository for 7.x packages
          baseurl=https://artifacts.elastic.co/packages/7.x/yum
          gpgcheck=1
          gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
          enabled=1
          autorefresh=1
          type=rpm-md

    - name: install kibana
      yum:
        name: kibana
        state: latest

    - lineinfile:
        dest: /etc/kibana/kibana.yml
        insertafter: '^#server.basePath: ""$'
        line: 'server.basePath: "/kibana"'

    - name: start kibana
      systemd:
        name: kibana
        state: started
        daemon_reload: yes
        enabled: yes

    - name: modify httpd.conf for kibana
      copy:
        dest: /etc/httpd/conf.d/proxy-kibana.conf
        force: no
        mode: 0644
        content: |
          <IfModule !proxy_module>
            LoadModule proxy_module modules/mod_proxy.so
          </IfModule>
          <IfModule !proxy_http_module>
            LoadModule proxy_http_module modules/mod_proxy_http.so
          </IfModule>
          ProxyPass        /kibana http://localhost:5601 retry=0
          ProxyPassReverse /kibana http://localhost:5601
      notify:
        - restart Apache

    - name: httpd_can_network_connect
      shell: /usr/sbin/getsebool httpd_can_network_connect
      register: result01
    - shell: /usr/sbin/setsebool -P httpd_can_network_connect 1
      when: result01.stdout == 'httpd_can_network_connect --> off'
      notify:
        - restart Apache

  handlers:

    - name: restart Apache
      systemd:
        name: httpd
        state: restarted
        daemon_reload: yes
ansible-playbook -i inventory.yml pb_redmine_server-els_kibana.yml

pb_redmine_server-filebeat.yml

# install filebeat
# https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html

- hosts: all
  become: true
  become_method: su
  environment: "{{ proxy_env }}"

  vars:
    modules: system auditd apache elasticsearch kibana
    els_host: its.jomura.net:9200

  tasks:
    - name: facts check
      fail:
        msg: "Not compatible with [{{ ansible_os_family }}] {{ ansible_distribution }} {{ ansible_distribution_major_version }}."
      when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int < 7

    - rpm_key:
        key: https://artifacts.elastic.co/GPG-KEY-elasticsearch
        state: present


    - copy:
        dest: /etc/yum.repos.d/elasticsearch.repo
        force: no
        content: |
          [elasticsearch]
          name=Elasticsearch repository for 7.x packages
          baseurl=https://artifacts.elastic.co/packages/7.x/yum
          gpgcheck=1
          gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
          enabled=1
          autorefresh=1
          type=rpm-md

    - name: install filebeat
      yum:
        name: filebeat
        state: latest

    - lineinfile:
        dest: /etc/filebeat/filebeat.yml
        regexp: 'hosts: \["localhost:9200"\]'
        line: "  hosts: [\"{{ els_host }}\"]"

    - shell: "
        /usr/bin/filebeat modules enable {{ modules }}\n
        /usr/bin/filebeat setup -e"

    - name: start filebeat
      systemd:
        name: filebeat
        state: started
        daemon_reload: yes
        enabled: yes
ansible-playbook -i srv1.jomura.net,srv2.jomura.net, pb_redmine_server-filebeat.yml

トップ   編集 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS