openstack/openstack-ansible-ops
Code Issues Proposed changes
openstack-ansible-ops/elk_metrics_6x/roles/elastic_logstash/tasks/main.yml
Kevin Carter 4c86cb9be2
Add changes to the sysconfig defaults file 
These changes mirror systemd tunables for elasticsearch and are needed
to ensure any OS without systemd (like Ubuntu 14.04) has the same
capabilities and OS's with systemd. This also adds a specific sysctl
file to use when making sysctl changes. This will ensure we're not
subjecting our deployment to other changes from other sources, like an
OSA playbook run.

Change-Id: Ic0e0bc0f93a12298c1e2f634cf5a1b4c6be2995e
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-09-27 09:44:09 -05:00

222 lines
6.0 KiB
YAML
Raw Blame History

---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
- "{{ ansible_os_family | lower }}.yml"
tags:
- always
- name: Ensure Logstash is installed
package:
name: "{{ logstash_distro_packages }}"
state: "{{ elk_package_state | default('present') }}"
update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
register: _package_task
until: _package_task is success
retries: 3
delay: 2
notify:
- Enable and restart logstash
tags:
- package_install
- name: Create logstash systemd service config dir
file:
path: "/etc/systemd/system/logstash.service.d"
state: "directory"
group: "root"
owner: "root"
mode: "0755"
when:
- ansible_service_mgr == 'systemd'
- name: Apply systemd options
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "0644"
when:
- ansible_service_mgr == 'systemd'
with_items:
- src: "systemd.general-overrides.conf.j2"
dest: "/etc/systemd/system/logstash.service.d/logstash-overrides.conf"
notify:
- Enable and restart logstash
- name: Set sysconfig service defaults
lineinfile:
path: "{{ logstash_sysconfig_path }}"
regexp: '^{{ item.key }}='
line: '{{ item.key }}={{ item.value }}'
with_items:
- key: LS_OPEN_FILES
value: 32768
- name: Drop jvm conf file(s)
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- src: "jvm.options.j2"
dest: "/etc/logstash/jvm.options"
notify:
- Enable and restart logstash
- name: Check queue type
block:
- name: Get block device for logstash
command: findmnt -no SOURCE --target=/var/lib/logstash
changed_when: false
register: _logstash_block_device
- name: Set device fact
set_fact:
_logstash_device: "{{ _logstash_block_device.stdout.split('/')[-1] | regex_replace('[0-9]$','') }}"
- name: Set device info fact
set_fact:
_logstash_device_info: "{{ ansible_devices[_logstash_device] }}"
- name: Set persisted queue fact
set_fact:
logstash_queue_type: "{{ ((_logstash_device_info['rotational'] | int) != 1) | ternary('persisted', 'memory') }}"
rescue:
- name: Set persisted queue fact (fallback)
set_fact:
logstash_queue_type: memory
when:
- logstash_queue_type is undefined
- name: Systemd memory backed queue block
block:
- name: Get logstash UID
command: id -u logstash
register: logstash_uid
changed_when: false
when:
- ansible_service_mgr == 'systemd'
- name: Get logstash GID
command: id -g logstash
register: logstash_gid
changed_when: false
when:
- ansible_service_mgr == 'systemd'
- name: Run the systemd mount role
include_role:
name: systemd_mount
private: true
vars:
systemd_mounts:
- what: "tmpfs"
where: "/var/lib/logstash/queue"
type: "tmpfs"
options: "size={{ (q_mem | int) // 2 }}m,uid={{ logstash_uid.stdout }},gid={{ logstash_gid.stdout }},nodev,nodiratime,noatime"
unit:
Before:
- logstash.service
state: 'started'
enabled: true
when:
- ansible_service_mgr == 'systemd'
- name: Apply fstab options for memory queues
mount:
path: /var/lib/logstash/queue
src: tmpfs
fstype: tmpfs
opts: size={{ (q_mem | int) // 2 }}m
state: mounted
when:
- ansible_service_mgr != 'systemd'
when:
- logstash_queue_type == 'memory'
- name: Create patterns directory
file:
name: "/opt/logstash/patterns"
owner: "logstash"
group: "logstash"
state: directory
tags:
- logstash-patterns
- name: Logstash Extra Patterns
template:
src: "extras"
dest: "/opt/logstash/patterns/extras"
owner: "logstash"
group: "logstash"
when:
- logstash_deploy_filters
notify:
- Enable and restart logstash
tags:
- logstash-filters
- config
- name: Run kafka ssl deployment
include_tasks: logstash_kafka_ssl.yml
when:
- logstash_kafka_options is defined
- logstash_kafka_ssl_keystore_location is defined
- name: Drop logstash conf file(s)
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- src: "logstash.yml.j2"
dest: "/etc/logstash/logstash.yml"
- src: "logstash-pipelines.yml.j2"
dest: "/etc/logstash/pipelines.yml"
notify:
- Enable and restart logstash
tags:
- config
- name: Ensure logstash ownership
file:
path: "/var/lib/logstash/"
owner: logstash
group: logstash
recurse: true
register: l_perms
until: l_perms is success
retries: 3
delay: 1
- name: Ensure logstash tmp dir
file:
path: "/var/lib/logstash/tmp"
state: directory
owner: "logstash"
group: "logstash"
mode: "0750"
- name: Deploy arcsight collector
include_tasks: logstash_arcsight.yml
when:
- logstash_arcsight_smart_connectors or
logstash_arcsight_event_brokers
View Git Blame Copy Permalink