openstack/openstack-ansible-ops
Code Issues Proposed changes
openstack-ansible-ops/elk_metrics_6x/vars/variables.yml
Kevin Carter 7a32b5c9a9 Add additional ES cluster tuning 
The following options will reduce cluster pressure and generally
improve search performance.

Change-Id: I1619680db1fd595503f0845b182d6f6ce4c59f3c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-07-16 22:52:40 +00:00

439 lines
11 KiB
YAML
Raw Blame History

# elk apt repo
elk_repo:
repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
state: "{{ ((elk_package_state | default('present')) == 'absent') | ternary('absent', 'present') }}"
#metricbeats monitoring endpoints
elastic_metricbeat_rabbitmq_monitoring_hosts: '"localhost:15672"'
elastic_metricbeat_haproxy_monitoring_hosts: '"unix:///var/run/haproxy.stat"'
# elastic search vars
elastic_port: 9200
elastic_hap_port: 9201
cluster_name: openstack_elk
node_name: ${HOSTNAME}
elastic_data_interface: "{{ ansible_default_ipv4['alias'] }}"
### Elastic curator variables
## Default retention policy options. All retention options are in days.
# elastic_logstash_retention: 1
# elastic_apm_retention: 1
# elastic_auditbeat_retention: 1
# elastic_filebeat_retention: 1
# elastic_heartbeat_retention: 1
# elastic_journalbeat_retention: 1
# elastic_metricbeat_retention: 1
# elastic_packetbeat_retention: 1
# This is used to calculate the storage a beat could generate per node, per day.
# This constant is used as a multiplier. If the expected storage is larger than
# the actual available storage after the buffer is calculated the multiplier
# will be doubled there-by cutting the potential storage days in half.
elastic_beat_storage_constant: 512
## If any retention policy option is undefined a dynamic fact will be generated.
## Fact will be generated for the general retention using the storage constant
## per node, per index, where a given collector is expected to be deployed. The
## equation used will take the total available storage from the ES data nodes
## subtract 25% divided by the total number of data nodes. That is then divided
## by number of hosts assumed to be a beat target which is multiplied by the
## storage constant.
elastic_beat_retention_policy_hosts:
logstash: "{{ groups['elastic-logstash'] | default([null]) | length }}"
apm: "{{ groups['apm-server'] | default([null]) | length }}"
auditbeat: "{{ groups['hosts'] | default([null]) | length }}"
filebeat: "{{ groups['hosts'] | default([null]) | length }}"
heartbeat: "{{ groups['utility_all'] | default([null]) | length }}"
journalbeat: "{{ groups['all'] | default([null]) | length }}"
metricbeat: "{{ groups['all'] | default([null]) | length }}"
packetbeat: "{{ groups['hosts'] | default([null]) | length }}"
# This is the URL external services can use to communicate with the
# elasticsearch cluster.
elastic_vip_url: >-
{% if internal_lb_vip_address is defined %}
http://{{ internal_lb_vip_address ~ ':' ~ elastic_hap_port }}
{% else %}
http://{{ hostvars[groups['kibana'][0]]['ansible_host'] ~ ':' ~ elastic_port }}
{% endif %}
# kibana vars
kibana_interface: 0.0.0.0
kibana_port: 5601
kibana_username: admin
kibana_password: admin
kibana_nginx_port: 81
kibana_server_name: "{{ ansible_hostname }}"
kibana_index_on_elasticsearch: "http://{{ hostvars[groups['elastic-logstash'][0]]['ansible_host'] }}:{{ elastic_port}}/.kibana"
# logstash vars
logstash_beat_input_port: 5044
logstash_deploy_filters: true
## Logstash config showing a complete kafka setup using SSL for authentication.
# logstash_kafka_options:
# codec: json
# topic_id: "elk_kafka"
# ssl_key_password: "{{ logstash_kafka_ssl_key_password }}"
# ssl_keystore_password: "{{ logstash_kafka_ssl_keystore_password }}"
# ssl_keystore_location: "/var/lib/logstash/{{ logstash_kafka_ssl_keystore_location | basename }}"
# ssl_truststore_location: "/var/lib/logstash/{{ logstash_kafka_ssl_truststore_location | basename }}"
# ssl_truststore_password: "{{ logstash_kafka_ssl_truststore_password }}"
# bootstrap_servers:
# - server1.local:9092
# - server2.local:9092
# - server3.local:9092
# client_id: "elk_metrics_6x"
# compression_type: "gzip"
# security_protocol: "SSL"
## The following variables are options that correspond to the
## `logstash_kafka_options` variable.
# logstash_kafka_ssl_key_password: "secrete"
# logstash_kafka_ssl_keystore_password: "secrete"
# logstash_kafka_ssl_truststore_password: "secrete"
# logstash_kafka_ssl_keystore_location: "/root/kafka/keystore.jks"
# logstash_kafka_ssl_truststore_location: "/root/kafka/truststore.jks"
# APM vars
apm_interface: 0.0.0.0
apm_port: 8200
# Beat options
heartbeat_services:
- group: "{{ groups['galera_all'] | default([]) }}"
name: galera HTTP
ports:
- 9200
type: http
method: HEAD
path: "/"
- group: "{{ groups['galera_all'] | default([]) }}"
name: galera TCP
ports:
- 3306
type: tcp
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo git
ports:
- 9418
type: tcp
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo server
ports:
- 8181
type: http
method: HEAD
path: "/"
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo acng
ports:
- 3142
type: http
method: HEAD
path: "/acng-report.html"
- group: "{{ groups['glance_api'] | default([]) }}"
name: glance api
ports:
- 9292
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['glance_api'] | default([]) }}"
name: glance registry
ports:
- 9191
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['gnocchi_all'] | default([]) }}"
name: gnocchi api
ports:
- 8041
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['heat_api_cfn'] | default([]) }}"
name: heat cfn api
ports:
- 8000
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['heat_api'] | default([]) }}"
name: heat api
ports:
- 8004
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['keystone_all'] | default([]) }}"
name: keystone api
ports:
- 5000
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['neutron_server'] | default([]) }}"
name: neutron server
ports:
- 9696
type: http
method: GET
path: "/"
- group: "{{ groups['nova_api_metadata'] | default([]) }}"
name: nova api metadata
ports:
- 8775
type: http
method: HEAD
path: "/"
- group: "{{ groups['nova_api_os_compute'] | default([]) }}"
name: nova api compute
ports:
- 8774
type: http
method: HEAD
path: "/"
- group: "{{ groups['nova_api_placement'] | default([]) }}"
name: nova api placement
ports:
- 8780
type: http
method: GET
path: "/"
- group: "{{ groups['nova_console'] | default([]) }}"
name: nova console
ports:
- 6080
- 6082
- 6083
type: tcp
- group: "{{ groups['cinder_api'] | default([]) }}"
name: cinder api
ports:
- 8776
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['horizon_all'] | default([]) }}"
name: horizon
ports:
- 80
- 443
type: http
method: HEAD
path: "/"
- group: "{{ groups['sahara_api'] | default([]) }}"
name: sahara api
ports:
- 8386
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['swift_proxy'] | default([]) }}"
name: swift proxy
ports:
- 8080
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['aodh_api'] | default([]) }}"
name: aodh api
ports:
- 8042
type: http
method: HEAD
path: "/"
- group: "{{ groups['ironic_api'] | default([]) }}"
name: ironic api
ports:
- 6385
type: http
method: HEAD
path: "/"
- group: "{{ groups['rabbitmq_all'] | default([]) }}"
name: rabbitmq management
ports:
- 15672
type: http
method: HEAD
path: "/"
- group: "{{ groups['rabbitmq_all'] | default([]) }}"
name: rabbitmq access
ports:
- 5672
- 5671
type: tcp
- group: "{{ groups['magnum_all'] | default([]) }}"
name: magnum api
ports:
- 9511
type: http
method: HEAD
path: "/"
- group: "{{ groups['trove_api'] | default([]) }}"
name: trove api
ports:
- 8779
type: http
method: HEAD
path: "/"
- group: "{{ groups['barbican_api'] | default([]) }}"
name: barbican api
ports:
- 9311
type: http
method: HEAD
path: "/"
- group: "{{ groups['designate_api'] | default([]) }}"
name: designate api
ports:
- 9001
type: http
method: HEAD
path: "/"
- group: "{{ groups['octavia_all'] | default([]) }}"
name: octavia api
ports:
- 9876
type: http
method: HEAD
path: "/"
- group: "{{ groups['tacker_all'] | default([]) }}"
name: tracker api
ports:
- 9890
type: http
method: HEAD
path: "/"
- group: "{{ groups['neutron_server'] | default([]) }}"
name: opendaylight
ports:
- 8180
- 8185
type: tcp
- group: "{{ groups['neutron_server'] | default([]) }}"
name: ceph-rgw
ports:
- 7980
type: http
method: HEAD
path: "/"
# apm
apm_token: SuperSecrete
# Grafana
grafana_dashboards:
- dashboard_id: 5566
revision_id: 5
datasource: "metricbeat-Elasticsearch"
- dashboard_id: 5569
revision_id: 3
datasource: "filebeat-Elasticsearch"
grafana_datasources:
- name: "all-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: true
database: "*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "auditbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "auditbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "filebeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "filebeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "heartbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "heartbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "metricbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "metricbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "packetbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "packetbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
View Git Blame Copy Permalink