openstack/openstack-ansible-ops
Code Issues Proposed changes
openstack-ansible-ops/elk_metrics_6x/vars/variables.yml
Kevin Carter b6a9a6fc7a Add dynamic retention policies to curator 
The curator retention policies will now query the storage nodes within
a given deployment and set a suitable index retention policy based on
the total amount of storage each index is assumed to produce every day.
To ensure we're minimizing the storage required and optimizing search
performance several actions are now being taken:

* Indexes will be shrunk after a quarter of their retention time.
* Indexes will be deleted should they exceed the retention time.

Change-Id: I8bf548620b5404d25deaadba8fda93452ef64fa0
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-07-12 17:03:40 +00:00

437 lines
11 KiB
YAML
Raw Blame History

# elk apt repo
elk_repo:
repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
state: "{{ ((elk_package_state | default('present')) == 'absent') | ternary('absent', 'present') }}"
#metricbeats monitoring endpoints
elastic_metricbeat_rabbitmq_monitoring_hosts: '"localhost:15672"'
elastic_metricbeat_haproxy_monitoring_hosts: '"unix:///var/run/haproxy.stat"'
# elastic search vars
elastic_port: 9200
elastic_hap_port: 9201
cluster_name: openstack_elk
node_name: ${HOSTNAME}
### Elastic curator variables
## Default retention policy options. All retention options are in days.
# elastic_logstash_retention: 1
# elastic_apm_retention: 1
# elastic_auditbeat_retention: 1
# elastic_filebeat_retention: 1
# elastic_heartbeat_retention: 1
# elastic_journalbeat_retention: 1
# elastic_metricbeat_retention: 1
# elastic_packetbeat_retention: 1
# This is used to calculate the storage a beat could generate per node, per day.
# This constant is used as a multiplier. If the expected storage is larger than
# the actual available storage after the buffer is calculated the multiplier
# will be doubled there-by cutting the potential storage days in half.
elastic_beat_storage_constant: 512
## If any retention policy option is undefined a dynamic fact will be generated.
## Fact will be generated for the general retention using the storage constant
## per node, per index, where a given collector is expected to be deployed. The
## equation used will take the total available storage from the ES data nodes
## subtract 25% divided by the total number of data nodes. That is then divided
## by number of hosts assumed to be a beat target which is multiplied by the
## storage constant.
elastic_beat_retention_policy_hosts:
logstash: "{{ groups['elastic-logstash'] | default([null]) | length }}"
apm: "{{ groups['apm-server'] | default([null]) | length }}"
auditbeat: "{{ groups['hosts'] | default([null]) | length }}"
filebeat: "{{ groups['hosts'] | default([null]) | length }}"
heartbeat: "{{ groups['utility_all'] | default([null]) | length }}"
journalbeat: "{{ groups['all'] | default([null]) | length }}"
metricbeat: "{{ groups['all'] | default([null]) | length }}"
packetbeat: "{{ groups['hosts'] | default([null]) | length }}"
# This is the URL external services can use to communicate with the
# elasticsearch cluster.
elastic_vip_url: >-
{% if internal_lb_vip_address is defined %}
http://{{ internal_lb_vip_address ~ ':' ~ elastic_hap_port }}
{% else %}
http://{{ hostvars[groups['kibana'][0]]['ansible_host'] ~ ':' ~ elastic_port }}
{% endif %}
# kibana vars
kibana_interface: 0.0.0.0
kibana_port: 5601
kibana_username: admin
kibana_password: admin
kibana_nginx_port: 81
kibana_server_name: "{{ ansible_hostname }}"
kibana_index_on_elasticsearch: "http://{{ hostvars[groups['elastic-logstash'][0]]['ansible_host'] }}:{{ elastic_port}}/.kibana"
# logstash vars
logstash_beat_input_port: 5044
logstash_deploy_filters: true
## Logstash config showing a complete kafka setup using SSL for authentication.
# logstash_kafka_options:
# codec: json
# topic_id: "elk_kafka"
# ssl_key_password: "{{ logstash_kafka_ssl_key_password }}"
# ssl_keystore_password: "{{ logstash_kafka_ssl_keystore_password }}"
# ssl_keystore_location: "/var/lib/logstash/{{ logstash_kafka_ssl_keystore_location | basename }}"
# ssl_truststore_location: "/var/lib/logstash/{{ logstash_kafka_ssl_truststore_location | basename }}"
# ssl_truststore_password: "{{ logstash_kafka_ssl_truststore_password }}"
# bootstrap_servers:
# - server1.local:9092
# - server2.local:9092
# - server3.local:9092
# client_id: "elk_metrics_6x"
# compression_type: "gzip"
# security_protocol: "SSL"
## The following variables are options that correspond to the
## `logstash_kafka_options` variable.
# logstash_kafka_ssl_key_password: "secrete"
# logstash_kafka_ssl_keystore_password: "secrete"
# logstash_kafka_ssl_truststore_password: "secrete"
# logstash_kafka_ssl_keystore_location: "/root/kafka/keystore.jks"
# logstash_kafka_ssl_truststore_location: "/root/kafka/truststore.jks"
# APM vars
apm_interface: 0.0.0.0
apm_port: 8200
# Beat options
heartbeat_services:
- group: "{{ groups['galera_all'] | default([]) }}"
name: galera HTTP
ports:
- 9200
type: http
method: HEAD
path: "/"
- group: "{{ groups['galera_all'] | default([]) }}"
name: galera TCP
ports:
- 3306
type: tcp
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo git
ports:
- 9418
type: tcp
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo server
ports:
- 8181
type: http
method: HEAD
path: "/"
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo acng
ports:
- 3142
type: http
method: HEAD
path: "/acng-report.html"
- group: "{{ groups['glance_api'] | default([]) }}"
name: glance api
ports:
- 9292
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['glance_api'] | default([]) }}"
name: glance registry
ports:
- 9191
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['gnocchi_all'] | default([]) }}"
name: gnocchi api
ports:
- 8041
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['heat_api_cfn'] | default([]) }}"
name: heat cfn api
ports:
- 8000
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['heat_api'] | default([]) }}"
name: heat api
ports:
- 8004
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['keystone_all'] | default([]) }}"
name: keystone api
ports:
- 5000
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['neutron_server'] | default([]) }}"
name: neutron server
ports:
- 9696
type: http
method: GET
path: "/"
- group: "{{ groups['nova_api_metadata'] | default([]) }}"
name: nova api metadata
ports:
- 8775
type: http
method: HEAD
path: "/"
- group: "{{ groups['nova_api_os_compute'] | default([]) }}"
name: nova api compute
ports:
- 8774
type: http
method: HEAD
path: "/"
- group: "{{ groups['nova_api_placement'] | default([]) }}"
name: nova api placement
ports:
- 8780
type: http
method: GET
path: "/"
- group: "{{ groups['nova_console'] | default([]) }}"
name: nova console
ports:
- 6080
- 6082
- 6083
type: tcp
- group: "{{ groups['cinder_api'] | default([]) }}"
name: cinder api
ports:
- 8776
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['horizon_all'] | default([]) }}"
name: horizon
ports:
- 80
- 443
type: http
method: HEAD
path: "/"
- group: "{{ groups['sahara_api'] | default([]) }}"
name: sahara api
ports:
- 8386
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['swift_proxy'] | default([]) }}"
name: swift proxy
ports:
- 8080
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['aodh_api'] | default([]) }}"
name: aodh api
ports:
- 8042
type: http
method: HEAD
path: "/"
- group: "{{ groups['ironic_api'] | default([]) }}"
name: ironic api
ports:
- 6385
type: http
method: HEAD
path: "/"
- group: "{{ groups['rabbitmq_all'] | default([]) }}"
name: rabbitmq management
ports:
- 15672
type: http
method: HEAD
path: "/"
- group: "{{ groups['rabbitmq_all'] | default([]) }}"
name: rabbitmq access
ports:
- 5672
- 5671
type: tcp
- group: "{{ groups['magnum_all'] | default([]) }}"
name: magnum api
ports:
- 9511
type: http
method: HEAD
path: "/"
- group: "{{ groups['trove_api'] | default([]) }}"
name: trove api
ports:
- 8779
type: http
method: HEAD
path: "/"
- group: "{{ groups['barbican_api'] | default([]) }}"
name: barbican api
ports:
- 9311
type: http
method: HEAD
path: "/"
- group: "{{ groups['designate_api'] | default([]) }}"
name: designate api
ports:
- 9001
type: http
method: HEAD
path: "/"
- group: "{{ groups['octavia_all'] | default([]) }}"
name: octavia api
ports:
- 9876
type: http
method: HEAD
path: "/"
- group: "{{ groups['tacker_all'] | default([]) }}"
name: tracker api
ports:
- 9890
type: http
method: HEAD
path: "/"
- group: "{{ groups['neutron_server'] | default([]) }}"
name: opendaylight
ports:
- 8180
- 8185
type: tcp
- group: "{{ groups['neutron_server'] | default([]) }}"
name: ceph-rgw
ports:
- 7980
type: http
method: HEAD
path: "/"
# apm
apm_token: SuperSecrete
# Grafana
grafana_dashboards:
- dashboard_id: 5566
revision_id: 5
datasource: "metricbeat-Elasticsearch"
- dashboard_id: 5569
revision_id: 3
datasource: "filebeat-Elasticsearch"
grafana_datasources:
- name: "all-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: true
database: "*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "auditbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "auditbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "filebeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "filebeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "heartbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "heartbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "metricbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "metricbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "packetbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "packetbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
View Git Blame Copy Permalink