openstack/openstack-ansible-ops
Code Issues Proposed changes
openstack-ansible-ops/elk_metrics_6x/vars/variables.yml
Kevin Carter f69d391325 Further tune the playbooks, configs, and thread pool 
* Implements G1 GC optionally. The variable `elastic_g1gc_enabled` has
  been added with a default of false. If this option is set true and the
  system has more than 4GiB of RAM G1GC will be enabled.
* Adds new thread options
* Better constraints coordination nodes
* Interface recover speed has been limited
* Buffer size is now set correctly
* Serialize elk deployment so that upgrades are non-impacting

Change-Id: I89224eeaf4ed29c3bb1d7f8010b69503dbc74e11
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-07-26 18:43:13 +00:00

455 lines
12 KiB
YAML
Raw Blame History

# elk apt repo
elk_repo:
repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
state: "{{ ((elk_package_state | default('present')) == 'absent') | ternary('absent', 'present') }}"
#metricbeats monitoring endpoints
elastic_metricbeat_rabbitmq_monitoring_hosts: '"localhost:15672"'
elastic_metricbeat_haproxy_monitoring_hosts: '"unix:///var/run/haproxy.stat"'
# elastic search vars
elastic_port: 9200
elastic_hap_port: 9201
cluster_name: openstack_elk
node_name: ${HOSTNAME}
elastic_data_interface: "{{ ansible_default_ipv4['alias'] }}"
### Elastic curator variables
## Default retention policy options. All retention options are in days.
# elastic_logstash_retention: 1
# elastic_apm_retention: 1
# elastic_auditbeat_retention: 1
# elastic_filebeat_retention: 1
# elastic_heartbeat_retention: 1
# elastic_journalbeat_retention: 1
# elastic_metricbeat_retention: 1
# elastic_packetbeat_retention: 1
# This is used to calculate the storage a beat could generate per node, per day.
# This constant is used as a multiplier. If the expected storage is larger than
# the actual available storage after the buffer is calculated the multiplier
# will be doubled there-by cutting the potential storage days in half.
elastic_beat_storage_constant: 512
## If any retention policy option is undefined a dynamic fact will be generated.
## Fact will be generated for the general retention using the storage constant
## per node, per index, where a given collector is expected to be deployed. The
## equation used will take the total available storage from the ES data nodes
## subtract 25% divided by the total number of data nodes. That is then divided
## by number of hosts assumed to be a beat target which is multiplied by the
## storage constant.
elastic_beat_retention_policy_hosts:
logstash: "{{ groups['elastic-logstash'] | default([null]) | length }}"
apm: "{{ groups['apm-server'] | default([null]) | length }}"
auditbeat: "{{ (groups['hosts'] | default([null]) | length) * 2 }}"
filebeat: "{{ (groups['hosts'] | default([null]) | length) * 2 }}"
heartbeat: "{{ groups['kibana'][:3] | default([null]) | length }}"
journalbeat: "{{ (groups['all'] | default([null]) | length) * 1.5 }}"
metricbeat: "{{ (groups['all'] | default([null]) | length) * 1.5 }}"
packetbeat: "{{ (groups['hosts'] | default([null]) | length) * 5 }}"
# This is the URL external services can use to communicate with the
# elasticsearch cluster.
elastic_vip_url: >-
{% if internal_lb_vip_address is defined %}
http://{{ internal_lb_vip_address ~ ':' ~ elastic_hap_port }}
{% else %}
http://{{ hostvars[groups['kibana'][0]]['ansible_host'] ~ ':' ~ elastic_port }}
{% endif %}
#define this in host/group vars as needed to mount remote filesystems
#set the client address as appropriate, eth1 assumes osa container mgmt network
#mountpoints and server paths are just examples
#elastic_shared_fs_repos:
# - fstype: nfs4
# src: "<nfs-server-ip>:/esbackup"
# opts: clientaddr="{{ ansible_eth1['ipv4']['address'] }}"
# path: "/elastic-backup"
# state: mounted
# EXPERIMENTAL - When the heap size for a given elastic node is graeter than
# 4GiB the G1 garbage collector can be enabled. This is an
# experimental feature and may be removed later.
elastic_g1gc_enabled: false
# kibana vars
kibana_interface: 0.0.0.0
kibana_port: 5601
kibana_username: admin
kibana_password: admin
kibana_nginx_port: 81
kibana_server_name: "{{ ansible_hostname }}"
kibana_index_on_elasticsearch: "http://{{ hostvars[groups['elastic-logstash'][0]]['ansible_host'] }}:{{ elastic_port}}/.kibana"
kibana_elastic_request_timeout: 600000
# logstash vars
logstash_beat_input_port: 5044
logstash_deploy_filters: true
## Logstash config showing a complete kafka setup using SSL for authentication.
# logstash_kafka_options:
# codec: json
# topic_id: "elk_kafka"
# ssl_key_password: "{{ logstash_kafka_ssl_key_password }}"
# ssl_keystore_password: "{{ logstash_kafka_ssl_keystore_password }}"
# ssl_keystore_location: "/var/lib/logstash/{{ logstash_kafka_ssl_keystore_location | basename }}"
# ssl_truststore_location: "/var/lib/logstash/{{ logstash_kafka_ssl_truststore_location | basename }}"
# ssl_truststore_password: "{{ logstash_kafka_ssl_truststore_password }}"
# bootstrap_servers:
# - server1.local:9092
# - server2.local:9092
# - server3.local:9092
# client_id: "elk_metrics_6x"
# compression_type: "gzip"
# security_protocol: "SSL"
## The following variables are options that correspond to the
## `logstash_kafka_options` variable.
# logstash_kafka_ssl_key_password: "secrete"
# logstash_kafka_ssl_keystore_password: "secrete"
# logstash_kafka_ssl_truststore_password: "secrete"
# logstash_kafka_ssl_keystore_location: "/root/kafka/keystore.jks"
# logstash_kafka_ssl_truststore_location: "/root/kafka/truststore.jks"
# APM vars
apm_interface: 0.0.0.0
apm_port: 8200
# Beat options
heartbeat_services:
- group: "{{ groups['galera_all'] | default([]) }}"
name: galera
ports:
- 9200
type: http
method: HEAD
path: "/"
- group: "{{ groups['galera_all'] | default([]) }}"
name: galera
ports:
- 3306
type: tcp
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo-git
ports:
- 9418
type: tcp
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo-server
ports:
- 8181
type: http
method: HEAD
path: "/"
- group: "{{ groups['repo_all'] | default([]) }}"
name: repo-acng
ports:
- 3142
type: http
method: HEAD
path: "/acng-report.html"
- group: "{{ groups['glance_api'] | default([]) }}"
name: glance-api
ports:
- 9292
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['glance_api'] | default([]) }}"
name: glance-registry
ports:
- 9191
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['gnocchi_all'] | default([]) }}"
name: gnocchi-api
ports:
- 8041
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['heat_api_cfn'] | default([]) }}"
name: heat-cfn-api
ports:
- 8000
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['heat_api'] | default([]) }}"
name: heat-api
ports:
- 8004
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['keystone_all'] | default([]) }}"
name: keystone-api
ports:
- 5000
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['neutron_server'] | default([]) }}"
name: neutron-server
ports:
- 9696
type: http
method: GET
path: "/"
- group: "{{ groups['nova_api_metadata'] | default([]) }}"
name: nova-api-metadata
ports:
- 8775
type: http
method: HEAD
path: "/"
- group: "{{ groups['nova_api_os_compute'] | default([]) }}"
name: nova-api-compute
ports:
- 8774
type: http
method: HEAD
path: "/"
- group: "{{ groups['nova_api_placement'] | default([]) }}"
name: nova-api-placement
ports:
- 8780
type: http
method: GET
path: "/"
- group: "{{ groups['nova_console'] | default([]) }}"
name: nova-console
ports:
- 6080
- 6082
- 6083
type: tcp
- group: "{{ groups['cinder_api'] | default([]) }}"
name: cinder-api
ports:
- 8776
type: http
method: HEAD
path: "/"
check_response:
status: 300
- group: "{{ groups['horizon_all'] | default([]) }}"
name: horizon
ports:
- 80
- 443
type: http
method: HEAD
path: "/"
- group: "{{ groups['sahara_api'] | default([]) }}"
name: sahara-api
ports:
- 8386
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['swift_proxy'] | default([]) }}"
name: swift-proxy
ports:
- 8080
type: http
method: HEAD
path: "/healthcheck"
- group: "{{ groups['aodh_api'] | default([]) }}"
name: aodh-api
ports:
- 8042
type: http
method: HEAD
path: "/"
- group: "{{ groups['ironic_api'] | default([]) }}"
name: ironic-api
ports:
- 6385
type: http
method: HEAD
path: "/"
- group: "{{ groups['rabbitmq_all'] | default([]) }}"
name: rabbitmq-management
ports:
- 15672
type: http
method: HEAD
path: "/"
- group: "{{ groups['rabbitmq_all'] | default([]) }}"
name: rabbitmq-access
ports:
- 5672
- 5671
type: tcp
- group: "{{ groups['magnum_all'] | default([]) }}"
name: magnum-api
ports:
- 9511
type: http
method: HEAD
path: "/"
- group: "{{ groups['trove_api'] | default([]) }}"
name: trove-api
ports:
- 8779
type: http
method: HEAD
path: "/"
- group: "{{ groups['barbican_api'] | default([]) }}"
name: barbican-api
ports:
- 9311
type: http
method: HEAD
path: "/"
- group: "{{ groups['designate_api'] | default([]) }}"
name: designate-api
ports:
- 9001
type: http
method: HEAD
path: "/"
- group: "{{ groups['octavia_all'] | default([]) }}"
name: octavia-api
ports:
- 9876
type: http
method: HEAD
path: "/"
- group: "{{ groups['tacker_all'] | default([]) }}"
name: tacker-api
ports:
- 9890
type: http
method: HEAD
path: "/"
- group: "{{ groups['neutron_server'] | default([]) }}"
name: opendaylight
ports:
- 8180
- 8185
type: tcp
- group: "{{ groups['neutron_server'] | default([]) }}"
name: ceph-rgw
ports:
- 7980
type: http
method: HEAD
path: "/"
# apm
apm_token: SuperSecrete
# Grafana
grafana_dashboards:
- dashboard_id: 5566
revision_id: 5
datasource: "metricbeat-Elasticsearch"
- dashboard_id: 5569
revision_id: 3
datasource: "filebeat-Elasticsearch"
grafana_datasources:
- name: "all-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: true
database: "*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "auditbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "auditbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "filebeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "filebeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "heartbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "heartbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "metricbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "metricbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
- name: "packetbeat-Elasticsearch"
type: "elasticsearch"
access: "proxy"
url: "{{ elastic_vip_url }}"
basicAuth: false
basicAuthUser: ""
basicAuthPassword: ""
isDefault: false
database: "packetbeat-*"
jsonData:
esVersion: 56
keepCookies: []
maxConcurrentShardRequests: 256
timeField: "@timestamp"
timeInterval: ">10s"
View Git Blame Copy Permalink