This repository has been archived by the owner on Jul 26, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fixes #47
- Loading branch information
Showing
10 changed files
with
164 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
******* | ||
Docker driver installation guide | ||
******* | ||
|
||
Requirements | ||
============ | ||
|
||
* Docker Engine | ||
|
||
Install | ||
======= | ||
|
||
Please refer to the `Virtual environment`_ documentation for installation best | ||
practices. If not using a virtual environment, please consider passing the | ||
widely recommended `'--user' flag`_ when invoking ``pip``. | ||
|
||
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/ | ||
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site | ||
|
||
.. code-block:: bash | ||
$ pip install 'molecule[docker]' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
--- | ||
# The workaround for arbitrarily named role directory is important because the | ||
# git repo has one name and the role within it another | ||
# Found at: | ||
# https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 | ||
- name: Converge | ||
hosts: all | ||
vars: | ||
elastic_stack_full_stack: true | ||
elasticsearch_http_security: true | ||
beats_filebeat: false | ||
beats_metricbeat: false | ||
beats_agent: true | ||
beats_fleet_server: beats-agent | ||
tasks: | ||
- name: "Include Elastics repos role" | ||
include_role: | ||
name: elastic-repos | ||
- name: "Include Elasticsearch role" | ||
include_role: | ||
name: elasticsearch | ||
- name: "Include Beats" | ||
include_role: | ||
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
dependency: | ||
name: galaxy | ||
driver: | ||
name: docker | ||
platforms: | ||
- name: beats-agent | ||
groups: | ||
- elasticsearch | ||
- logstash | ||
- filebeat | ||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" | ||
command: ${MOLECULE_DOCKER_COMMAND:-""} | ||
volumes: | ||
- /sys/fs/cgroup:/sys/fs/cgroup:ro | ||
privileged: true | ||
pre_build_image: true | ||
provisioner: | ||
name: ansible | ||
verifier: | ||
name: ansible |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
--- | ||
- name: Prepare | ||
hosts: all | ||
tasks: | ||
- name: Install git | ||
package: | ||
name: git | ||
when: ansible_os_family != "Debian" | ||
- name: Install packages for Debian | ||
apt: | ||
name: | ||
- git | ||
- gpg | ||
- procps | ||
- curl | ||
update_cache: yes | ||
when: ansible_os_family == "Debian" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
- name: elastic-repos | ||
src: https://github.com/netways/ansible-role-elastic-repos | ||
scm: git | ||
- name: elasticsearch | ||
src: https://github.com/widhalmt/ansible-role-elasticsearch.git | ||
scm: git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
--- | ||
|
||
- name: Check for requirements | ||
fail: | ||
msg: "Needs Token or full stack roles" | ||
when: | ||
- not elastic_stack_full_stack | bool | ||
- beats_fleet_token is undefined | ||
|
||
- name: Install Elastic Agent | ||
package: | ||
name: elastic-agent | ||
|
||
- name: Generate Fleet Token | ||
block: | ||
|
||
- name: Generate Token | ||
shell: > | ||
/usr/share/elasticsearch/bin/elasticsearch-service-tokens | ||
create | ||
elastic/fleet-server | ||
{{ beats_fleet_token_name }} > | ||
/usr/share/elasticsearch/token-{{ beats_fleet_token_name }} | ||
args: | ||
creates: "/usr/share/elasticsearch/token-{{ beats_fleet_token_name }}" | ||
|
||
- name: Secure access to token | ||
file: | ||
path: /usr/share/elasticsearch/token-{{ beats_fleet_token_name }} | ||
owner: root | ||
group: root | ||
mode: 0600 | ||
|
||
- name: Read token | ||
shell: > | ||
grep ^SERVICE_TOKEN | ||
/usr/share/elasticsearch/token-{{ beats_fleet_token_name }} | | ||
cut -d= -f2 | ||
changed_when: false | ||
register: read_token | ||
|
||
- name: Use token as fact | ||
set_fact: | ||
beats_fleet_token: "{{ read_token.stdout }}" | ||
|
||
when: elastic_stack_full_stack | bool | ||
delegate_to: "{{ elasticsearch_ca }}" | ||
|
||
- name: Setup fleet server | ||
block: | ||
|
||
- name: Run fleet server setup | ||
command: > | ||
elastic-agent | ||
enroll | ||
--insecure | ||
"--fleet-server-service-token={{ beats_fleet_token }}" | ||
--fleet-server-es-ca=/etc/beats/certs/ca.crt | ||
-f --fleet-server-es=https://{{ elasticsearch_ca }}:9200 | ||
when: ansible_hostname == beats_fleet_server |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters