Skip to content
This repository has been archived by the owner on Jul 26, 2023. It is now read-only.

Commit

Permalink
Add Elastic Agent
Browse files Browse the repository at this point in the history
fixes #47
  • Loading branch information
widhalmt committed Sep 3, 2021
1 parent 74c4a57 commit 5d73cdf
Show file tree
Hide file tree
Showing 10 changed files with 164 additions and 2 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
runs-on: ubuntu-latest

strategy:
# max-parallel: 4
max-parallel: 4
matrix:
distro: [centos7, debian10, rockylinux8]
scenario: [default]
scenario: [default, agent]
# disabling full stack until Elasticsearch issues are fixed
#scenario: [default, full_stack]

Expand Down
4 changes: 4 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,10 @@ You need to have Filebeat available in your software repositories. We provide a
Role Variables
--------------

* *beats_agent*: Use Elastic Agent (Default: `false`)
* *beats_fleet_token*: If you're not using `elastic_stack_full_stack` you have to set this to your Fleet server token when using `beats_agent`
* *beats_fleet_server*: The inventory hostname (and DNS resolvable name) of the fleet server for this host

* *filebeat_enable*: Automatically start Filebeat (Default: `true`)
* *filebeat_output*: Set to `logstash` or `elasticsearch`. (default: `logstash`)
* *filebeat_syslog_udp*: Use UDP Syslog input (Default: `false`)
Expand Down
3 changes: 3 additions & 0 deletions defaults/main.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
---
# defaults file for beats
beats_agent: false
beats_filebeat: true
filebeat_output: logstash
beats_target_hosts:
Expand Down Expand Up @@ -37,6 +38,8 @@ filebeat_enable: true
#filebeat_modules:
# - system

beats_fleet_token_name: fleettoken

elastic_stack_full_stack: false
elasticsearch_http_security: false

Expand Down
22 changes: 22 additions & 0 deletions molecule/agent/INSTALL.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
*******
Docker driver installation guide
*******

Requirements
============

* Docker Engine

Install
=======

Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.

.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site

.. code-block:: bash
$ pip install 'molecule[docker]'
24 changes: 24 additions & 0 deletions molecule/agent/converge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
---
# The workaround for arbitrarily named role directory is important because the
# git repo has one name and the role within it another
# Found at:
# https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722
- name: Converge
hosts: all
vars:
elastic_stack_full_stack: true
elasticsearch_http_security: true
beats_filebeat: false
beats_metricbeat: false
beats_agent: true
beats_fleet_server: beats-agent
tasks:
- name: "Include Elastics repos role"
include_role:
name: elastic-repos
- name: "Include Elasticsearch role"
include_role:
name: elasticsearch
- name: "Include Beats"
include_role:
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
21 changes: 21 additions & 0 deletions molecule/agent/molecule.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: beats-agent
groups:
- elasticsearch
- logstash
- filebeat
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: true
provisioner:
name: ansible
verifier:
name: ansible
17 changes: 17 additions & 0 deletions molecule/agent/prepare.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
- name: Prepare
hosts: all
tasks:
- name: Install git
package:
name: git
when: ansible_os_family != "Debian"
- name: Install packages for Debian
apt:
name:
- git
- gpg
- procps
- curl
update_cache: yes
when: ansible_os_family == "Debian"
7 changes: 7 additions & 0 deletions molecule/agent/requirements.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
- name: elastic-repos
src: https://github.com/netways/ansible-role-elastic-repos
scm: git
- name: elasticsearch
src: https://github.com/widhalmt/ansible-role-elasticsearch.git
scm: git
61 changes: 61 additions & 0 deletions tasks/beats-agent.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
---

- name: Check for requirements
fail:
msg: "Needs Token or full stack roles"
when:
- not elastic_stack_full_stack | bool
- beats_fleet_token is undefined

- name: Install Elastic Agent
package:
name: elastic-agent

- name: Generate Fleet Token
block:

- name: Generate Token
shell: >
/usr/share/elasticsearch/bin/elasticsearch-service-tokens
create
elastic/fleet-server
{{ beats_fleet_token_name }} >
/usr/share/elasticsearch/token-{{ beats_fleet_token_name }}
args:
creates: "/usr/share/elasticsearch/token-{{ beats_fleet_token_name }}"

- name: Secure access to token
file:
path: /usr/share/elasticsearch/token-{{ beats_fleet_token_name }}
owner: root
group: root
mode: 0600

- name: Read token
shell: >
grep ^SERVICE_TOKEN
/usr/share/elasticsearch/token-{{ beats_fleet_token_name }} |
cut -d= -f2
changed_when: false
register: read_token

- name: Use token as fact
set_fact:
beats_fleet_token: "{{ read_token.stdout }}"

when: elastic_stack_full_stack | bool
delegate_to: "{{ elasticsearch_ca }}"

- name: Setup fleet server
block:

- name: Run fleet server setup
command: >
elastic-agent
enroll
--insecure
"--fleet-server-service-token={{ beats_fleet_token }}"
--fleet-server-es-ca=/etc/beats/certs/ca.crt
-f --fleet-server-es=https://{{ elasticsearch_ca }}:9200
when: ansible_hostname == beats_fleet_server
3 changes: 3 additions & 0 deletions tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,8 @@
- import_tasks: beats-security.yml
when: elasticsearch_http_security | bool

- import_tasks: beats-agent.yml
when: beats_agent | bool

- import_tasks: filebeat.yml
when: beats_filebeat | bool

0 comments on commit 5d73cdf

Please sign in to comment.