![[Return to Top Page]](image//logo.png "[Return to Top Page]"){kind=logo}
|
|
|
#author("2020-11-13T23:25:13+09:00","default:jomura","jomura") #author("2020-11-13T23:25:44+09:00","default:jomura","jomura") *** pb_redmine_server-els_kibana.yml [#he718a56] # install elasticsearch & kibana # https://www.elastic.co/guide/en/elasticsearch/reference/7.9/rpm.html # require httpd - hosts: redmine_servers become: true become_method: su environment: "{{ proxy_env }}" tasks: - name: facts check fail: msg: "Not compatible with [{{ ansible_os_family }}] {{ ansible_distribution }} {{ ansible_distribution_major_version }}." when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int < 7 - rpm_key: key: https://artifacts.elastic.co/GPG-KEY-elasticsearch state: present - copy: dest: /etc/yum.repos.d/elasticsearch.repo force: no content: | [elasticsearch] name=Elasticsearch repository for 7.x packages baseurl=https://artifacts.elastic.co/packages/7.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md - name: install elasticsearch yum: name: elasticsearch state: latest - lineinfile: dest: /etc/elasticsearch/elasticsearch.yml line: "{{ item }}" with_items: - 'network.host: _local_,_site_' - 'transport.host: _local_' - name: start elasticsearch systemd: name: elasticsearch state: started daemon_reload: yes enabled: yes - firewalld: port: 9200/tcp state: enabled permanent: true immediate: yes - copy: dest: /etc/yum.repos.d/kibana.repo force: no content: | [kibana-7.x] name=Kibana repository for 7.x packages baseurl=https://artifacts.elastic.co/packages/7.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md - name: install kibana yum: name: kibana state: latest - lineinfile: dest: /etc/kibana/kibana.yml insertafter: '^#server.basePath: ""$' line: 'server.basePath: "/kibana"' - name: start kibana systemd: name: kibana state: started daemon_reload: yes enabled: yes - name: modify httpd.conf for kibana copy: dest: /etc/httpd/conf.d/proxy-kibana.conf force: no mode: 0644 content: | <IfModule !proxy_module> LoadModule proxy_module modules/mod_proxy.so </IfModule> <IfModule !proxy_http_module> LoadModule proxy_http_module modules/mod_proxy_http.so </IfModule> ProxyPass /kibana http://localhost:5601 retry=0 ProxyPassReverse /kibana http://localhost:5601 notify: - restart Apache - name: httpd_can_network_connect shell: /usr/sbin/getsebool httpd_can_network_connect register: result01 - shell: /usr/sbin/setsebool -P httpd_can_network_connect 1 when: result01.stdout == 'httpd_can_network_connect --> off' notify: - restart Apache handlers: - name: restart Apache systemd: name: httpd state: restarted daemon_reload: yes ansible-playbook -i inventory.yml pb_redmine_server-els_kibana.yml *** pb_redmine_server-filebeat.yml [#z9752934] # install filebeat # https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html - hosts: all become: true become_method: su environment: "{{ proxy_env }}" vars: modules: system auditd apache elasticsearch kibana els_host: its.jomura.net:9200 tasks: - name: facts check fail: msg: "Not compatible with [{{ ansible_os_family }}] {{ ansible_distribution }} {{ ansible_distribution_major_version }}." when: ansible_os_family != 'RedHat' or ansible_distribution_major_version|int < 7 - rpm_key: key: https://artifacts.elastic.co/GPG-KEY-elasticsearch state: present - copy: dest: /etc/yum.repos.d/elasticsearch.repo force: no content: | [elasticsearch] name=Elasticsearch repository for 7.x packages baseurl=https://artifacts.elastic.co/packages/7.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md - name: install filebeat yum: name: filebeat state: latest - lineinfile: dest: /etc/filebeat/filebeat.yml regexp: 'hosts: \["localhost:9200"\]' line: " hosts: [\"{{ els_host }}\"]" - shell: " /usr/bin/filebeat modules enable {{ modules }}\n /usr/bin/filebeat setup -e" - name: start filebeat systemd: name: filebeat state: started daemon_reload: yes enabled: yes ansible-playbook -i srv.jomura.net, pb_redmine_server-filebeat.yml ansible-playbook -i srv1.jomura.net,srv2.jomura.net, pb_redmine_server-filebeat.yml
