diff --git a/elk_metrics_6x/installElastic.yml b/elk_metrics_6x/installElastic.yml index c7d8adc2..3a653db9 100644 --- a/elk_metrics_6x/installElastic.yml +++ b/elk_metrics_6x/installElastic.yml @@ -82,7 +82,7 @@ - include_tasks: common_task_install_elk_repo.yml - - name: Ensure Elastic search is installed + - name: Ensure elasticsearch is installed apt: name: elasticsearch state: "{{ elk_package_state | default('present') }}" @@ -91,9 +91,29 @@ until: _apt_task is success retries: 3 delay: 2 + notify: + - Enable and restart elastic tags: - package_install + - name: Create elasticsearch systemd service config dir + file: + path: "/etc/systemd/system/elasticsearch.service.d" + state: "directory" + group: "root" + owner: "root" + mode: "0755" + + - name: Apply systemd options + template: + src: "{{ item.src }}" + dest: "/etc/systemd/system/elasticsearch.service.d/{{ item.dest }}" + mode: "0644" + with_items: + - { src: "systemd.elasticsearch-overrides.conf.j2", dest: "elasticsearch-overrides.conf" } + notify: + - Enable and restart elastic + - name: Drop elasticsearch conf file template: src: "{{ item.src }}" @@ -105,6 +125,8 @@ dest: /etc/elasticsearch/jvm.options - src: templates/es-log4j2.properties.j2 dest: /etc/elasticsearch/log4j2.properties + notify: + - Enable and restart elastic tags: - config @@ -121,11 +143,13 @@ tags: - config + handlers: - name: Enable and restart elastic systemd: name: "elasticsearch" enabled: true state: restarted + daemon_reload: true tags: - config diff --git a/elk_metrics_6x/installKibana.yml b/elk_metrics_6x/installKibana.yml index 65245120..e49068ba 100644 --- a/elk_metrics_6x/installKibana.yml +++ b/elk_metrics_6x/installKibana.yml @@ -54,20 +54,44 @@ until: _apt_task is success retries: 3 delay: 2 + notify: + - Enable and restart kibana tags: - package_install + - name: Create kibana systemd service config dir + file: + path: "/etc/systemd/system/kibana.service.d" + state: "directory" + group: "root" + owner: "root" + mode: "0755" + + - name: Apply systemd options + template: + src: "{{ item.src }}" + dest: "/etc/systemd/system/kibana.service.d/{{ item.dest }}" + mode: "0644" + with_items: + - { src: "systemd.kibana-overrides.conf.j2", dest: "kibana-overrides.conf" } + notify: + - Enable and restart kibana + - name: Drop kibana conf file template: src: templates/kibana.yml.j2 dest: /etc/kibana/kibana.yml mode: "0666" + notify: + - Enable and restart kibana + handlers: - name: Enable and restart kibana systemd: name: "kibana" enabled: true state: restarted + daemon_reload: true tags: - server-install diff --git a/elk_metrics_6x/installLogstash.yml b/elk_metrics_6x/installLogstash.yml index 7bceec68..608531f6 100644 --- a/elk_metrics_6x/installLogstash.yml +++ b/elk_metrics_6x/installLogstash.yml @@ -78,9 +78,29 @@ until: _apt_task is success retries: 3 delay: 2 + notify: + - Enable and restart logstash tags: - package_install + - name: Create logstash systemd service config dir + file: + path: "/etc/systemd/system/logstash.service.d" + state: "directory" + group: "root" + owner: "root" + mode: "0755" + + - name: Apply systemd options + template: + src: "{{ item.src }}" + dest: "/etc/systemd/system/logstash.service.d/{{ item.dest }}" + mode: "0644" + with_items: + - { src: "systemd.logstash-overrides.conf.j2", dest: "logstash-overrides.conf" } + notify: + - Enable and restart logstash + - name: Drop elasticsearch conf file template: src: "{{ item.src }}" @@ -201,6 +221,7 @@ name: "logstash" enabled: true state: restarted + daemon_reload: true tags: - server-install diff --git a/elk_metrics_6x/templates/systemd.elasticsearch-overrides.conf.j2 b/elk_metrics_6x/templates/systemd.elasticsearch-overrides.conf.j2 new file mode 100644 index 00000000..60428560 --- /dev/null +++ b/elk_metrics_6x/templates/systemd.elasticsearch-overrides.conf.j2 @@ -0,0 +1,18 @@ +[Service] +# This first line clears the source ExecStart +ExecStart= +# This runs our ExecStart as an override. +ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid + +# This creates a specific slice to operate from. The accounting options give us +# the ability to see resource usage through the `systemd-cgtop` command and +# further isolate this service from the host machine. +Slice=elastic.slice +CPUAccounting=true +BlockIOAccounting=true +MemoryAccounting=true +TasksAccounting=true + +# Sandbox setup +PrivateTmp=true +PrivateDevices={{ ((ansible_os_family | lower) != "redhat") | lower }} diff --git a/elk_metrics_6x/templates/systemd.kibana-overrides.conf.j2 b/elk_metrics_6x/templates/systemd.kibana-overrides.conf.j2 new file mode 100644 index 00000000..783427bf --- /dev/null +++ b/elk_metrics_6x/templates/systemd.kibana-overrides.conf.j2 @@ -0,0 +1,13 @@ +[Service] +# This creates a specific slice to operate from. The accounting options give us +# the ability to see resource usage through the `systemd-cgtop` command and +# further isolate this service from the host machine. +Slice=elastic.slice +CPUAccounting=true +BlockIOAccounting=true +MemoryAccounting=true +TasksAccounting=true + +# Sandbox setup +PrivateTmp=true +PrivateDevices={{ ((ansible_os_family | lower) != "redhat") | lower }} diff --git a/elk_metrics_6x/templates/systemd.logstash-overrides.conf.j2 b/elk_metrics_6x/templates/systemd.logstash-overrides.conf.j2 new file mode 100644 index 00000000..783427bf --- /dev/null +++ b/elk_metrics_6x/templates/systemd.logstash-overrides.conf.j2 @@ -0,0 +1,13 @@ +[Service] +# This creates a specific slice to operate from. The accounting options give us +# the ability to see resource usage through the `systemd-cgtop` command and +# further isolate this service from the host machine. +Slice=elastic.slice +CPUAccounting=true +BlockIOAccounting=true +MemoryAccounting=true +TasksAccounting=true + +# Sandbox setup +PrivateTmp=true +PrivateDevices={{ ((ansible_os_family | lower) != "redhat") | lower }}