openstack-ansible-ops/elk_metrics_6x/roles/elastic_logstash/tasks/main.yml

---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Gather variables for each operating system
  include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
    - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
    - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
    - "{{ ansible_distribution | lower }}.yml"
    - "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
    - "{{ ansible_os_family | lower }}.yml"
  tags:
    - always

- name: Ensure Logstash is installed
  package:
    name: "{{ logstash_distro_packages }}"
    state: "{{ elk_package_state | default('present') }}"
    update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
  register: _package_task
  until: _package_task is success
  retries: 3
  delay: 2
  notify:
    - Enable and restart logstash
  tags:
    - package_install

- name: Create logstash systemd service config dir
  file:
    path: "/etc/systemd/system/logstash.service.d"
    state: "directory"
    group: "root"
    owner: "root"
    mode: "0755"
  when:
    - ansible_service_mgr == 'systemd'

- name: Apply systemd options
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: "0644"
  when:
    - ansible_service_mgr == 'systemd'
  with_items:
    - src: "systemd.general-overrides.conf.j2"
      dest: "/etc/systemd/system/logstash.service.d/logstash-overrides.conf"
  notify:
    - Enable and restart logstash

- name: Check queue type
  block:
    - name: Get block device for logstash
      command: findmnt -no SOURCE --target=/var/lib/logstash
      changed_when: false
      register: _logstash_block_device

    - name: Set persisted queue fact
      set_fact:
        logstash_queue_type: "{{ ((ansible_devices[_logstash_block_device.stdout.split('/')[-1] | regex_replace('[0-9]$','')]['rotational'] | int) != 1) | ternary('persisted', 'memory') }}"
  rescue:
    - name: Set persisted queue fact (fallback)
      set_fact:
        logstash_queue_type: memory
  when:
    - logstash_queue_type is undefined

- name: Systemd memory backed queue block
  block:
    - name: Get logstash UID
      command: id -u logstash
      register: logstash_uid
      changed_when: false
      when:
        - ansible_service_mgr == 'systemd'

    - name: Get logstash GID
      command: id -g logstash
      register: logstash_gid
      changed_when: false
      when:
        - ansible_service_mgr == 'systemd'

    - name: Run the systemd mount role
      include_role:
        name: systemd_mount
        private: true
      vars:
        systemd_mounts:
          - what: "tmpfs"
            where: "/var/lib/logstash/queue"
            type: "tmpfs"
            options: "size={{ (q_mem | int) // 2 }}m,uid={{ logstash_uid.stdout }},gid={{ logstash_gid.stdout }},nodev,nodiratime,noatime"
            unit:
              Before:
                - logstash.service
            state: 'started'
            enabled: true
      when:
        - ansible_service_mgr == 'systemd'

    - name: Apply fstab options for memory queues
      mount:
        path: /var/lib/logstash/queue
        src: tmpfs
        fstype: tmpfs
        opts: size={{ (q_mem | int) // 2 }}m
        state: mounted
      when:
        - ansible_service_mgr != 'systemd'
  when:
    - logstash_queue_type == 'memory'

- name: Create patterns directory
  file:
    name: "/opt/logstash/patterns"
    owner: "logstash"
    group: "logstash"
    state: directory
  tags:
    - logstash-patterns

- name: Logstash Extra Patterns
  template:
    src: "extras"
    dest: "/opt/logstash/patterns/extras"
    owner: "logstash"
    group: "logstash"
  when:
    - logstash_deploy_filters
  notify:
    - Enable and restart logstash
  tags:
    - logstash-filters
    - config

- name: Run kafka ssl deployment
  include_tasks: logstash_kafka_ssl.yml
  when:
    - logstash_kafka_options is defined
    - logstash_kafka_ssl_keystore_location is defined

- name: Drop logstash conf file(s)
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
  with_items:
    - src: "logstash.yml.j2"
      dest: "/etc/logstash/logstash.yml"
    - src: "logstash-pipelines.yml.j2"
      dest: "/etc/logstash/pipelines.yml"
  notify:
    - Enable and restart logstash
  tags:
    - config

- name: Ensure logstash ownership
  file:
    path: "/var/lib/logstash/"
    owner: logstash
    group: logstash
    recurse: true
  register: l_perms
  until: l_perms is success
  retries: 3
  delay: 1

- name: Ensure logstash tmp dir
  file:
    path: "/var/lib/logstash/tmp"
    state: directory
    owner: "logstash"
    group: "logstash"
    mode: "0750"

- name: Deploy arcsight collector
  include_tasks: logstash_arcsight.yml
  when:
    - logstash_arcsight_smart_connectors or
      logstash_arcsight_event_brokers