afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #292 from wazuh/feature-291-es-coordinating-node

Browse Source 
Feature 291 es coordinating node
This commit is contained in:
Manuel J. Bernal 2019-10-30 17:36:09 +01:00 committed by GitHub
commit 08763a3b3d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
roles/elastic-stack/ansible-elasticsearch/README.md
View File

@ -48,11 +48,11 @@ Example Playbook
- hosts: 172.16.0.162 - hosts: 172.16.0.162
roles: roles:
- {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.162', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']} - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.162', elasticsearch_node_master: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
- hosts: 172.16.0.163 - hosts: 172.16.0.163
roles: roles:
- {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']} - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_node_master: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
``` ```
- Three nodes Elasticsearch cluster with XPack security - Three nodes Elasticsearch cluster with XPack security
@ -64,7 +64,7 @@ Example Playbook
elasticsearch_network_host: 172.16.0.111 elasticsearch_network_host: 172.16.0.111
elasticsearch_node_name: node-1 elasticsearch_node_name: node-1
single_node: false single_node: false
elasticsearch_master_candidate: true elasticsearch_node_master: true
elasticsearch_bootstrap_node: true elasticsearch_bootstrap_node: true
elasticsearch_cluster_nodes: elasticsearch_cluster_nodes:
- 172.16.0.111 - 172.16.0.111
@ -97,7 +97,7 @@ Example Playbook
elasticsearch_node_name: node-2 elasticsearch_node_name: node-2
single_node: false single_node: false
elasticsearch_xpack_security: true elasticsearch_xpack_security: true
elasticsearch_master_candidate: true elasticsearch_node_master: true
node_certs_generator_ip: 172.16.0.111 node_certs_generator_ip: 172.16.0.111
elasticsearch_discovery_nodes: elasticsearch_discovery_nodes:
- 172.16.0.111 - 172.16.0.111
@ -111,7 +111,7 @@ Example Playbook
elasticsearch_node_name: node-3 elasticsearch_node_name: node-3
single_node: false single_node: false
elasticsearch_xpack_security: true elasticsearch_xpack_security: true
elasticsearch_master_candidate: true elasticsearch_node_master: true
node_certs_generator_ip: 172.16.0.111 node_certs_generator_ip: 172.16.0.111
elasticsearch_discovery_nodes: elasticsearch_discovery_nodes:
- 172.16.0.111 - 172.16.0.111

15
roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
View File

@ -1,20 +1,25 @@
--- ---
elasticsearch_cluster_name: wazuh
elasticsearch_node_name: node-1
elasticsearch_http_port: 9200 elasticsearch_http_port: 9200
elasticsearch_network_host: 127.0.0.1 elasticsearch_network_host: 127.0.0.1
elasticsearch_reachable_host: 127.0.0.1 elasticsearch_reachable_host: 127.0.0.1
elasticsearch_jvm_xms: null elasticsearch_jvm_xms: null
elastic_stack_version: 7.3.2 elastic_stack_version: 7.3.2
elasticsearch_lower_disk_requirements: false
# Cluster Settings
single_node: true single_node: true
elasticsearch_cluster_name: wazuh
elasticsearch_node_name: node-1
elasticsearch_bootstrap_node: false elasticsearch_bootstrap_node: false
elasticsearch_master_candidate: false elasticsearch_node_master: false
elasticsearch_cluster_nodes: elasticsearch_cluster_nodes:
- 127.0.0.1 - 127.0.0.1
elasticsearch_discovery_nodes: elasticsearch_discovery_nodes:
- 127.0.0.1 - 127.0.0.1
elasticsearch_node_data: true
elasticsearch_node_ingest: true
elasticsearch_lower_disk_requirements: false
# X-Pack Security # X-Pack Security
elasticsearch_xpack_security: false elasticsearch_xpack_security: false
elasticsearch_xpack_security_user: elastic elasticsearch_xpack_security_user: elastic
@ -24,8 +29,6 @@ node_certs_generator: false
node_certs_source: /usr/share/elasticsearch node_certs_source: /usr/share/elasticsearch
node_certs_destination: /etc/elasticsearch/certs node_certs_destination: /etc/elasticsearch/certs
# CA generation # CA generation
master_certs_path: /es_certs master_certs_path: /es_certs
generate_CA: true generate_CA: true

11
roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
View File

@ -20,7 +20,13 @@ discovery.seed_hosts:
- {{ item }} - {{ item }}
{% endfor %} {% endfor %}
{% else %} {% else %}
node.master: {{ elasticsearch_master_candidate|lower }} node.master: {{ elasticsearch_node_master|lower }}
{% if elasticsearch_node_data|lower == 'false' %}
node.data: false
{% endif %}
{% if elasticsearch_node_ingest|lower == 'false' %}
node.ingest: false
{% endif %}
discovery.seed_hosts: discovery.seed_hosts:
{% for item in elasticsearch_discovery_nodes %} {% for item in elasticsearch_discovery_nodes %}
- {{ item }} - {{ item }}
@ -34,9 +40,8 @@ cluster.routing.allocation.disk.watermark.low: 500mb
cluster.routing.allocation.disk.watermark.high: 300mb cluster.routing.allocation.disk.watermark.high: 300mb
{% endif %} {% endif %}
# XPACK Security
{% if elasticsearch_xpack_security %} {% if elasticsearch_xpack_security %}
# XPACK Security
xpack.security.enabled: true xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.verification_mode: certificate