--- - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' - import_tasks: Debian.yml when: ansible_os_family == "Debian" - name: Create elasticsearch.service.d folder. file: path=/etc/systemd/system/elasticsearch.service.d/ state=directory when: - ansible_service_mgr == "systemd" - name: Configure Elasticsearch System Resources. template: src: elasticsearch_systemd.conf.j2 dest: /etc/systemd/system/elasticsearch.service.d/elasticsearch.conf owner: root group: elasticsearch mode: 0660 notify: restart elasticsearch tags: configure when: - ansible_service_mgr == "systemd" - name: Debian/Ubuntu | Configure Elasticsearch System Resources. template: src: elasticsearch_nonsystemd.j2 dest: /etc/default/elasticsearch owner: root group: elasticsearch mode: 0660 notify: restart elasticsearch tags: configure when: - ansible_service_mgr != "systemd" - ansible_os_family == "Debian" - name: RedHat/CentOS/Fedora | Configure Elasticsearch System Resources. template: src: elasticsearch_nonsystemd.j2 dest: /etc/sysconfig/elasticsearch owner: root group: elasticsearch mode: 0660 notify: restart elasticsearch tags: configure when: - ansible_service_mgr != "systemd" - ansible_os_family == "RedHat" - name: Configure Elasticsearch JVM memmory. template: src: jvm.options.j2 dest: /etc/elasticsearch/jvm.options owner: root group: elasticsearch mode: 0660 notify: restart elasticsearch tags: configure # fix in new PR (ignore_errors) - import_tasks: "RMRedHat.yml" when: ansible_os_family == "RedHat" - import_tasks: "xpack_security.yml" when: - elasticsearch_xpack_security - name: Configure Elasticsearch. template: src: elasticsearch.yml.j2 dest: /etc/elasticsearch/elasticsearch.yml owner: root group: elasticsearch mode: 0660 notify: restart elasticsearch tags: configure - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf lineinfile: path: /etc/security/limits.conf line: elasticsearch - memlock unlimited create: yes become: true when: - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 changed_when: false - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf lineinfile: path: /etc/security/limits.d/elasticsearch.conf line: elasticsearch - memlock unlimited create: yes become: true changed_when: false when: - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 - name: Ensure Elasticsearch started and enabled service: name: elasticsearch enabled: true state: started tags: - configure - init - name: Make sure Elasticsearch is running before proceeding wait_for: host={{ elasticsearch_reachable_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400 tags: - configure - init - import_tasks: "RMRedHat.yml" when: ansible_os_family == "RedHat" - import_tasks: "RMDebian.yml" when: ansible_os_family == "Debian" - name: Wait for Elasticsearch API uri: url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_cluster/health/" user: "{{ elasticsearch_xpack_security_user }}" password: "{{ elasticsearch_xpack_security_password }}" validate_certs: no status_code: 200,401 return_content: yes timeout: 4 register: _result until: ( _result.json is defined) and (_result.json.status == "green") retries: 24 delay: 5 when: - elasticsearch_xpack_users is defined - name: Create elasticsearch users uri: url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_security/user/{{ item.key }}" method: POST body_format: json user: "{{ elasticsearch_xpack_security_user }}" password: "{{ elasticsearch_xpack_security_password }}" body: '{ "password" : "{{ item.value["password"] }}", "roles" : {{ item.value["roles"] }} }' validate_certs: no loop: "{{ elasticsearch_xpack_users|default({})|dict2items }}" register: http_response failed_when: http_response.status != 200 when: - elasticsearch_xpack_users is defined