118 lines
3.8 KiB
YAML
118 lines
3.8 KiB
YAML
---
|
|
|
|
- import_tasks: local_actions.yml
|
|
when:
|
|
- generate_certs
|
|
|
|
- block:
|
|
- import_tasks: RedHat.yml
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- import_tasks: Debian.yml
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Remove performance analyzer plugin from elasticsearch
|
|
become: true
|
|
command: ./elasticsearch-plugin remove opendistro-performance-analyzer
|
|
args:
|
|
chdir: /usr/share/elasticsearch/bin/
|
|
register: remove_elasticsearch_performance_analyzer
|
|
failed_when:
|
|
- remove_elasticsearch_performance_analyzer.rc != 0
|
|
- '"not found" not in remove_elasticsearch_performance_analyzer.stderr'
|
|
changed_when: "remove_elasticsearch_performance_analyzer.rc == 0"
|
|
|
|
- name: Remove elasticsearch configuration file
|
|
file:
|
|
path: "{{ opendistro_conf_path }}/elasticsearch.yml"
|
|
state: absent
|
|
tags: install
|
|
|
|
- name: Copy Configuration File
|
|
blockinfile:
|
|
block: "{{ lookup('template', 'elasticsearch.yml.j2') }}"
|
|
dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
|
|
create: true
|
|
group: elasticsearch
|
|
mode: 0640
|
|
marker: "## {mark} Opendistro general settings ##"
|
|
tags: install
|
|
|
|
- include_tasks: security_actions.yml
|
|
tags:
|
|
- security
|
|
|
|
|
|
- name: Configure OpenDistro Elasticsearch JVM memmory.
|
|
template:
|
|
src: "templates/jvm.options.j2"
|
|
dest: /etc/elasticsearch/jvm.options
|
|
owner: root
|
|
group: elasticsearch
|
|
mode: 0644
|
|
force: yes
|
|
notify: restart elasticsearch
|
|
tags: install
|
|
|
|
- name: Ensure extra time for Elasticsearch to start on reboots
|
|
ansible.builtin.lineinfile:
|
|
path: /usr/lib/systemd/system/elasticsearch.service
|
|
regexp: '^TimeoutStartSec='
|
|
line: "TimeoutStartSec={{ elasticsearch_start_timeout }}"
|
|
become: yes
|
|
tags: configure
|
|
|
|
- name: Ensure Elasticsearch started and enabled
|
|
service:
|
|
name: elasticsearch
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: Wait for Elasticsearch API
|
|
uri:
|
|
url: "https://{{ inventory_hostname if not single_node else elasticsearch_network_host }}:{{ opendistro_http_port }}/_cluster/health/"
|
|
user: "admin" # Default OpenDistro user is always "admin"
|
|
password: "{{ opendistro_admin_password }}"
|
|
validate_certs: no
|
|
status_code: 200,401
|
|
return_content: yes
|
|
timeout: 4
|
|
register: _result
|
|
until:
|
|
- _result.json is defined
|
|
- _result.json.status == "green" or ( _result.json.status == "yellow" and single_node )
|
|
retries: 24
|
|
delay: 5
|
|
tags: debug
|
|
when:
|
|
- hostvars[inventory_hostname]['private_ip'] is not defined or not hostvars[inventory_hostname]['private_ip']
|
|
|
|
- name: Wait for Elasticsearch API (Private IP)
|
|
uri:
|
|
url: "https://{{ hostvars[inventory_hostname]['private_ip'] if not single_node else elasticsearch_network_host }}:{{ opendistro_http_port }}/_cluster/health/"
|
|
user: "admin" # Default OpenDistro user is always "admin"
|
|
password: "{{ opendistro_admin_password }}"
|
|
validate_certs: no
|
|
status_code: 200,401
|
|
return_content: yes
|
|
timeout: 4
|
|
register: _result
|
|
until:
|
|
- _result.json is defined
|
|
- _result.json.status == "green" or ( _result.json.status == "yellow" and single_node )
|
|
retries: 24
|
|
delay: 5
|
|
tags: debug
|
|
when:
|
|
- hostvars[inventory_hostname]['private_ip'] is defined and hostvars[inventory_hostname]['private_ip']
|
|
|
|
- import_tasks: "RMRedHat.yml"
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: Reload systemd configuration
|
|
systemd:
|
|
daemon_reload: true
|
|
become: yes
|
|
notify: restart elasticsearch
|
|
when: perform_installation
|