Commit 20ada541 authored by Régis Behmo's avatar Régis Behmo

Elasticsearch/Kibana deployment

Simulate logs are transfered from trefle app to elasticsearch via
filebeat. They are then viewable on port 5601 of the elasticsearch host:
10.10.10.11:5601 To access kibana, it is necessary to setup an ssh tunnel.
parent cf64ffc4
......@@ -16,9 +16,12 @@ access-logs:
error-logs:
ansible proxy -b -a "tail -$(lines) /var/log/nginx/error.log"
logs:
app-logs:
ansible proxy -b -a "journalctl --lines $(lines) --unit trefle"
simulate-logs:
ansible proxy -b -a "tail -$(lines) /srv/trefle/logs/trefle-simulate.log"
status:
ansible proxy -b -a "systemctl status nginx"
ansible app -b -a "systemctl status trefle"
......@@ -27,7 +27,11 @@ Tail nginx access and error logs:
Tail trefle logs:
make logs
make app-logs
Tail simulate logs:
make simulate-logs
(Known limitation: with these commands, you will not be able to follow logs)
......
proxy ansible_user=root ansible_host=163.172.190.40
trefle ansible_user=ubuntu ansible_host=10.10.10.10 ansible_ssh_common_args=' -o ProxyCommand="ssh -W %h:%p root@163.172.190.40"'
elasticsearch ansible_user=ubuntu ansible_host=10.10.10.11 ansible_ssh_common_args=' -o ProxyCommand="ssh -W %h:%p root@163.172.190.40"'
[app]
trefle
......@@ -13,3 +13,8 @@
- secrets.yml
roles:
- {role: trefle, tags: ["trefle"]}
- {role: filebeat, tags: ["filebeat"]}
- hosts: "elasticsearch"
roles:
- {role: elasticsearch, tags: ["elasticsearch"]}
......@@ -12,5 +12,6 @@
with_items:
# Actually, this is required to run ansible
- python
- language-pack-fr
- tmux
become: yes
---
- name: System requirements
apt:
name: default-jre
become: yes
# Elasticsearch
- name: Download elasticsearch
get_url:
url: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.0.deb
dest: /tmp/elasticsearch.deb
checksum: sha512:37e52552a4a55165cc73fd52c4f25194e576f5dd93a6a2540adb8caec270fb1928916394718760ecbccae5b66b751202c8804ce9d32e4d1ec136f4e19529ea39
- name: Install elasticsearch
apt:
deb: /tmp/elasticsearch.deb
become: yes
- name: Configure elasticsearch
template:
src: elasticsearch.yml
dest: /etc/elasticsearch/elasticsearch.yml
backup: yes
become: yes
- name: Restart elasticsearch
service:
name: elasticsearch
state: restarted
enabled: yes
become: yes
# Kibana
- name: Download kibana
get_url:
url: https://artifacts.elastic.co/downloads/kibana/kibana-6.3.0-amd64.deb
dest: /tmp/kibana.deb
checksum: sha512:717ea30ecff3b699d8190ffb6f3fcd98548f30c2149f01f27816ab54bf672250feb3919daac5776a045cf6ffa5b028370f5ccdba827136c379877b0f6ab4c088
- name: Install kibana
apt:
deb: /tmp/kibana.deb
become: yes
- name: Configure kibana
template:
src: kibana.yml
dest: /etc/kibana/kibana.yml
backup: yes
become: yes
- name: Restart kibana
service:
name: kibana
state: restarted
enabled: yes
become: yes
# TODO setup curator to get rid of old indices
cluster.name: trefle
network.host: {{ hostvars['elasticsearch']['ansible_host'] }}
http.port: 9200
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
server.host: {{ hostvars['elasticsearch']['ansible_host'] }}
server.port: 5601
elasticsearch.url: http://{{ hostvars['elasticsearch']['ansible_host'] }}:9200
- name: Download Filebeat
get_url:
url: https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.3.0-amd64.deb
dest: /tmp/filebeat.deb
checksum: sha512:6eabb9db2da59176de1634ae12500a0eac70718d475e242bb16cead9e9fe2af2e35c4f8a1cac01797e0a10583e0752e33811f237a48ef7d0910399c2ee38efbb
- name: Install filebeat
apt:
deb: /tmp/filebeat.deb
become: yes
- name: Configure filebeat
template:
src: filebeat.yml
dest: /etc/filebeat/filebeat.yml
backup: yes
become: yes
- name: Restart filebeat
service:
name: filebeat
state: restarted
enabled: yes