GithubHelp home page GithubHelp logo

synprosolutions / graylog-ansible-role Goto Github PK

View Code? Open in Web Editor NEW

This project forked from graylog2/graylog-ansible-role

0.0 1.0 0.0 275 KB

Ansible role which installs and configures Graylog

License: Apache License 2.0

Shell 17.88% Dockerfile 82.12%

graylog-ansible-role's Introduction

Build Status

Description

Ansible role which installs and configures Graylog log management.

THIS ROLE IS FOR GRAYLOG-3.X ONLY! FOR OLDER VERSIONS USE THE GRAYLOG-2.X BRANCH!

Dependencies

  • Only Ansible versions > 2.2.0 are supported.
  • Java 8 - Ubuntu Xenial and up support OpenJDK 8 by default. For other distributions consider backports accordingly
  • Elasticsearch
  • NGINX
  • Tested on Ubuntu 16.04 / Ubuntu 18.04 / Debian 9 / Centos 7

Quickstart

  • You need at least 4GB of memory to run Graylog
  • Generate the password hash for the admin user:
    • echo -n yourpassword | sha256sum # Linux
    • echo -n yourpassword | shasum -a 256 # Mac

Here is an example of a playbook targeting Vagrant (Ubuntu Xenial):

- hosts: "all"
  remote_user: "ubuntu"
  become: True
  vars:
    es_enable_xpack: False
    es_instance_name: "graylog"
    es_heap_size: "1g"
    es_config:
      node.name: "graylog"
      cluster.name: "graylog"
      http.port: 9200
      transport.tcp.port: 9300
      network.host: "127.0.0.1"
    graylog_install_java: False # Elasticsearch role already installed Java
    graylog_password_secret: "2jueVqZpwLLjaWxV" # generate with: pwgen -s 96 1
    graylog_root_password_sha2: "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"
    graylog_http_bind_address: "{{ ansible_default_ipv4.address }}:9000"
    graylog_http_publish_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
    graylog_http_external_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
  roles:
    - role: "Graylog2.graylog-ansible-role"
      tags:
        - "graylog"
  • Create a playbook file with that content, e.g. your_playbook.yml
  • Fetch this role ansible-galaxy install -n -p ./roles Graylog2.graylog-ansible-role
  • Install role's dependencies ansible-galaxy install -r roles/Graylog2.graylog-ansible-role/requirements.yml -p ./roles
  • Apply the playbook to a Vagrant box ansible-playbook your_playbook.yml -i "127.0.0.1:2222,"
  • Login to Graylog by opening http://127.0.0.1:9000 in your browser. Default username and password is admin

Variables

# Basic server settings
graylog_server_version:     "3.0.1-1" # Optional, if not provided the latest version will be installed
graylog_is_master:          "True"
graylog_password_secret:    "2jueVqZpwLLjaWxV" # generate with: pwgen -s 96 1
graylog_root_password_sha2: "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"

graylog_http_bind_address: "{{ ansible_default_ipv4.address }}:9000"
graylog_http_publish_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
graylog_http_external_uri: "http://{{ ansible_default_ipv4.address }}:9000/"

Take a look into defaults/main.yml to get an overview of all configuration parameters.

More detailed example

  • Set up roles_path = ./roles in ansible.cfg ([defaults] block)
  • Install role ansible-galaxy install Graylog2.graylog-ansible-role
  • Install role's dependencies ansible-galaxy install -r roles/Graylog2.graylog-ansible-role/requirements.yml
  • Set up playbook (see example below):
- hosts: "server"
  become: True
  vars:
    es_instance_name: "graylog"
    es_scripts: False
    es_templates: False
    es_version_lock: False
    es_heap_size: "1g"
    es_config:
      node.name: "graylog"
      cluster.name: "graylog"
      http.port: 9200
      transport.tcp.port: 9300
      network.host: "127.0.0.1"
      node.data: True
      node.master: True
    graylog_install_java: False # Elasticsearch role already installed Java
    graylog_password_secret: "2jueVqZpwLLjaWxV" # generate with: pwgen -s 96 1
    graylog_root_password_sha2: "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"
    graylog_http_bind_address: "{{ ansible_default_ipv4.address }}:9000"
    graylog_http_publish_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
    graylog_http_external_uri: "http://{{ ansible_default_ipv4.address }}:9000/"

    nginx_sites:
      graylog:
        - "listen 80"
        - "server_name graylog"
        - |
          location / {
            proxy_pass http://localhost:9000/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass_request_headers on;
            proxy_connect_timeout 150;
            proxy_send_timeout 100;
            proxy_read_timeout 100;
            proxy_buffers 4 32k;
            client_max_body_size 8m;
            client_body_buffer_size 128k;
          }

  roles:
    - role: "Graylog2.graylog-ansible-role"
      tags:
        - "graylog"
  • Run the playbook with ansible-playbook -i inventory_file your_playbook.yml
  • Login to Graylog by opening http://<host IP> in your browser, default username and password is admin

Explicit playbook of roles

It's good to be explicit, these are all the roles that you need to run for Graylog.

Note: in this example vars are in a more appropriate place at group_vars/group/vars

- name: "Apply roles for Graylog servers"
  hosts: "graylog_servers"
  become: True
  vars:
    graylog_install_elasticsearch: False
    graylog_install_mongodb:       False
    graylog_install_nginx:         False

  roles:

    - role: "elastic.elasticsearch"
      tags:
        - "elasticsearch"
        - "graylog_servers"

    - role: "jdauphant.nginx"
      tags:
        - "nginx"
        - "graylog_servers"

    - role: "graylog2.graylog-ansible-role"
      tags:
        - "graylog"
        - "graylog_servers"

Conditional role dependencies

Dependencies can be enabled/disabled with the host_vars graylog_install_*. Take look into meta/main.yml for more information. Keep in mind that you have to install all dependencies even when they are disabled to prevent errors.

Tests

One can test the role on the supported distributions (see meta/main.yml for the complete list), by using the Docker images provided.

Example for Debian Jessie and Ubuntu Xenial:

$ cd graylog-ansible-role
$ docker build -t graylog-ansible-role-jessie -f tests/support/jessie_22.Dockerfile tests/support
$ docker run -it -v $PWD:/role graylog-ansible-role-jessie

For Xenial, just replace jessie with xenial in the above commands.

Example for CentOS 7 and Ubuntu Xenial:

Due to how systemd works with Docker, the following approach is suggested:

$ cd graylog-ansible-role
$ docker build -t graylog-ansible-role-centos7 -f tests/support/centos7_22.Dockerfile tests/support
$ docker run -d --privileged -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v $PWD:/role:ro graylog-ansible-role-centos7 /usr/sbin/init
$ DOCKER_CONTAINER_ID=$(docker ps | grep centos | awk '{print $1}')
$ docker logs $DOCKER_CONTAINER_ID
$ docker exec -it $DOCKER_CONTAINER_ID /bin/bash -xec "bash -x run-tests.sh"
$ docker ps -a
$ docker stop $DOCKER_CONTAINER_ID
$ docker rm -v $DOCKER_CONTAINER_ID

Ubuntu Xenial:

$ cd graylog-ansible-role
$ docker build -t graylog-ansible-role-xenial -f tests/support/xenial_22.Dockerfile tests/support
$ docker run -d --privileged -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v $PWD:/role:ro graylog-ansible-role-xenial /sbin/init
$ DOCKER_CONTAINER_ID=$(docker ps | grep xenial | awk '{print $1}')
$ docker logs $DOCKER_CONTAINER_ID
$ docker exec -it $DOCKER_CONTAINER_ID /bin/bash -xec "bash -x run-tests.sh"
$ docker ps -a
$ docker stop $DOCKER_CONTAINER_ID
$ docker rm -v $DOCKER_CONTAINER_ID

Further Reading

Great articles by Pablo Daniel Estigarribia Davyt on how to use this role:

License

Author: Marius Sturm ([email protected]) and contributors

License: Apache 2.0

graylog-ansible-role's People

Contributors

anmolnagpal avatar average-joe avatar bbaassssiiee avatar bernd avatar danvaida avatar falencastro avatar fra-nk avatar hooksie1 avatar jccomputing avatar joschi avatar jrunu avatar kmonticolo avatar mariussturm avatar martinnowak avatar mehrenreich avatar mhavas avatar mika avatar pablodav avatar pdesgarets avatar rfdrake avatar strangeman avatar terwey avatar veger avatar zanchin avatar zealot128 avatar zeknox avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.