From 114a8ec683e34ddc41deff87dabf026f4a714e9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20-=20Le=20Filament?= <remi@le-filament.com>
Date: Fri, 11 Jun 2021 15:14:15 +0200
Subject: [PATCH] Role documentation
---
README.md | 29 ++++++++++++++++++++++-------
defaults/main.yml | 6 +++++-
meta/main.yml | 24 ++++++++++--------------
templates/docker-compose.yaml.j2 | 2 +-
templates/logstash.conf.j2 | 2 ++
5 files changed, 40 insertions(+), 23 deletions(-)
diff --git a/README.md b/README.md
index a3d0bdb..19dd9fb 100644
--- a/README.md
+++ b/README.md
@@ -1,22 +1,35 @@
-Role Name
-=========
+docker_elk
+==========
-A brief description of the role goes here.
+This role deploys ELK stack (ElasticSearch, LogStash, Kibana) with Docker on a single server. This role is not maintained anymore.
+This role allows for collecting logs from Odoo dockers
Requirements
------------
-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+None
Role Variables
--------------
-A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+Variables from default directory :
+* kibana_url: URL for accessing Kibana
+* logstash_port: Port on which Logstash is available for collecting logs from Internet (defaults to 5044)
+* logstash_tls: whether activating TLS protection for exchanges with LogStash (defaults to false, if set, the 2 following variables are required)
+* logstash_tls_crt: Certificate for TLS protected exchanges with LogStash
+* logstash_tls_key: Certifate private Key for TLS protected exchanges with LogStash
+
Dependencies
------------
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+This role requires the following Ansible collection :
+* community.docker
+
+This Docker role supposes that Traefik is deployed as an inverseproxy in front of the deployed Dockers.
+The following role is used by Le Filament for deploying Traefik : docker_server (https://sources.le-filament.com/lefilament/ansible-roles/docker_server)
+
+Also, this Docker role was supposed to be used together with filebeat deployed on each server from where logs should be collected with filebeat ansible role (https://sources.le-filament.com/lefilament/ansible-roles/filebeat)
Example Playbook
----------------
@@ -25,7 +38,9 @@ Including an example of how to use your role (for instance, with variables passe
- hosts: servers
roles:
- - { role: username.rolename, x: 42 }
+ - { role: docker_elk }
+ vars:
+ - { kibana_url: "kibana.example.org" }
License
-------
diff --git a/defaults/main.yml b/defaults/main.yml
index 9457e0c..3034d83 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,2 +1,6 @@
---
-# defaults file for test
+kibana_url: "kibana.example.org"
+logstash_port: 5044
+logstash_tls: false
+logstash_tls_crt: ""
+logstash_tls_key: ""
diff --git a/meta/main.yml b/meta/main.yml
index 4ed7944..12501c3 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,20 +1,16 @@
+---
galaxy_info:
author: RĂ©mi
- description: your role description
+ description: Role for deploying ELK stack on Dockers for log collection. Role not maintained anymore.
company: Le Filament (https://le-filament.com)
-
license: AGPL-3.0-or-later
-
min_ansible_version: 2.1
-
platforms:
- - name: CentOS
- versions:
- - 7
- - name: Ubuntu
- versions:
- - 16.04
- - 18.04
- - 20.04
-
- galaxy_tags: []
+ - name: Ubuntu
+ versions:
+ - 20.04
+ galaxy_tags:
+ - elk
+ - elasticsearch
+ - logstash
+ - kibana
diff --git a/templates/docker-compose.yaml.j2 b/templates/docker-compose.yaml.j2
index a914fd2..b3628ba 100644
--- a/templates/docker-compose.yaml.j2
+++ b/templates/docker-compose.yaml.j2
@@ -27,7 +27,7 @@ services:
co.elastic.logs/enabled: "false"
traefik.enable: "true"
traefik.http.routers.kibana.middlewares: "auth@file"
- traefik.http.routers.kibana.rule: "Host(`journaux.le-filament.com`)"
+ traefik.http.routers.kibana.rule: "Host(`{{ kibana_url }}`)"
traefik.http.routers.kibana.service: "kibana"
traefik.http.services.kibana.loadbalancer.server.port: "5601"
networks:
diff --git a/templates/logstash.conf.j2 b/templates/logstash.conf.j2
index e268883..7374b62 100644
--- a/templates/logstash.conf.j2
+++ b/templates/logstash.conf.j2
@@ -1,9 +1,11 @@
input {
beats {
port => {{ logstash_port }}
+{% if logstash_tls %}
ssl => true
ssl_certificate => "/usr/share/logstash/logstash.crt"
ssl_key => "/usr/share/logstash/logstash.key"
+{% endif %}
}
}
--
GitLab