Skip to content
Extraits de code Groupes Projets
Valider 3ff3b32e rédigé par Rémi - Le Filament's avatar Rémi - Le Filament
Parcourir les fichiers

[FIX] install and upgrade filebeat from Ikoula VPS platforms in ipv4

parent a7239e6d
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Afficher les modifications d'espaces
En ligne Côte à côte
README.md
+ 9
1
Voir le fichier @ 3ff3b32e
...@@ -5,8 +5,16 @@ This role installs and configures filebeat for log collection output towards an ...@@ -5,8 +5,16 @@ This role installs and configures filebeat for log collection output towards an
Requirements Requirements
------------ ------------
This roles (in order to workaround the issue reported below) uses filter ipaddr() which requires the following:
* Ansible collection ansible.utils
* Python3 package netaddr
None
Known Issues
------------
Because of issue with GCP refusing IPv6 address from Ikoula VPS, this role had to be updated to :
* get elastic GPG key in vars instead of retrieving it from URL
* add force ipv4 for APT for hosts in Ikoula VPS subnet
Role Variables Role Variables
......
files/force-ipv4 0 → 100644
+ 1
0
Voir le fichier @ 3ff3b32e
Acquire::ForceIPv4 "true";
meta/main.yml
+ 1
1
Voir le fichier @ 3ff3b32e
...@@ -4,7 +4,7 @@ galaxy_info: ...@@ -4,7 +4,7 @@ galaxy_info:
description: This role configures filebeat to push logs to ELK stack description: This role configures filebeat to push logs to ELK stack
company: Le Filament (https://le-filament.com) company: Le Filament (https://le-filament.com)
license: AGPL-3.0-or-later license: AGPL-3.0-or-later
min_ansible_version: "2.1" min_ansible_version: "2.11"
platforms: platforms:
- name: EL - name: EL
versions: versions:
......
tasks/main.yml
+ 11
2
Voir le fichier @ 3ff3b32e
...@@ -5,12 +5,21 @@ ...@@ -5,12 +5,21 @@
# INSTALLATION # INSTALLATION
- name: Add Filebeat GPG key to APT - name: Add Filebeat GPG key to APT
ansible.builtin.get_url: ansible.builtin.copy:
url: "{{ elastic_gpg_key_url }}" content: "{{ elastic_gpg_key }}" # Since IPv6 is not allowed from some server, do not retrieve from https://artifacts.elastic.co/GPG-KEY-elasticsearch but get from local var instead
dest: /etc/apt/trusted.gpg.d/elastic.asc dest: /etc/apt/trusted.gpg.d/elastic.asc
mode: '0644' mode: '0644'
when: ansible_os_family == "Debian" when: ansible_os_family == "Debian"
- name: Force usage of IPv4 for APT
ansible.builtin.copy:
src: force-ipv4
dest: /etc/apt/apt.conf.d/89force-ipv4
owner: root
group: root
mode: '0644'
when: ansible_os_family == "Debian" and '178.170.0.0/16' | ansible.utils.network_in_usable(ansible_host) # If IP address in Ikoula subnet 178.170.0.0/16 (only Ikoula VPS IPv6 subnet are not allowed by GCP where elastic belongs)
- name: Add FileBeat repo to APT repositories - name: Add FileBeat repo to APT repositories
ansible.builtin.apt_repository: ansible.builtin.apt_repository:
repo: deb {{ elastic_packages_url }}/apt stable main repo: deb {{ elastic_packages_url }}/apt stable main
......
vars/main.yml
+ 32
0
Voir le fichier @ 3ff3b32e
--- ---
elastic_gpg_key_url: https://artifacts.elastic.co/GPG-KEY-elasticsearch elastic_gpg_key_url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
elastic_gpg_key: |
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.14 (GNU/Linux)
mQENBFI3HsoBCADXDtbNJnxbPqB1vDNtCsqhe49vFYsZN9IOZsZXgp7aHjh6CJBD
A+bGFOwyhbd7at35jQjWAw1O3cfYsKAmFy+Ar3LHCMkV3oZspJACTIgCrwnkic/9
CUliQe324qvObU2QRtP4Fl0zWcfb/S8UYzWXWIFuJqMvE9MaRY1bwUBvzoqavLGZ
j3SF1SPO+TB5QrHkrQHBsmX+Jda6d4Ylt8/t6CvMwgQNlrlzIO9WT+YN6zS+sqHd
1YK/aY5qhoLNhp9G/HxhcSVCkLq8SStj1ZZ1S9juBPoXV1ZWNbxFNGwOh/NYGldD
2kmBf3YgCqeLzHahsAEpvAm8TBa7Q9W21C8vABEBAAG0RUVsYXN0aWNzZWFyY2gg
KEVsYXN0aWNzZWFyY2ggU2lnbmluZyBLZXkpIDxkZXZfb3BzQGVsYXN0aWNzZWFy
Y2gub3JnPokBOAQTAQIAIgUCUjceygIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgEC
F4AACgkQ0n1mbNiOQrRzjAgAlTUQ1mgo3nK6BGXbj4XAJvuZDG0HILiUt+pPnz75
nsf0NWhqR4yGFlmpuctgCmTD+HzYtV9fp9qW/bwVuJCNtKXk3sdzYABY+Yl0Cez/
7C2GuGCOlbn0luCNT9BxJnh4mC9h/cKI3y5jvZ7wavwe41teqG14V+EoFSn3NPKm
TxcDTFrV7SmVPxCBcQze00cJhprKxkuZMPPVqpBS+JfDQtzUQD/LSFfhHj9eD+Xe
8d7sw+XvxB2aN4gnTlRzjL1nTRp0h2/IOGkqYfIG9rWmSLNlxhB2t+c0RsjdGM4/
eRlPWylFbVMc5pmDpItrkWSnzBfkmXL3vO2X3WvwmSFiQbkBDQRSNx7KAQgA5JUl
zcMW5/cuyZR8alSacKqhSbvoSqqbzHKcUQZmlzNMKGTABFG1yRx9r+wa/fvqP6OT
RzRDvVS/cycws8YX7Ddum7x8uI95b9ye1/Xy5noPEm8cD+hplnpU+PBQZJ5XJ2I+
1l9Nixx47wPGXeClLqcdn0ayd+v+Rwf3/XUJrvccG2YZUiQ4jWZkoxsA07xx7Bj+
Lt8/FKG7sHRFvePFU0ZS6JFx9GJqjSBbHRRkam+4emW3uWgVfZxuwcUCn1ayNgRt
KiFv9jQrg2TIWEvzYx9tywTCxc+FFMWAlbCzi+m4WD+QUWWfDQ009U/WM0ks0Kww
EwSk/UDuToxGnKU2dQARAQABiQEfBBgBAgAJBQJSNx7KAhsMAAoJENJ9ZmzYjkK0
c3MIAIE9hAR20mqJWLcsxLtrRs6uNF1VrpB+4n/55QU7oxA1iVBO6IFu4qgsF12J
TavnJ5MLaETlggXY+zDef9syTPXoQctpzcaNVDmedwo1SiL03uMoblOvWpMR/Y0j
6rm7IgrMWUDXDPvoPGjMl2q1iTeyHkMZEyUJ8SKsaHh4jV9wp9KmC8C+9CwMukL7
vM5w8cgvJoAwsp3Fn59AxWthN3XJYcnMfStkIuWgR7U2r+a210W6vnUxU4oN0PmM
cursYPyeV0NX/KQeUeNMwGTFB6QHS/anRaGQewijkrYYoTNtfllxIu9XYmiBERQ/
qPDlGRlOgVTd9xUfHFkzB52c70E=
=92oX
-----END PGP PUBLIC KEY BLOCK-----
elastic_packages_url: https://artifacts.elastic.co/packages/7.x elastic_packages_url: https://artifacts.elastic.co/packages/7.x
0% ou .
You are about to add 0 people to the discussion. Proceed with caution.
Veuillez vous inscrire ou vous pour commenter