Skip to content
Extraits de code Groupes Projets
Sélectionner une révision Git
  • 3ff3b32e1efb9bb42ed136dff272e93dc57ab500
  • master par défaut protégée
  • v1.0.9
  • v1.0.8
  • v1.0.7
  • v1.0.6
  • v1.0.5
  • v1.0.4
  • v1.0.3
  • v1.0.2
  • v1.0.1
  • v1.0.0
12 résultats

filebeat

Nom Dernière validation Dernière mise à jour
defaults
files
handlers
meta
tasks
templates
vars
.ansible-lint
.yamllint
LICENSE
README.md
README.md

filebeat

This role installs and configures filebeat for log collection output towards an ELK stack (Logstash instance)

Requirements

This roles (in order to workaround the issue reported below) uses filter ipaddr() which requires the following:

  • Ansible collection ansible.utils
  • Python3 package netaddr

Known Issues

Because of issue with GCP refusing IPv6 address from Ikoula VPS, this role had to be updated to :

  • get elastic GPG key in vars instead of retrieving it from URL
  • add force ipv4 for APT for hosts in Ikoula VPS subnet

Role Variables

Default variables (with default values in defaults/main.yml) :

  • docker_userns_remap : whether remapping of user namespace is being used for Docker (security feature defaults to true)
  • dockremap_subuid : first subuid used for user namespace remap for Docker (defaults to 165536) - should be retrieved by docker_server role in host_vars
  • dockremap_subgid : first subgid used for user namespace remap for Docker (defaults to 165536) - should be retrieved by docker_server role in host_vars
  • logstash_host : host or IP where logstash instance is located (defaults to localhost)
  • logstash_port : TCP port on which logstash instance is listening (defaults to 5044)
  • logstash_tls_crt : TLS cert used for securely connect to logstash instance (defaults to dummy cert)
  • log_collection : whether to collect logs or not (defaults to true), could be set distinctly for each host

Variables from vars directory:

  • OS specific (RedHat.yml / Debian.yml) :
    • packages_to_install : list of packages to install on server
  • Global (main.yml):
    • elastic_gpg_key_url: URL for retrieving Elastic GPG key
    • elastic_packages_url: URL for retrieving Elastic APT/YUM packages

Dependencies

This roles depends upon completion of docker_server role (for collecting correct dockremap subuid/gid).

Example Playbook

- hosts: full_maintenance
  gather_facts: true
  become: true
  roles:
  - { role: filebeat, tags: filebeat }
  vars:
  - { docker_userns_remap: true }
  - { logstash_host: "localhost" }
  - { logstash_port: 5044 }
  - { log_collection: true }

License

AGPL-3

Author Information

Le Filament (https://le-filament.com)