ansible-collection-elasticstack/molecule/elasticstack_default/converge.yml at b44a45320499544eda7e6d08cd781dcca1f20a7f · NETWAYS/ansible-collection-elasticstack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
---

# The workaround for arbitrarily named role directory is important because the
# git repo has one name and the role within it another
# Found at:
# https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722

- name: Converge
  collections:
    - netways.elasticstack
  hosts: all
  vars:
    elasticsearch_jna_workaround: true
    elasticsearch_disable_systemcallfilterchecks: true
    elasticsearch_tls_key_passphrase: 'test$var@test' # to test escaping
    elasticsearch_monitoring_enabled: false
    elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
    elasticsearch_heap: "2"
    elasticstack_full_stack: true
    elasticstack_no_log: false
    logstash_pipeline_unsafe_shutdown: true
    beats_filebeat_syslog_udp: true
    beats_filebeat_syslog_tcp: true
    beats_filebeat_modules:
      - system
    beats_fields:
      - "testbed: molecule"
    kibana_extra_config: |-
      ops.interval: 5000
  tasks:
    - name: Enable Elastic installation on RHEL 9
      ansible.builtin.set_fact:
        elasticstack_rpm_workaround: true
      when: ansible_os_family == 'RedHat' and ansible_distribution_major_version >= "9"
    - name: Include Redis
      ansible.builtin.include_role:
        name: geerlingguy.redis
    - name: Include Elastic Repos
      ansible.builtin.include_role:
        name: repos
    - name: Include Elasticsearch role
      ansible.builtin.include_role:
        name: elasticsearch
    - name: Include logstash
      ansible.builtin.include_role:
        name: logstash
    - name: Include kibana
      ansible.builtin.include_role:
        name: kibana
    - name: Include Beats
      ansible.builtin.include_role:
        name: beats
    - name: Install rsyslog
      ansible.builtin.package:
        name: rsyslog
    - name: Remove cache # noqa: risky-shell-pipe
      ansible.builtin.shell: >
        if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
        rm -rf /var/cache/*
      changed_when: false
    - name: Configure rsyslog
      ansible.builtin.lineinfile:
        line: "*.* @@localhost:514"
        path: /etc/rsyslog.conf
    - name: Start rsyslog
      ansible.builtin.service:
        name: rsyslog
        state: started