CORD-993
elasticstack role, installs on head node
fix elasticstack/java apt-cacher passthrough
reliability fix for download Glance VM images
more reliable reliability fix
simplify apt-cacher ssl passthrough
apt-cacher defaults in other roles
Change-Id: Ia78d256f562c30539240d12ba163f7af6e375131
diff --git a/cord-automation-playbook.yml b/cord-automation-playbook.yml
index 556adc6..8a5925a 100644
--- a/cord-automation-playbook.yml
+++ b/cord-automation-playbook.yml
@@ -16,7 +16,3 @@
roles:
- { role: automation-integration, when: on_maas }
-- name: Prologue
- hosts: head
- roles:
- - head-prologue
diff --git a/deploy-elasticstack-playbook.yml b/deploy-elasticstack-playbook.yml
new file mode 100644
index 0000000..62c3ac0
--- /dev/null
+++ b/deploy-elasticstack-playbook.yml
@@ -0,0 +1,12 @@
+---
+# deploy-elasticstack-playbook.yml
+# installs elasticstack on the CORD head node
+
+- name: Install elasticstack and apache proxy
+ become: yes
+ hosts: head
+ roles:
+ - java-oracle
+ - elasticstack
+ - apache-proxy
+
diff --git a/profile_manifests/ecord-global.yml b/profile_manifests/ecord-global.yml
index 24c338b..9511aac 100644
--- a/profile_manifests/ecord-global.yml
+++ b/profile_manifests/ecord-global.yml
@@ -138,13 +138,6 @@
- m1.large
- m1.xlarge
-apt_cacher_name: apt-cache
-
-apt_ssl_sites:
- - apt.dockerproject.org
- - butler.opencloud.cs.arizona.edu
- - deb.nodesource.com
-
charm_versions:
ceilometer: "cs:trusty/ceilometer-17"
ceilometer-agent: "cs:trusty/ceilometer-agent-13"
diff --git a/profile_manifests/ecord.yml b/profile_manifests/ecord.yml
index 735c4be..f968997 100644
--- a/profile_manifests/ecord.yml
+++ b/profile_manifests/ecord.yml
@@ -150,13 +150,6 @@
- m1.large
- m1.xlarge
-apt_cacher_name: apt-cache
-
-apt_ssl_sites:
- - apt.dockerproject.org
- - butler.opencloud.cs.arizona.edu
- - deb.nodesource.com
-
charm_versions:
ceilometer: "cs:trusty/ceilometer-17"
ceilometer-agent: "cs:trusty/ceilometer-agent-13"
diff --git a/profile_manifests/opencloud.yml b/profile_manifests/opencloud.yml
index 54b8584..b8776ce 100644
--- a/profile_manifests/opencloud.yml
+++ b/profile_manifests/opencloud.yml
@@ -112,13 +112,6 @@
- m1.large
- m1.xlarge
-apt_cacher_name: apt-cache
-
-apt_ssl_sites:
- - apt.dockerproject.org
- - butler.opencloud.cs.arizona.edu
- - deb.nodesource.com
-
charm_versions:
neutron-api: "cs:~cordteam/trusty/neutron-api-3"
nova-compute: "cs:~cordteam/trusty/nova-compute-2"
diff --git a/profile_manifests/rcord-new.yml b/profile_manifests/rcord-new.yml
index 2ec4413..b07926a 100644
--- a/profile_manifests/rcord-new.yml
+++ b/profile_manifests/rcord-new.yml
@@ -174,13 +174,6 @@
- m1.large
- m1.xlarge
-apt_cacher_name: apt-cache
-
-apt_ssl_sites:
- - apt.dockerproject.org
- - butler.opencloud.cs.arizona.edu
- - deb.nodesource.com
-
charm_versions:
ceilometer: "cs:trusty/ceilometer-17"
ceilometer-agent: "cs:trusty/ceilometer-agent-13"
diff --git a/profile_manifests/rcord.yml b/profile_manifests/rcord.yml
index 9c20247..cd5f904 100644
--- a/profile_manifests/rcord.yml
+++ b/profile_manifests/rcord.yml
@@ -171,13 +171,6 @@
- m1.large
- m1.xlarge
-apt_cacher_name: apt-cache
-
-apt_ssl_sites:
- - apt.dockerproject.org
- - butler.opencloud.cs.arizona.edu
- - deb.nodesource.com
-
charm_versions:
ceilometer: "cs:trusty/ceilometer-17"
ceilometer-agent: "cs:trusty/ceilometer-agent-13"
diff --git a/roles/head-prologue/files/cord-http.conf b/roles/apache-proxy/files/cord-http.conf
similarity index 93%
rename from roles/head-prologue/files/cord-http.conf
rename to roles/apache-proxy/files/cord-http.conf
index 896e10c..d8393b1 100644
--- a/roles/head-prologue/files/cord-http.conf
+++ b/roles/apache-proxy/files/cord-http.conf
@@ -9,11 +9,16 @@
ProxyPassReverseCookiePath "/" "/fabric/"
Header edit Location "(^http[s]?://[^/]*)(\.*)" "$1/fabric$2"
</Location>
-
<Location /fabric/onos/ui/websock/>
ProxyPass "ws://onos-fabric:8181/onos/ui/websock/" disablereuse=on
</Location>
+ # kibana/elasticsearch
+ <Location /kibana>
+ ProxyPass http://localhost:5601
+ ProxyPassReverse http://localhost:5601
+ </Location>
+
# Map /vtn to the onos instance that is controller the cordvtn
# application
<Location /vtn/>
diff --git a/roles/head-prologue/handlers/main.yml b/roles/apache-proxy/handlers/main.yml
similarity index 73%
rename from roles/head-prologue/handlers/main.yml
rename to roles/apache-proxy/handlers/main.yml
index f744763..42875a0 100644
--- a/roles/head-prologue/handlers/main.yml
+++ b/roles/apache-proxy/handlers/main.yml
@@ -1,4 +1,5 @@
---
+# apache-proxy/handlers/main.yml
- name: reload apache2
become: yes
diff --git a/roles/apache-proxy/tasks/main.yml b/roles/apache-proxy/tasks/main.yml
new file mode 100644
index 0000000..ccfdfae
--- /dev/null
+++ b/roles/apache-proxy/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+# apache-proxy/tasks/main.yml
+
+- name: Install Apache
+ apt:
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - apache2
+ - apache2-utils
+
+- name: Enable Apache2 Modules
+ apache2_module:
+ name: "{{ item }}"
+ notify: reload apache2
+ with_items:
+ - proxy
+ - proxy_http
+ - proxy_wstunnel
+ - rewrite
+ - headers
+
+- name: Apache configuration for CORD sites
+ copy:
+ src: files/cord-http.conf
+ dest: /etc/apache2/conf-available/cord-http.conf
+ owner: root
+ group: root
+ mode: 0644
+ notify: reload apache2
+
+- name: Enable CORD Apache Configuration
+ command: a2enconf cord-http
+ register: en_cord_http
+ changed_when: en_cord_http.stdout.find('already enabled') == -1
+ notify: reload apache2
+
diff --git a/roles/apt-cacher-ng/defaults/main.yml b/roles/apt-cacher-ng/defaults/main.yml
index 84d55a4..ec5a1e1 100644
--- a/roles/apt-cacher-ng/defaults/main.yml
+++ b/roles/apt-cacher-ng/defaults/main.yml
@@ -1,6 +1,12 @@
---
# apt-cacher-ng/defaults/main.yml
-apt_cacher_name: 127.0.0.1
+apt_cacher_name: apt-cache
apt_cacher_port: 3142
+apt_ssl_sites:
+ - apt.dockerproject.org
+ - butler.opencloud.cs.arizona.edu
+ - deb.nodesource.com
+ - artifacts.elastic.co
+
diff --git a/roles/apt-cacher-ng/tasks/main.yml b/roles/apt-cacher-ng/tasks/main.yml
index a8b9d90..97bfb7c 100644
--- a/roles/apt-cacher-ng/tasks/main.yml
+++ b/roles/apt-cacher-ng/tasks/main.yml
@@ -3,9 +3,9 @@
- name: Install apt-cacher-ng with apt
apt:
- name={{ item }}
- update_cache=yes
- cache_valid_time=3600
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
with_items:
- apt-cacher-ng
@@ -21,7 +21,12 @@
- name: Configure local system to use apt-cacher-ng
template:
- src=02apt-cacher-ng.j2
- dest=/etc/apt/apt.conf.d/02apt-cacher-ng
- mode=0644 owner=root group=root
+ src: "{{ item }}.j2"
+ dest: "/etc/apt/apt.conf.d/{{ item }}"
+ owner: root
+ group: root
+ mode: "0644"
+ with_items:
+ - 02broken-repos
+ - 03apt-cacher-ng
diff --git a/roles/apt-cacher-ng/templates/02broken-repos.j2 b/roles/apt-cacher-ng/templates/02broken-repos.j2
new file mode 100644
index 0000000..ecbc200
--- /dev/null
+++ b/roles/apt-cacher-ng/templates/02broken-repos.j2
@@ -0,0 +1 @@
+Acquire::http::Proxy { download.oracle.com DIRECT; };
diff --git a/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2 b/roles/apt-cacher-ng/templates/03apt-cacher-ng.j2
similarity index 100%
rename from roles/apt-cacher-ng/templates/02apt-cacher-ng.j2
rename to roles/apt-cacher-ng/templates/03apt-cacher-ng.j2
diff --git a/roles/cord-profile/tasks/main.yml b/roles/cord-profile/tasks/main.yml
index cf52f82..5e68101 100644
--- a/roles/cord-profile/tasks/main.yml
+++ b/roles/cord-profile/tasks/main.yml
@@ -87,6 +87,10 @@
checksum: "{{ item.checksum }}"
dest: "{{ image_dir }}/{{ item.name }}.qcow2"
with_items: "{{ xos_images }}"
+ register: glance_vm_result
+ until: glance_vm_result|success
+ retries: 5
+ delay: 10
- name: Copy Glance VM images to profile directory
when: use_openstack
diff --git a/roles/create-lxd/defaults/main.yml b/roles/create-lxd/defaults/main.yml
new file mode 100644
index 0000000..86dcbc2
--- /dev/null
+++ b/roles/create-lxd/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+# create-lxd/defaults/main.yml
+
+apt_cacher_name: apt-cache
+
diff --git a/roles/elasticstack/files/10-udp-input.conf b/roles/elasticstack/files/10-udp-input.conf
new file mode 100644
index 0000000..d144f5b
--- /dev/null
+++ b/roles/elasticstack/files/10-udp-input.conf
@@ -0,0 +1,6 @@
+input {
+ udp {
+ port => 5617
+ codec => json
+ }
+}
diff --git a/roles/elasticstack/files/11-log4j-input.conf b/roles/elasticstack/files/11-log4j-input.conf
new file mode 100644
index 0000000..2d11577
--- /dev/null
+++ b/roles/elasticstack/files/11-log4j-input.conf
@@ -0,0 +1,15 @@
+input {
+ log4j {
+ port => 4560
+ type => "log4j"
+ }
+}
+
+filter {
+ mutate {
+ rename => {"priority" => "level"}
+ rename => {"bundle.id" => "bundle_id"}
+ rename => {"bundle.name" => "bundle_name"}
+ rename => {"bundle.version" => "bundle_version"}
+ }
+}
diff --git a/roles/elasticstack/files/12-syslog-input.conf b/roles/elasticstack/files/12-syslog-input.conf
new file mode 100644
index 0000000..d2331a8
--- /dev/null
+++ b/roles/elasticstack/files/12-syslog-input.conf
@@ -0,0 +1,6 @@
+input {
+ syslog {
+ port => 2514
+ type => "syslog"
+ }
+}
diff --git a/roles/elasticstack/files/30-elasticsearch-output.conf b/roles/elasticstack/files/30-elasticsearch-output.conf
new file mode 100644
index 0000000..ab51625
--- /dev/null
+++ b/roles/elasticstack/files/30-elasticsearch-output.conf
@@ -0,0 +1,4 @@
+output {
+ elasticsearch { hosts => ["localhost:9200"] }
+ stdout { codec => rubydebug }
+}
diff --git a/roles/elasticstack/files/elastic.asc b/roles/elasticstack/files/elastic.asc
new file mode 100644
index 0000000..d6c2bb3
--- /dev/null
+++ b/roles/elasticstack/files/elastic.asc
@@ -0,0 +1,32 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.14 (GNU/Linux)
+
+mQENBFI3HsoBCADXDtbNJnxbPqB1vDNtCsqhe49vFYsZN9IOZsZXgp7aHjh6CJBD
+A+bGFOwyhbd7at35jQjWAw1O3cfYsKAmFy+Ar3LHCMkV3oZspJACTIgCrwnkic/9
+CUliQe324qvObU2QRtP4Fl0zWcfb/S8UYzWXWIFuJqMvE9MaRY1bwUBvzoqavLGZ
+j3SF1SPO+TB5QrHkrQHBsmX+Jda6d4Ylt8/t6CvMwgQNlrlzIO9WT+YN6zS+sqHd
+1YK/aY5qhoLNhp9G/HxhcSVCkLq8SStj1ZZ1S9juBPoXV1ZWNbxFNGwOh/NYGldD
+2kmBf3YgCqeLzHahsAEpvAm8TBa7Q9W21C8vABEBAAG0RUVsYXN0aWNzZWFyY2gg
+KEVsYXN0aWNzZWFyY2ggU2lnbmluZyBLZXkpIDxkZXZfb3BzQGVsYXN0aWNzZWFy
+Y2gub3JnPokBOAQTAQIAIgUCUjceygIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgEC
+F4AACgkQ0n1mbNiOQrRzjAgAlTUQ1mgo3nK6BGXbj4XAJvuZDG0HILiUt+pPnz75
+nsf0NWhqR4yGFlmpuctgCmTD+HzYtV9fp9qW/bwVuJCNtKXk3sdzYABY+Yl0Cez/
+7C2GuGCOlbn0luCNT9BxJnh4mC9h/cKI3y5jvZ7wavwe41teqG14V+EoFSn3NPKm
+TxcDTFrV7SmVPxCBcQze00cJhprKxkuZMPPVqpBS+JfDQtzUQD/LSFfhHj9eD+Xe
+8d7sw+XvxB2aN4gnTlRzjL1nTRp0h2/IOGkqYfIG9rWmSLNlxhB2t+c0RsjdGM4/
+eRlPWylFbVMc5pmDpItrkWSnzBfkmXL3vO2X3WvwmSFiQbkBDQRSNx7KAQgA5JUl
+zcMW5/cuyZR8alSacKqhSbvoSqqbzHKcUQZmlzNMKGTABFG1yRx9r+wa/fvqP6OT
+RzRDvVS/cycws8YX7Ddum7x8uI95b9ye1/Xy5noPEm8cD+hplnpU+PBQZJ5XJ2I+
+1l9Nixx47wPGXeClLqcdn0ayd+v+Rwf3/XUJrvccG2YZUiQ4jWZkoxsA07xx7Bj+
+Lt8/FKG7sHRFvePFU0ZS6JFx9GJqjSBbHRRkam+4emW3uWgVfZxuwcUCn1ayNgRt
+KiFv9jQrg2TIWEvzYx9tywTCxc+FFMWAlbCzi+m4WD+QUWWfDQ009U/WM0ks0Kww
+EwSk/UDuToxGnKU2dQARAQABiQEfBBgBAgAJBQJSNx7KAhsMAAoJENJ9ZmzYjkK0
+c3MIAIE9hAR20mqJWLcsxLtrRs6uNF1VrpB+4n/55QU7oxA1iVBO6IFu4qgsF12J
+TavnJ5MLaETlggXY+zDef9syTPXoQctpzcaNVDmedwo1SiL03uMoblOvWpMR/Y0j
+6rm7IgrMWUDXDPvoPGjMl2q1iTeyHkMZEyUJ8SKsaHh4jV9wp9KmC8C+9CwMukL7
+vM5w8cgvJoAwsp3Fn59AxWthN3XJYcnMfStkIuWgR7U2r+a210W6vnUxU4oN0PmM
+cursYPyeV0NX/KQeUeNMwGTFB6QHS/anRaGQewijkrYYoTNtfllxIu9XYmiBERQ/
+qPDlGRlOgVTd9xUfHFkzB52c70E=
+=92oX
+-----END PGP PUBLIC KEY BLOCK-----
+
diff --git a/roles/elasticstack/handlers/main.yml b/roles/elasticstack/handlers/main.yml
new file mode 100644
index 0000000..8705249
--- /dev/null
+++ b/roles/elasticstack/handlers/main.yml
@@ -0,0 +1,18 @@
+---
+# elasticstack/handlers/main.yml
+
+- name: restart logstash
+ service:
+ name: logstash
+ state: restarted
+
+- name: restart elasticsearch
+ service:
+ name: elasticsearch
+ state: restarted
+
+- name: restart kibana
+ service:
+ name: kibana
+ state: restarted
+
diff --git a/roles/elasticstack/tasks/main.yml b/roles/elasticstack/tasks/main.yml
new file mode 100644
index 0000000..2486881
--- /dev/null
+++ b/roles/elasticstack/tasks/main.yml
@@ -0,0 +1,56 @@
+---
+# elasticstack/tasks/main.yml
+
+- name: Add ElasticStack apt-key
+ apt_key:
+ data: "{{ lookup('file','elastic.asc') }}"
+ state: present
+
+- name: Add ElasticStack repositories
+ apt_repository:
+ repo: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+
+- name: Install ElasticStack
+ apt:
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - elasticsearch
+ - kibana
+ - logstash
+
+- name: Configure Kibana for HTTP proxy
+ lineinfile:
+ dest: /etc/kibana/kibana.yml
+ regexp: '^server.basePath:'
+ line: 'server.basePath: "/kibana"'
+ insertafter: '^#server.basePath*'
+ notify:
+ - restart kibana
+
+- name: Configure Logstash inputs and outputs
+ copy:
+ src: "{{ item }}"
+ dest: "/etc/logstash/conf.d/{{ item }}"
+ owner: root
+ group: root
+ mode: "0644"
+ with_items:
+ - 10-udp-input.conf
+ - 11-log4j-input.conf
+ - 12-syslog-input.conf
+ - 30-elasticsearch-output.conf
+ notify:
+ - restart logstash
+
+- name: Start ElasticStack
+ service:
+ name: "{{ item }}"
+ enabled: yes
+ state: started
+ with_items:
+ - logstash
+ - elasticsearch
+ - kibana
+
diff --git a/roles/head-prologue/tasks/main.yml b/roles/head-prologue/tasks/main.yml
deleted file mode 100644
index 9a5464d..0000000
--- a/roles/head-prologue/tasks/main.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-
-# If using a MAAS based POD deployment then copy over an apache configuration
-# that forwards to the various UIs
-- name: Ensure CORD Apache Configuration
- become: yes
- copy:
- src: files/cord-http.conf
- dest: /etc/apache2/conf-available/cord-http.conf
- owner: root
- group: root
- mode: 0644
- notify: reload apache2
- when: on_maas
-
-- name: Ensure Modules
- become: yes
- command: a2enmod {{ item }}
- register: mod_proxy
- changed_when: mod_proxy.stdout.find('already enabled') == -1
- notify: reload apache2
- when: on_maas
- with_items:
- - proxy
- - proxy_http
- - proxy_wstunnel
- - rewrite
- - headers
-
-- name: Enable CORD Apache Configuration
- become: yes
- command: a2enconf cord-http
- register: en_cord_http
- changed_when: en_cord_http.stdout.find('already enabled') == -1
- notify: reload apache2
- when: on_maas
diff --git a/roles/java-oracle/tasks/main.yml b/roles/java-oracle/tasks/main.yml
new file mode 100644
index 0000000..5df626c
--- /dev/null
+++ b/roles/java-oracle/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+# java-oracle/tasks/main
+
+- name: Install add-apt-repository
+ become: yes
+ apt:
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - apt-transport-https
+ - software-properties-common
+ - ca-certificates
+
+- name: Add Oracle Java repository
+ become: yes
+ apt_repository:
+ repo: 'ppa:webupd8team/java'
+ register: result
+ until: result | success
+ retries: 3
+ delay: 10
+
+- name: Accept Java 8 license
+ become: yes
+ debconf:
+ name: 'oracle-java8-installer'
+ question: 'shared/accepted-oracle-license-v1-1'
+ value: 'true'
+ vtype: 'select'
+
+- name: Install Oracle Java 8
+ become: yes
+ apt:
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - oracle-java8-installer
+ - oracle-java8-set-default
+
diff --git a/roles/onos-cord-install/defaults/main.yml b/roles/onos-cord-install/defaults/main.yml
index adcf4de..9b43adc 100644
--- a/roles/onos-cord-install/defaults/main.yml
+++ b/roles/onos-cord-install/defaults/main.yml
@@ -10,7 +10,7 @@
node_private_key: "{{ ansible_user_dir }}/node_key"
-# log host is currently set to IP of `elastic` VM, created by build repo
-logging_host: "10.100.198.222"
+# logging_host should be set to DNS or IP addr of logstash host
+logging_host: "cordloghost"
log4j_port: 4560