CORD-993
elasticstack role, installs on head node
fix elasticstack/java apt-cacher passthrough
reliability fix for download Glance VM images
more reliable reliability fix
simplify apt-cacher ssl passthrough
apt-cacher defaults in other roles
Change-Id: Ia78d256f562c30539240d12ba163f7af6e375131
diff --git a/roles/elasticstack/files/10-udp-input.conf b/roles/elasticstack/files/10-udp-input.conf
new file mode 100644
index 0000000..d144f5b
--- /dev/null
+++ b/roles/elasticstack/files/10-udp-input.conf
@@ -0,0 +1,6 @@
+input {
+ udp {
+ port => 5617
+ codec => json
+ }
+}
diff --git a/roles/elasticstack/files/11-log4j-input.conf b/roles/elasticstack/files/11-log4j-input.conf
new file mode 100644
index 0000000..2d11577
--- /dev/null
+++ b/roles/elasticstack/files/11-log4j-input.conf
@@ -0,0 +1,15 @@
+input {
+ log4j {
+ port => 4560
+ type => "log4j"
+ }
+}
+
+filter {
+ mutate {
+ rename => {"priority" => "level"}
+ rename => {"bundle.id" => "bundle_id"}
+ rename => {"bundle.name" => "bundle_name"}
+ rename => {"bundle.version" => "bundle_version"}
+ }
+}
diff --git a/roles/elasticstack/files/12-syslog-input.conf b/roles/elasticstack/files/12-syslog-input.conf
new file mode 100644
index 0000000..d2331a8
--- /dev/null
+++ b/roles/elasticstack/files/12-syslog-input.conf
@@ -0,0 +1,6 @@
+input {
+ syslog {
+ port => 2514
+ type => "syslog"
+ }
+}
diff --git a/roles/elasticstack/files/30-elasticsearch-output.conf b/roles/elasticstack/files/30-elasticsearch-output.conf
new file mode 100644
index 0000000..ab51625
--- /dev/null
+++ b/roles/elasticstack/files/30-elasticsearch-output.conf
@@ -0,0 +1,4 @@
+output {
+ elasticsearch { hosts => ["localhost:9200"] }
+ stdout { codec => rubydebug }
+}
diff --git a/roles/elasticstack/files/elastic.asc b/roles/elasticstack/files/elastic.asc
new file mode 100644
index 0000000..d6c2bb3
--- /dev/null
+++ b/roles/elasticstack/files/elastic.asc
@@ -0,0 +1,32 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.14 (GNU/Linux)
+
+mQENBFI3HsoBCADXDtbNJnxbPqB1vDNtCsqhe49vFYsZN9IOZsZXgp7aHjh6CJBD
+A+bGFOwyhbd7at35jQjWAw1O3cfYsKAmFy+Ar3LHCMkV3oZspJACTIgCrwnkic/9
+CUliQe324qvObU2QRtP4Fl0zWcfb/S8UYzWXWIFuJqMvE9MaRY1bwUBvzoqavLGZ
+j3SF1SPO+TB5QrHkrQHBsmX+Jda6d4Ylt8/t6CvMwgQNlrlzIO9WT+YN6zS+sqHd
+1YK/aY5qhoLNhp9G/HxhcSVCkLq8SStj1ZZ1S9juBPoXV1ZWNbxFNGwOh/NYGldD
+2kmBf3YgCqeLzHahsAEpvAm8TBa7Q9W21C8vABEBAAG0RUVsYXN0aWNzZWFyY2gg
+KEVsYXN0aWNzZWFyY2ggU2lnbmluZyBLZXkpIDxkZXZfb3BzQGVsYXN0aWNzZWFy
+Y2gub3JnPokBOAQTAQIAIgUCUjceygIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgEC
+F4AACgkQ0n1mbNiOQrRzjAgAlTUQ1mgo3nK6BGXbj4XAJvuZDG0HILiUt+pPnz75
+nsf0NWhqR4yGFlmpuctgCmTD+HzYtV9fp9qW/bwVuJCNtKXk3sdzYABY+Yl0Cez/
+7C2GuGCOlbn0luCNT9BxJnh4mC9h/cKI3y5jvZ7wavwe41teqG14V+EoFSn3NPKm
+TxcDTFrV7SmVPxCBcQze00cJhprKxkuZMPPVqpBS+JfDQtzUQD/LSFfhHj9eD+Xe
+8d7sw+XvxB2aN4gnTlRzjL1nTRp0h2/IOGkqYfIG9rWmSLNlxhB2t+c0RsjdGM4/
+eRlPWylFbVMc5pmDpItrkWSnzBfkmXL3vO2X3WvwmSFiQbkBDQRSNx7KAQgA5JUl
+zcMW5/cuyZR8alSacKqhSbvoSqqbzHKcUQZmlzNMKGTABFG1yRx9r+wa/fvqP6OT
+RzRDvVS/cycws8YX7Ddum7x8uI95b9ye1/Xy5noPEm8cD+hplnpU+PBQZJ5XJ2I+
+1l9Nixx47wPGXeClLqcdn0ayd+v+Rwf3/XUJrvccG2YZUiQ4jWZkoxsA07xx7Bj+
+Lt8/FKG7sHRFvePFU0ZS6JFx9GJqjSBbHRRkam+4emW3uWgVfZxuwcUCn1ayNgRt
+KiFv9jQrg2TIWEvzYx9tywTCxc+FFMWAlbCzi+m4WD+QUWWfDQ009U/WM0ks0Kww
+EwSk/UDuToxGnKU2dQARAQABiQEfBBgBAgAJBQJSNx7KAhsMAAoJENJ9ZmzYjkK0
+c3MIAIE9hAR20mqJWLcsxLtrRs6uNF1VrpB+4n/55QU7oxA1iVBO6IFu4qgsF12J
+TavnJ5MLaETlggXY+zDef9syTPXoQctpzcaNVDmedwo1SiL03uMoblOvWpMR/Y0j
+6rm7IgrMWUDXDPvoPGjMl2q1iTeyHkMZEyUJ8SKsaHh4jV9wp9KmC8C+9CwMukL7
+vM5w8cgvJoAwsp3Fn59AxWthN3XJYcnMfStkIuWgR7U2r+a210W6vnUxU4oN0PmM
+cursYPyeV0NX/KQeUeNMwGTFB6QHS/anRaGQewijkrYYoTNtfllxIu9XYmiBERQ/
+qPDlGRlOgVTd9xUfHFkzB52c70E=
+=92oX
+-----END PGP PUBLIC KEY BLOCK-----
+
diff --git a/roles/elasticstack/handlers/main.yml b/roles/elasticstack/handlers/main.yml
new file mode 100644
index 0000000..8705249
--- /dev/null
+++ b/roles/elasticstack/handlers/main.yml
@@ -0,0 +1,18 @@
+---
+# elasticstack/handlers/main.yml
+
+- name: restart logstash
+ service:
+ name: logstash
+ state: restarted
+
+- name: restart elasticsearch
+ service:
+ name: elasticsearch
+ state: restarted
+
+- name: restart kibana
+ service:
+ name: kibana
+ state: restarted
+
diff --git a/roles/elasticstack/tasks/main.yml b/roles/elasticstack/tasks/main.yml
new file mode 100644
index 0000000..2486881
--- /dev/null
+++ b/roles/elasticstack/tasks/main.yml
@@ -0,0 +1,56 @@
+---
+# elasticstack/tasks/main.yml
+
+- name: Add ElasticStack apt-key
+ apt_key:
+ data: "{{ lookup('file','elastic.asc') }}"
+ state: present
+
+- name: Add ElasticStack repositories
+ apt_repository:
+ repo: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+
+- name: Install ElasticStack
+ apt:
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - elasticsearch
+ - kibana
+ - logstash
+
+- name: Configure Kibana for HTTP proxy
+ lineinfile:
+ dest: /etc/kibana/kibana.yml
+ regexp: '^server.basePath:'
+ line: 'server.basePath: "/kibana"'
+ insertafter: '^#server.basePath*'
+ notify:
+ - restart kibana
+
+- name: Configure Logstash inputs and outputs
+ copy:
+ src: "{{ item }}"
+ dest: "/etc/logstash/conf.d/{{ item }}"
+ owner: root
+ group: root
+ mode: "0644"
+ with_items:
+ - 10-udp-input.conf
+ - 11-log4j-input.conf
+ - 12-syslog-input.conf
+ - 30-elasticsearch-output.conf
+ notify:
+ - restart logstash
+
+- name: Start ElasticStack
+ service:
+ name: "{{ item }}"
+ enabled: yes
+ state: started
+ with_items:
+ - logstash
+ - elasticsearch
+ - kibana
+