diff --git a/README.md b/README.md index 3f6527b..06fc782 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,27 @@ An Ansible Role that installs Elasticsearch on RedHat/CentOS or Debian/Ubuntu. None. ## Role Variables +Available variables are listed below, along with default values (see +`defaults/main.yml`): -None. + elasticsearch_network_host: localhost + +Network host to listen for incoming connections on. By default we only listen +on the localhost interface. Change this to the IP address to listen on a +specific interface, or `0.0.0.0` to listen on all interfaces. + + elasticsearch_http_port: 9200 + +The port to listen for HTTP connections on. + + elasticsearch_script_inline: true + elasticsearch_script_indexed: true + +Whether to allow inline scripting against ElasticSearch. You should read the +following link as there are possible security implications for enabling these +options: [Enable Dynamic +Scripting](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-scripting.html#enable-dynamic-scripting). +Available options are: `true`, `false`, `sandbox`. ## Dependencies @@ -29,4 +48,5 @@ MIT / BSD ## Author Information -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). +This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), +author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..758877f --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,5 @@ +--- +elasticsearch_network_host: localhost +elasticsearch_http_port: 9200 +elasticsearch_script_inline: true +elasticsearch_script_indexed: true diff --git a/tasks/main.yml b/tasks/main.yml index 0c34264..a4ce2d0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,15 +6,12 @@ when: ansible_os_family == 'Debian' - name: Configure Elasticsearch. - lineinfile: > - dest=/etc/elasticsearch/elasticsearch.yml - regexp="{{ item.regexp }}" - line="{{ item.line }}" - state=present - with_items: - - { regexp: '^script\.inline', line: 'script.inline: on' } - - { regexp: '^script\.indexed', line: 'script.indexed: on' } - - { regexp: 'network\.host', line: 'network.host: localhost' } + template: + src: elasticsearch.yml.j2 + dest: /etc/elasticsearch/elasticsearch.yml + owner: root + group: elasticsearch + mode: 0750 notify: restart elasticsearch - name: Start Elasticsearch. diff --git a/templates/elasticsearch.yml.j2 b/templates/elasticsearch.yml.j2 new file mode 100644 index 0000000..58182a1 --- /dev/null +++ b/templates/elasticsearch.yml.j2 @@ -0,0 +1,97 @@ +# {{ ansible_managed }} +# ======================== Elasticsearch Configuration ========================= +# +# NOTE: Elasticsearch comes with reasonable defaults for most settings. +# Before you set out to tweak and tune the configuration, make sure you +# understand what are you trying to accomplish and the consequences. +# +# The primary way of configuring a node is via this file. This template lists +# the most important settings you may want to configure for a production cluster. +# +# Please see the documentation for further information on configuration options: +# +# +# ---------------------------------- Cluster ----------------------------------- +# +# Use a descriptive name for your cluster: +# +# cluster.name: my-application +# +# ------------------------------------ Node ------------------------------------ +# +# Use a descriptive name for the node: +# +# node.name: node-1 +# +# Add custom attributes to the node: +# +# node.rack: r1 +# +# ----------------------------------- Paths ------------------------------------ +# +# Path to directory where to store the data (separate multiple locations by comma): +# +# path.data: /path/to/data +# +# Path to log files: +# +# path.logs: /path/to/logs +# +# ----------------------------------- Memory ----------------------------------- +# +# Lock the memory on startup: +# +# bootstrap.mlockall: true +# +# Make sure that the `ES_HEAP_SIZE` environment variable is set to about half the memory +# available on the system and that the owner of the process is allowed to use this limit. +# +# Elasticsearch performs poorly when the system is swapping the memory. +# +# ---------------------------------- Network ----------------------------------- +# +# Set the bind address to a specific IP (IPv4 or IPv6): +# +network.host: {{ elasticsearch_network_host }} +# +# Set a custom port for HTTP: +# +http.port: {{ elasticsearch_http_port }} +# +# For more information, see the documentation at: +# +# +# --------------------------------- Discovery ---------------------------------- +# +# Pass an initial list of hosts to perform discovery when new node is started: +# The default list of hosts is ["127.0.0.1", "[::1]"] +# +# discovery.zen.ping.unicast.hosts: ["host1", "host2"] +# +# Prevent the "split brain" by configuring the majority of nodes (total number of nodes / 2 + 1): +# +# discovery.zen.minimum_master_nodes: 3 +# +# For more information, see the documentation at: +# +# +# ---------------------------------- Gateway ----------------------------------- +# +# Block initial recovery after a full cluster restart until N nodes are started: +# +# gateway.recover_after_nodes: 3 +# +# For more information, see the documentation at: +# +# +# ---------------------------------- Various ----------------------------------- +# +# Disable starting multiple nodes on a single system: +# +# node.max_local_storage_nodes: 1 +# +# Require explicit names when deleting indices: +# +# action.destructive_requires_name: true +script.inline: {{ elasticsearch_script_inline }} +script.indexed: {{ elasticsearch_script_indexed }}