Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor the beats role #1

Merged
merged 4 commits into from
Jul 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions .ansible-lint
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
skip_list:
- 'risky-shell-pipe'
- 'role-name'

warn_list:
- name[template]
- package-latest
- unnamed-task
- command-instead-of-shell
- no-handler
25 changes: 25 additions & 0 deletions .envrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/usr/bin/env zsh
set -e

if [ ! -f venv-ansible-beats/bin/activate ]
then
echo "Creating a virtual Python environment"
python3 -m venv venv-ansible-beats >/dev/null
fi

if [ -f venv-ansible-beats/bin/activate ]
then
echo "Activating the Python virtual environment"
. venv-ansible-beats/bin/activate
fi

if [ -f venv-ansible-beats/bin/pip3 ]
then
echo "Installing Python requirements"
venv-ansible-beats/bin/pip3 install --upgrade pip 1> /dev/null
venv-ansible-beats/bin/pip3 install -r requirements.txt 1> /dev/null
fi

export ANSIBLE_ROLES_PATH=roles
export ANSIBLE_COLLECTIONS_PATH=collections
export ANSIBLE_HASH_BEHAVIOUR=merge
45 changes: 45 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
---
name: Test
run-name: Run molecule tests on the role
on:
push:
workflow_dispatch:

env:
ANSIBLE_ROLES_PATH: roles
ANSIBLE_HASH_BEHAVIOUR: merge

jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install dependencies.
run: pip install -r requirements.txt

- name: Run ansible-lint
run: "ansible-lint"

molecule:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install dependencies.
run: pip install -r requirements.txt

- name: Run molecule
run: "molecule test"
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,5 @@
*.pyc
.DS_Store
roles
collections
venv*
6 changes: 6 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
repos:
- repo: https://github.com/ansible/ansible-lint.git
rev: v6.17.2
hooks:
- id: ansible-lint
33 changes: 33 additions & 0 deletions .yamllint
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
---
# Based on ansible-lint config
extends: default

rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
colons:
max-spaces-after: -1
level: error
commas:
max-spaces-after: -1
level: error
comments: disable
comments-indentation: disable
document-start: disable
empty-lines:
max: 3
level: error
hyphens:
level: error
indentation: disable
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
truthy: disable
28 changes: 24 additions & 4 deletions defaults/main.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
---
beats:
version: 7
repository:
apt:
key_url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
repository: |
deb https://artifacts.elastic.co/packages/7.x/apt stable main
https://artifacts.elastic.co/packages/{{ vars.beats.version }}.x/apt
metricbeat:
enabled: no
prefix:
Expand All @@ -23,7 +25,13 @@ metricbeat:
ilm:
enabled: no
metricbeat:
modules: "{{ metricbeat_modules.values()|selectattr('enabled', 'eq', true)|beatsclient_delete_key_from_dicts('enabled')|list }}"
modules: >-
{{
metricbeat_modules.values() |
selectattr('enabled', 'eq', true) |
beatsclient_delete_key_from_dicts('enabled') |
list
}}
fields:
log: metricbeat
fields_under_root: true
Expand Down Expand Up @@ -53,8 +61,20 @@ filebeat:
ilm:
enabled: no
filebeat:
inputs: "{{ filebeat_inputs.values()|selectattr('enabled', 'eq', true)|beatsclient_delete_key_from_dicts('enabled')|list }}"
modules: "{{ filebeat_modules.values()|selectattr('enabled', 'eq', true)|beatsclient_delete_key_from_dicts('enabled')|list }}"
inputs: >-
{{
filebeat_inputs.values() |
selectattr('enabled', 'eq', true) |
beatsclient_delete_key_from_dicts('enabled') |
list
}}
modules: >-
{{
filebeat_modules.values() |
selectattr('enabled', 'eq', true) |
beatsclient_delete_key_from_dicts('enabled') |
list
}}
filebeat_inputs:
varnish-access:
enabled: no
Expand Down
9 changes: 5 additions & 4 deletions handlers/main.yaml
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
---
- name: Restart Metricbeat
service:
ansible.builtin.service:
name: metricbeat
state: restarted
when: not metricbeat_service_start_result.changed|default(false)
when: not metricbeat_service_start_result.changed | default(false)

- name: Restart Filebeat
service:
ansible.builtin.service:
name: filebeat
state: restarted
when: not filebeat_service_start_result.changed|default(false)
when: not filebeat_service_start_result.changed | default(false)
12 changes: 12 additions & 0 deletions meta/.requirements.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
collections:
- name: https://github.com/ansible-collections/community.general
type: git
- name: https://github.com/ansible-collections/community.crypto
type: git
- name: https://github.com/ansible-collections/ansible.posix
type: git
- name: https://github.com/ansible-collections/community.mysql
type: git
- name: https://github.com/ansible-collections/community.docker
type: git
8 changes: 8 additions & 0 deletions meta/main.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
galaxy_info:
author: "Punkt.de"
license: ""
description: "Beats role for Proserver"
role_name: "proserver_beats"
namespace: "punktde"
min_ansible_version: "2.15"
14 changes: 14 additions & 0 deletions molecule/default/converge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
---
- name: Converge
hosts: all
vars:
metricbeat:
enabled: yes
filebeat:
enabled: yes
environment:
GITHUB_ACTIONS: "maybe"
tasks:
- name: "Include ansible-proserver-beats"
ansible.builtin.include_role:
name: "ansible-proserver-beats"
21 changes: 21 additions & 0 deletions molecule/default/molecule.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
dependency:
name: shell
command: ansible-galaxy install -r meta/.requirements.yml -p roles/ --force
driver:
name: docker
platforms:
- name: instance
image: geerlingguy/docker-ubuntu2204-ansible
command: /lib/systemd/systemd
pre_build_image: true
privileged: true
cgroupns_mode: host
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
verifier:
name: ansible
10 changes: 10 additions & 0 deletions molecule/default/verify.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
# This is an example playbook to execute Ansible tests.

- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
ansible.builtin.assert:
that: true
6 changes: 6 additions & 0 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
ansible
docker
molecule
molecule-plugins
ansible-lint
yamllint
39 changes: 19 additions & 20 deletions tasks/filebeat.yaml
Original file line number Diff line number Diff line change
@@ -1,45 +1,44 @@
---
- name: Install Filebeat
when: ansible_distribution == 'Ubuntu'
apt:
when: ansible_os_family == 'Debian'
ansible.builtin.apt:
name: filebeat
update_cache: yes

- name: Create directories for Filebeat
when: ansible_os_family == 'FreeBSD'
loop:
- "{{ filebeat.prefix.config }}"
- "{{ filebeat.config.path.logs }}"
file:
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: "root"
mode: "0755"
notify: Restart Filebeat

- name: Template Filebeat config
loop:
- src: filebeat/filebeat.yml
dest: "{{ filebeat.prefix.config }}/filebeat.yml"
loop_control:
label: "{{ item.dest }}"
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
ansible.builtin.template:
src: filebeat/filebeat.yml
dest: "{{ filebeat.prefix.config }}/filebeat.yml"
mode: o-r
owner: "root"
notify: Restart Filebeat

- name: Configure Filebeat service
when: ansible_os_family == 'FreeBSD'
loop:
- src: rc.conf.d/filebeat
dest: /usr/local/etc/rc.conf.d/filebeat
loop_control:
label: "{{ item.dest }}"
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
ansible.builtin.template:
src: rc.conf.d/filebeat
dest: /usr/local/etc/rc.conf.d/filebeat
owner: "root"
mode: "0755"
notify: Restart Filebeat

- name: Enable and start Filebeat
service:
ansible.builtin.service:
name: filebeat
state: started
enabled: yes
register: filebeat_service_start_result
tags:
- molecule-idempotence-notest
13 changes: 10 additions & 3 deletions tasks/main.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
- import_tasks: repository.yaml
- import_tasks: metricbeat.yaml
---
- name: Set up beats repository
ansible.builtin.include_tasks: repository.yaml
when: ansible_os_family == 'Debian' and (metricbeat.enabled or filebeat.enabled)

- name: Set up Metricbeat
ansible.builtin.include_tasks: metricbeat.yaml
when: metricbeat.enabled
- import_tasks: filebeat.yaml

- name: Set up Filebeat
ansible.builtin.include_tasks: filebeat.yaml
when: filebeat.enabled
Loading
Loading