First setup of kibana

2025-02-08 00:05:11 +01:00 · 2025-02-08 00:05:11 +01:00 · 5b75354980
commit 5b75354980
parent 7660461501
8 changed files with 263 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,76 @@
 ---
 cloud_apps: /opt
 cloud_storage: /opt/storage
 cloud_stage: prod
 cloud_update: false
 elastic_version: 8.17.1
 kibana_platform_suffix: linux-x86_64
 kibana_data_location: "{{ cloud_storage }}/kibana-data"
 kibana_logs_location: "{{ cloud_storage }}/kibana-logs"
 kibana_source: "https://artifacts.elastic.co/downloads/kibana"
 kibana_log_filesize: 256mb
 kibana_log_rotationcount: 10
 kibana_log_level: info
 kibana_config_server:
  port: 5601
  host: "localhost"
 #  basePath: ""
 #  rewriteBasePath: false
 #  publicBaseUrl: ""
  maxPayload: 1048576
  name: "{{ cloud_name | default('elasticsearch') | split('-') | map('title') | join(' ') }} {{ cloud_stage | title }}"
 #  ssl:
 #    enable: false
 #    certificate: /path/to/your/server.crt
 #    key: /path/to/your/server.key
 kibana_config_elasticsearch:
  hosts:
    - http://cloud-elastic-0.local:9200
  username: "kibana_system"
  password: "pass"
  requestTimeout: 30000
  pingTimeout: 1500
  maxSockets: 1024
  compression: false
  requestHeadersWhitelist: 
    - authorization
  customHeaders: {}
  shardTimeout: 30000
  ssl:
    enable: true
    keystore:
      path: /path/to/your/keystore.p12
      password: ""
    verificationMode: certificate
 kibana_config_logging:
  root:
    level: "{{ kibana_log_level }}"
  appenders:
    default:
      type: rolling-file
      fileName: "{{ kibana_logs_location }}/kibana.log"
      policy:
        type: size-limit
        size: "{{ kibana_log_filesize }}"
      strategy:
        type: numeric
        max: "{{ kibana_log_rotationcount }}"
      layout:
        type: json
  loggers:
    - name: elasticsearch.query
      level: "{{ kibana_log_level }}"
    - name: http.server.response
      level: "{{ kibana_log_level }}"
    - name: metrics.ops
      level: "{{ kibana_log_level }}"
  browser:
    root:
      level: "{{ kibana_log_level }}"
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -0,0 +1,5 @@
 ---
 - name: restart kibana
  systemd:
    name: kibana
    state: restarted
--- a/meta/main.yml
+++ b/meta/main.yml
@ -0,0 +1,15 @@
 ---
 galaxy_info:
  role_name: kibana
  namespace: hahn-cloud
  author: Lars Hahn
  company: OpenDevChain
  license: MIT
  description: Role to setup kibana node/cluster
  min_ansible_version: 2.7
  platforms:
    - name: Debian
      versions:
        - 11
  galaxy_tags:
    - kibana
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,72 @@
 ---
 - name: setup kibana group
  group:
    name: "{{ kibana_grp }}"
    state: "present"
 - name: setup kibana user
  user:
    name: "{{ kibana_usr }}"
    home: "{{ kibana_home }}"
    group: "{{ kibana_grp }}"
    groups:
      - "{{ kibana_grp }}"
    comment: Virtual Kibana User
    shell: /bin/bash
    state: present
    system: yes
 - name: setup Kibana directories
  file:
    state: directory
    path: "{{ item }}"
    owner: "{{ kibana_usr }}"
    group: "{{ kibana_grp }}"
    mode: 0750
  loop:
    - "{{ kibana_path }}"
    - "{{ kibana_home }}"
    - "{{ kibana_cert }}"
    - "{{ kibana_data_location }}"
    - "{{ kibana_logs_location }}"
 - name: download Kibana
  unarchive:
    src: "{{ kibana_source }}/kibana-{{ elastic_version }}-{{ kibana_platform_suffix }}.tar.gz"
    dest: "{{ kibana_path }}"
    creates: "{{ kibana_inst }}"
    remote_src: true
    owner: "{{ kibana_usr }}"
    group: "{{ kibana_grp }}"
    mode: 0755
  register: kibana_install
 - name: configure Kibana
  template:
    src: "opt/kibana/home/config/{{ item }}.j2"
    dest: "{{ kibana_conf }}/{{ item }}"
    owner: "{{ kibana_usr }}"
    group: "{{ kibana_grp }}"
    mode: 0640
  loop:
    - kibana.yml
    - node.options
 - name: setup generic Kibana link
  file:
    state: link
    src: "{{ kibana_inst }}"
    dest: "{{ kibana_link }}"
 - name: setup Kibana systemd unit
  template:
    src: etc/systemd/system/kibana.service.j2
    dest: /etc/systemd/system/kibana.service
  notify: restart kibana
 - name: enable kibana systemd unit
  systemd:
    name: kibana
    enabled: yes
    daemon_reload: yes
    state: started
--- a/templates/etc/systemd/system/kibana.service.j2
+++ b/templates/etc/systemd/system/kibana.service.j2
@ -0,0 +1,31 @@
 [Unit]
 Description=Kibana
 Documentation=https://www.elastic.co
 Wants=network-online.target
 After=network-online.target
 [Service]
 Type=simple
 User={{ kibana_usr }}
 Group={{ kibana_grp }}
 PrivateTmp=true
 Environment=KBN_HOME={{ kibana_home }}
 Environment=KBN_PATH_CONF={{ kibana_conf }}
 Environment=PID_DIR={{ kibana_home }}
 ExecStart={{ kibana_link }}/bin/kibana
 Restart=on-failure
 RestartSec=3
 StartLimitBurst=3
 StartLimitInterval=60
 WorkingDirectory={{ kibana_home }}
 StandardOutput=journal
 StandardError=inherit
 [Install]
 WantedBy=multi-user.target
--- a/templates/opt/kibana/home/config/kibana.yml.j2
+++ b/templates/opt/kibana/home/config/kibana.yml.j2
@ -0,0 +1,39 @@
 # For more configuration options see the configuration guide for Kibana in
 # https://www.elastic.co/guide/index.html
 # =================== System: Kibana Server ===================
 server:
    {{ kibana_config_server | to_nice_yaml | indent(4) }}
 # =================== System: Elasticsearch ===================
 elasticsearch:
    {{ kibana_config_elasticsearch | to_nice_yaml | indent(4) }}
 # =================== System: Logging ===================
 # Set the value of this setting to off to suppress all logging output, or to debug to log everything. Defaults to 'info'
 logging:
    {{ kibana_config_logging | to_nice_yaml | indent(4) }}
 # =================== System: Other ===================
 path:
    data: {{ kibana_data_location }}
 pid:
    file: {{ kibana_home }}/kibana.pid
 ops:
    interval: 5000
 i18n:
    locale: "en"
 # =================== Saved Objects: Migrations ===================
 migrations:
    batchSize: 1000
    maxBatchSizeBytes: 100mb
    retryAttempts: 15
 # =================== Search Autocomplete ===================
 unifiedSearch:
    autocomplete:
        valueSuggestions:
            timeout: 1000
            terminateAfter: 100000
--- a/templates/opt/kibana/home/config/node.options.j2
+++ b/templates/opt/kibana/home/config/node.options.j2
@ -0,0 +1,15 @@
 ## Node command line options
 ## See `node --help` and `node --v8-options` for available options
 ## Please note you should specify one option per line
 ## max size of old space in megabytes
 #--max-old-space-size=4096
 ## do not terminate process on unhandled promise rejection
 --unhandled-rejections=warn
 ## restore < Node 16 default DNS lookup behavior
 --dns-result-order=ipv4first
 ## enable OpenSSL 3 legacy provider
 --openssl-legacy-provider
--- a/vars/main.yml
+++ b/vars/main.yml
@ -0,0 +1,10 @@
 ---
 kibana_usr: kibana
 kibana_grp: "{{ kibana_usr }}"
 kibana_path: "{{ cloud_apps }}/kibana"
 kibana_link: "{{ kibana_path }}/inst"
 kibana_inst: "{{ kibana_path }}/kibana-{{ elastic_version }}"
 kibana_home: "{{ kibana_path }}/home"
 kibana_conf: "{{ kibana_home }}/config"
 kibana_cert: "{{ kibana_conf }}/certs"