gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ad861db16e'
${ noResults }
hetzner-ansible/roles/elastic/vars/main.yml

101 lines
3.7 KiB
YAML
Raw Blame History

---
elastic_id: "{{ inventory_hostname }}-elastic"
elastic_exporter_id: "{{ inventory_hostname }}-elastic-exporter"
elastic_docker: {
networks: [
{
name: back-tier,
external: true,
},
],
volumes: [
{
name: "{{ elastic_id }}-data"
},
],
services: [
{
name: "{{ elastic_id }}",
image_name: "{{ elastic_image_name }}",
image_version: "{{ elastic_image_version }}",
environment: [
"ES_JAVA_OPTS: -Xms{{ JVM_HEAP_MB | default((ansible_memtotal_mb / 2) | round | int) }}m -Xmx{{ JVM_HEAP_MB | default((ansible_memtotal_mb / 2) | round | int) }}m",
"ELASTIC_PASSWORD: \"{{ elastic_admin_password }}\"",
"node.name: \"{{ inventory_hostname }}\"",
"cluster.name: \"{{ stage }}-elastic-stack\"",
"discovery.seed_hosts: {{ groups['elastic']
| difference([inventory_hostname])
| join(',') }}",
"cluster.initial_master_nodes: {{ groups['elastic']
| join(',')}}",
"bootstrap.memory_lock: \"true\"",
"network.publish_host: {{ elastic_stack_network[inventory_hostname] }}",
"xpack.security.enabled: \"true\"",
"xpack.security.http.ssl.enabled: \"true\"",
"xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/ca.crt",
"xpack.security.http.ssl.key: /usr/share/elasticsearch/config/certificates/{{ inventory_hostname }}/{{ inventory_hostname }}.key",
"xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/certificates/{{ inventory_hostname }}/{{ inventory_hostname }}.crt",
"xpack.security.transport.ssl.enabled: \"true\"",
"xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca/ca.crt",
"xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/certificates/{{ inventory_hostname }}/{{ inventory_hostname }}.key",
"xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/certificates/{{ inventory_hostname }}/{{ inventory_hostname }}.crt",
"xpack.security.transport.ssl.verification_mode: certificate",
],
volumes: [
'"{{ elastic_id }}-data:/usr/share/elasticsearch/data"',
'"./certs:/usr/share/elasticsearch/config/certificates:ro"',
'"./config/roles.yml:/usr/share/elasticsearch/config/roles.yml:ro"',
],
networks: [
'"back-tier"',
],
extra_hosts: "{{ elastic_extra_hosts | default([]) }}",
ports: [
{
"external": "9200",
"internal": "9200",
},
{
"external": "9300",
"internal": "9300",
},
],
lines: [
"ulimits:",
" memlock:",
" soft: -1",
" hard: -1",
"healthcheck:",
" test: curl --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt -s https://localhost:9200 >/dev/null; if [[ $$? == 52 ]]; then echo 0; else echo 1; fi",
" interval: 30s",
" timeout: 10s",
" retries: 5",
]
},
{
name: "{{ elastic_exporter_id }}",
image_name: "{{ elasticsearch_exporter_image_name }}",
image_version: "{{ elasticsearch_exporter_image_version }}",
command: [
'"--es.ca=/certificates/ca/ca.crt"',
'"--es.uri=https://{{ elastic_admin_username }}:{{ elastic_admin_password }}@{{ inventory_hostname }}:9200"',
],
volumes: [
'"./certs:/certificates:ro"',
],
networks: [
'"back-tier"',
],
extra_hosts: "{{ elastic_extra_hosts | default([]) }}",
ports: [
{
"external": "{{ monitor_port_elastic }}",
"internal": "9114",
},
],
},
],
}
Reference in New Issue View Git Blame Copy Permalink