Skip to content

Commit

Permalink
[ADD] ติดตั้ง Docker ผ่าน Ansible แทน Docker-Compose
Browse files Browse the repository at this point in the history
  • Loading branch information
@wdrdres3qew5ts21
wdrdres3qew5ts21 committed Jun 11, 2020
1 parent e0fba01 commit 0dc04f0
Show file tree
Hide file tree
Showing 3 changed files with 55 additions and 53 deletions.
5 changes: 5 additions & 0 deletions Ansible-ELK-Stack/elk-ansible.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
- hosts: elk_server
become: yes
become_method: sudo
roles: # ทำให้ ansible รันเฉพาะ tag ได้ถ้าไม่ระบุแท๊กก็จะรันทั้งมด ansible-playbook setup.yml -t docker
- {role: elk_ansible, tags: "elk_ansible"}
91 changes: 50 additions & 41 deletions Ansible-ELK-Stack/roles/elk_ansible/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,54 +1,63 @@
---
# tasks file for elk_ansible
- name: "git clone project MeetU"
# tasks file for elk
# vars ไฟล์จะโดนดูดเข้ามาอัตโนมัติทันทีชื่อต้องตาม format yml แท้ๆ ห้ามมีจุด ต้องใช้แบบ key pair indent :
# - name: fdsfsd
# debug:
# msg: "{{kibana_password}}"

- name: "git clone project MeetU {{kibana.password}}"
become: no
git:
repo: "https://github.com/wdrdres3qew5ts21/MeetU.git"
dest: "~/meetu"
update: yes

update: yes

- name: "Start docker-compose Generate SSL & X.509"
docker_compose:
project_src: "~/meetu"
files:
- create-cert-pem.yml
# ต้องใช้ Certificate จาก Let's Encrypt มาเชื่อมกับ container ของเราผ่าน volume
- name: "Start Elasticsearch Docker"
docker_container:
image: docker.elastic.co/elasticsearch/elasticsearch:7.7.0
state: present
restart: yes
published_ports:
- "9200:9200"
networks:
- name: meetu_elastic
volumes:
- meetu_data01
ulimits:
- "memlock:-1:-1"








- name: "Teardown all ELK Stack"
docker_compose:
project_src: "~/meetu"
files:
- docker-compose-elastic-single-ssl.yml
state: absent
remove_orphans: true

- name: "Start docker-compose ELK stack ;)"
docker_compose:
project_src: "~/meetu"
files:
- docker-compose-elastic-single-ssl.yml
state: present
remove_orphans: true

- name: "Change password for Kibana"
shell:
cmd: >
bash -c "
while true
do
curl --fail -u elastic:PleaseChangeMe \
'http://localhost:9200/_cluster/health?wait_for_status=yellow' \
&& break
sleep 5
done
# - name: "Start Kibana Docker"
# docker_container:
# image: docker.elastic.co/kibana/kibana:7.7.0
# name: elasticsearch1
# state: present


curl -X POST -v -k 'http://localhost:9200/_security/user/kibana/_password?pretty' \
-u elastic:PleaseChangeMe -H 'Content-Type: application/json' \
-d ' { \"password\" : \"PleaseChangeMe\" } ' && echo 'success change password success'
"




# - name: Change Kibana Password API
# uri:
# url: "https://localhost:9200/_security/user/kibana/_password?pretty"
# follow_redirects: none
# method: POST
# user: elastic
# password: PleaseChangeMe
# validate_certs: no
# force_basic_auth: yes
# body_format: json
# body: >
# { "password": "{{kibana_password}}" }
# register: _result
# until: _result.status == 200
# retries: 20
# delay: 5
12 changes: 0 additions & 12 deletions docker-compose-elastic-single-full-ssl.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,18 +75,6 @@ services:
- certs:$CERTS_DIR
networks:
- elastic
# command: >
# bash -c '
# curl -X POST -v -k --cacert /usr/share/elasticsearch/config/certificates/ca/ca.crt "https://elasticsearch1:9200/_security/user/kibana/_password?pretty" -u elastic:PleaseChangeMe -H 'Content-Type: application/json' -d' { "password" : "PleaseChangeMe" } '

# if [[ $? == 51 ]]
# then
# echo "Connect but it not secure So fail to change Password"
# else
# echo "Skip SSL Secure Connection by -k argument so Change password Success"
# fi
# '
# depends_on: {"elasticsearch1": {"condition": "service_healthy"}}

networks:
elastic:
Expand Down

0 comments on commit 0dc04f0

Please sign in to comment.