| ##################### | |
| # clinet: filebeat | |
| ##################### | |
| $cat /etc/filebeat/filebeat.yml | |
| filebeat: | |
| prospectors: | |
| - | |
| paths: | |
| - /apphome/MetaData/log/* |
I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.
What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.
Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.
The variable name is ansible_ssh_private_key_file .
One should set it at 'vars' level:
myHost ansible_ssh_private_key_file=~/.ssh/mykey1.pem
myOtherHost ansible_ssh_private_key_file=~/.ssh/mykey2.pem
Given the follwoing playbook
- hosts: all
user: deploy
sudo: true
sudo_user: deploy
tasks:
| curl -s https://api.github.com/orgs/twitter/repos?per_page=200 | ruby -rubygems -e 'require "json"; JSON.load(STDIN.read).each { |repo| %x[git clone #{repo["ssh_url"]} ]}' |
#Ambari API - Run all Service Checks In order to check the status and stability of your cluster it makes sense to run the service checks that are included in Ambari. Usually each Ambari Service provides its own service check, but their might be services that wont include any service check at all. To run a service check you have to select the service (e.g. HDFS) in Ambari and click "Run Service Check" in the "Actions" dropdown menu.
Service Checks can be started via the Ambari API and it is also possible to start all available service checks with a single API command. To bulk run these checks it is necessary to use the same API/method that is used to trigger a rolling restart of Datanodes (request_schedules). The "request_schedules" API starts all defined commands in the specified order, its even possible to specify a pause between the commands.
Available Service Checks:
| Service Name | service_name | Command |
|---|---|---|
| HDFS | HDFS | HDFS_SERVICE_CHECK |
| language: bash | |
| sudo: required | |
| env: | |
| - tf_version=0.11.3 | |
| before_install: | |
| - wget https://releases.hashicorp.com/terraform/${tf_version}/terraform_${tf_version}_linux_amd64.zip -O /tmp/terraform.zip | |
| - sudo unzip -d /usr/local/bin/ /tmp/terraform.zip |
| ######################## | |
| ## Variables | |
| ######################## | |
| variable "environment_name" { | |
| description = "The name of the environment" | |
| } | |
| variable "vpc_id" { | |
| description = "The ID of the VPC that the RDS cluster will be created in" |
| # Define the mappings for the Ubuntu 16.04.2 LTS in the regions | |
| Mappings: | |
| RegionMap: | |
| ap-northeast-1: | |
| ubuntu: ami-c68fc7a1 | |
| ap-northeast-2: | |
| ubuntu: ami-93d600fd | |
| ap-southeast-1: | |
| ubuntu: ami-9feb5afc |
based on blog "how to use ansible with terraform"
Recently, I’ve started using Terraform for creating a cloud test rig and it’s pretty dope. In a matter of a few days, I went from “never used AWS” to the “I have a declarative way to create an isolated infrastructure in the cloud”. I’m spinning a couple of instances in a dedicated subnet inside a VPC with a security group and dedicated SSH keypair and all of this is coded in a mere few hundred lines.
It’s all nice and dandy but after creating an instance from some basic AMI I need to provision it. My go-to tool for this is Ansible but, unfortunately, Terraform doesn’t support it natively as it does for Chef and Salt. This is unlike Packer that has ansible (remote) and ansible-local. Do we really need provisioning in the cloud? Instead of using the empty AMIs you could bake your own AMI and skip the whole provisioning part completely but I see a giant flaw in this setup. Every change, even a small one, requires recreation of the whole instance. If it’s a ch