Last active
February 11, 2023 13:08
-
-
Save iamhowardtheduck/8c92b8c3b61ef4d639d693f10a676a78 to your computer and use it in GitHub Desktop.
Single script to install and configure ECE. WORK IN PROGRESS: Option 1 good, Option 2 good, Option 3 only installs repositories, Option 4 good.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo yum install dialog -y | |
| cmd=(dialog --radiolist "ECE: Eclipse Installation" 22 95 16) | |
| options=(1 "Prepare system for ECE install, then reboot." off # any option can be set to default to "on" | |
| 2 "Install ECE, download all available versions, & create an Elastic cluster." off | |
| 3 "Configure the Elasticsearch repository, download, install, and configure Beats." off | |
| 4 "Make like a tree, and leave." off) | |
| choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) | |
| clear | |
| for choice in $choices | |
| do | |
| case $choice in | |
| 1) clear | |
| echo "Welcome to the ECE Auto-Install Script PART 1." | |
| echo "" | |
| echo "DO NOT RUN THIS AS \"root\" OR AS \"sudo $USER\", BUT AS A USER WITH ROOT RIGHTS" | |
| echo "" | |
| echo "IT WILL FAIL IF YOU RUN AS ROOT, SO DO NOT DO IT!" | |
| echo "" | |
| echo "This is designed to be run on a minimal server install of CentOS 7 AFTER 'yum update' has been run and the system was rebooted." | |
| echo "" | |
| echo "Once done, your system will reboot; once it does start PART 2." | |
| read -n 1 -s -r -p "Press any key to continue" | |
| clear | |
| if [[ $EUID -eq 0 ]]; then | |
| echo "This script must NOT be run as root or sudo; please try again." 1>&2 | |
| exit 1 | |
| fi | |
| sudo yum install wget java-1.8* -y | |
| sudo /sbin/grubby --update-kernel=ALL --args='cgroup_enable=memory cgroup.memory=nokmem swapaccount=1' | |
| echo "overlay" | sudo tee -a /etc/modules-load.d/overlay.conf | |
| sudo grub2-set-default 0 | |
| sudo grub2-mkconfig -o /etc/grub2.cfg | |
| sudo touch /etc/yum.repos.d/docker.repo | |
| echo "[dockerrepo]" | sudo tee -a /etc/yum.repos.d/docker.repo | |
| echo "name=Docker Repository" | sudo tee -a /etc/yum.repos.d/docker.repo | |
| echo "baseurl=https://download.docker.com/linux/centos/7/x86_64/stable" | sudo tee -a /etc/yum.repos.d/docker.repo | |
| echo "enabled=1" | sudo tee -a /etc/yum.repos.d/docker.repo | |
| echo "gpgcheck=1" | sudo tee -a /etc/yum.repos.d/docker.repo | |
| echo "gpgkey=https://download.docker.com/linux/centos/gpg" | sudo tee -a /etc/yum.repos.d/docker.repo | |
| sudo yum makecache fast -y | |
| sudo yum install docker-ce-18.09.2* -y | |
| sudo systemctl stop docker | |
| echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf | |
| echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf | |
| echo "net.bridge.bridge-nf-call-ip6tables = 1" | sudo tee -a /etc/sysctl.conf | |
| echo "net.bridge.bridge-nf-call-iptables = 1" | sudo tee -a /etc/sysctl.conf | |
| sudo service network restart | |
| echo "* soft nofile 1024000" | sudo tee -a /etc/security/limits.conf | |
| echo "* hard nofile 1024000" | sudo tee -a /etc/security/limits.conf | |
| echo "* soft memlock unlimited" | sudo tee -a /etc/security/limits.conf | |
| echo "* hard memlock unlimited" | sudo tee -a /etc/security/limits.conf | |
| echo "$USER soft nofile 1024000" | sudo tee -a /etc/security/limits.conf | |
| echo "$USER hard nofile 1024000" | sudo tee -a /etc/security/limits.conf | |
| echo "$USER soft memlock unlimited" | sudo tee -a /etc/security/limits.conf | |
| echo "$USER hard memlock unlimited" | sudo tee -a /etc/security/limits.conf | |
| echo "root soft nofile 1024000" | sudo tee -a /etc/security/limits.conf | |
| echo "root hard nofile 1024000" | sudo tee -a /etc/security/limits.conf | |
| echo "root soft memlock unlimited" | sudo tee -a /etc/security/limits.conf | |
| sudo install -o $USER -g $USER -d -m 700 /mnt/data | |
| sudo install -o $USER -g $USER -d -m 700 /mnt/data/docker | |
| sudo systemctl disable firewalld | |
| sudo mkdir -p /etc/systemd/system/docker.service.d | |
| sudo touch /etc/systemd/system/docker.service.d/docker.conf | |
| echo "[Unit]" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| echo "Description=Docker Service" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| echo "After=multi-user.target" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| echo "" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| echo "[Service]" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| echo "ExecStart=" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| echo "ExecStart=/usr/bin/dockerd --data-root /mnt/data/docker --storage-driver=overlay --bip=172.17.42.1/16" | sudo tee -a /etc/systemd/system/docker.service.d/docker.conf | |
| sudo systemctl daemon-reload | |
| sudo systemctl restart docker | |
| sudo systemctl enable docker | |
| sudo usermod -aG docker $USER | |
| sudo touch /etc/sysctl.d/70-cloudenterprise.conf | |
| echo "net.ipv4.tcp_max_syn_backlog=65536" | sudo tee -a /etc/sysctl.d/70-cloudenterprise.conf | |
| echo "net.core.somaxconn=32768" | sudo tee -a /etc/sysctl.d/70-cloudenterprise.conf | |
| echo "net.core.netdev_max_backlog=32768" | sudo tee -a /etc/sysctl.d/70-cloudenterprise.conf | |
| echo "exclude=docker-ce" | sudo tee -a /etc/yum.conf | |
| echo "" | |
| echo "" | |
| echo "" | |
| clear | |
| echo "The system now requires a reboot. Please re-run the script and selection option 2." | |
| echo "" | |
| echo "" | |
| read -n 1 -s -r -p "Press any key to reboot now." | |
| sudo reboot now | |
| ;; | |
| 2) clear | |
| echo "Welcome to the ECE Auto-Install Script PART 2." | |
| echo "" | |
| echo "DO NOT RUN THIS AS ROOT, BUT AS A USER WITH ROOT RIGHTS" | |
| echo "" | |
| echo "IT WILL FAIL IF YOU RUN AS ROOT, SO DO NOT DO IT!" | |
| echo "" | |
| echo "This is designed to be run on a minimal server install of CentOS 7 AFTER 'yum update' & ECE Install Part 1 has been run." | |
| echo "" | |
| read -n 1 -s -r -p "Press any key to continue" | |
| clear | |
| if [[ $EUID -eq 0 ]]; then | |
| echo "This script must NOT be run as root or sudo; please try again." 1>&2 | |
| exit 1 | |
| fi | |
| sudo docker info | grep Root | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) install | |
| adminPassword=$(grep -oP '(?<=adminconsole_root_password":")[^"]*' /mnt/data/elastic/bootstrap-state/bootstrap-secrets.json) | |
| rolesToken=$(grep -oP '(?<=bootstrap_runner_roles_token":")[^"]*' /mnt/data/elastic/bootstrap-state/bootstrap-secrets.json) | |
| tokenSecret=$(grep -oP '(?<=bootstrap_tokens_secret":")[^"]*' /mnt/data/elastic/bootstrap-state/bootstrap-secrets.json) | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.6.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.6.0 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.5.3 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.5.2 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.5.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.5.0 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.4.3 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.4.2 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.4.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.4.0 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.3.3 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.3.2 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.3.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.3.0 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.2.3 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.2.2 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.2.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.2.0 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.1.3 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.1.2 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.1.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.1.0 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.0.1 --user admin --pass ${adminPassword} | |
| bash <(curl -fsSL https://download.elastic.co/cloud/elastic-cloud-enterprise.sh) add-stack-version --version 8.0.0 --user admin --pass ${adminPassword} | |
| clear | |
| echo "" | |
| echo "" | |
| echo "What is the IP address of this system?" | |
| read myIP | |
| clear | |
| echo "" | |
| echo "" | |
| echo "Beginning ECE Eclipse cluster deployment" | |
| echo "" | |
| EclipseUser=$(whoami) | |
| curl -k -X POST -u admin:${adminPassword} https://${myIP}:12443/api/v1/clusters/elasticsearch -H 'content-type: application/json' -d '{ | |
| "cluster_name" : "ECE Eclipse", | |
| "plan" : { | |
| "elasticsearch" : { | |
| "version" : "8.6.1" | |
| }, | |
| "cluster_topology" : [ | |
| { | |
| "memory_per_node" : 8192, | |
| "node_count_per_zone" : 1, | |
| "node_type" : { | |
| "data" : true, | |
| "ingest" : true, | |
| "master" : true, | |
| "ml" : true | |
| }, | |
| "zone_count" : 1 | |
| } | |
| ] | |
| } | |
| }' >> /home/${EclipseUser}/Deployment.txt | |
| sudo touch /home/${EclipseUser}/kibanaConfig.json | |
| ECID=$(grep -oP '(?<=elasticsearch_cluster_id": ")[^"]*' /home/${EclipseUser}/Deployment.txt) | |
| echo "{" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo "\"elasticsearch_cluster_id\": \"${ECID}\","| sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo "\"plan\": {" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"kibana\": {}," | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"cluster_topology\": [" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " {" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"instance_configuration_id\": \"kibana\"," | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"zone_count\": 1," | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"size\": {" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"resource\": \"memory\"," | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " \"value\": 2048" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " }" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " }" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " ]" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo " }" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| echo "}" | sudo tee -a /home/${EclipseUser}/kibanaConfig.json | |
| curl -k -X POST -u admin:${adminPassword} https://${myIP}:12443/api/v1/clusters/kibana -H 'content-type: application/json' -d @/home/${EclipseUser}/kibanaConfig.json | |
| clear | |
| echo "" | |
| echo "" | |
| echo "" | |
| echo "Moving bootstrap-secrets.json to ${EclipseUser}'s home folder." | |
| sudo cp /mnt/data/elastic/bootstrap-state/bootstrap-secrets.json /home/${EclipseUser} | |
| sudo chmod 777 /home/${EclipseUser}/bootstrap-secrets.json | |
| echo "" | |
| echo "Your ECE login username will be \"admin\" and the password is \"${adminPassword}\"." | |
| echo "" | |
| echo "" | |
| pWord=$(grep -oP '(?<=password": ")[^"]*' /home/${EclipseUser}/Deployment.txt) | |
| echo "Your ECE Eclipse login username will be \"elastic\" and the password is \"${pWord}\"." | |
| echo "" | |
| echo "You can access ECE via https://${myIP}:12443" | |
| echo "" | |
| echo "These credentials will be located at /home/${EclipseUser}/Summary.txt." | |
| echo "" | |
| echo "Please store these in a secure location." | |
| sudo touch /home/${EclipseUser}/Summary.txt | |
| echo "Access ECE here: https://${myIP}:12443" | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| echo "" | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| echo "" | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| pWord=$(grep -oP '(?<=password": ")[^"]*' /home/${EclipseUser}/Deployment.txt) | |
| echo "Login to ECE as \"admin\" with the password \"${pWord}\"." | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| echo "" | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| echo "" | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| pWord=$(grep -oP '(?<=password": ")[^"]*' /home/${EclipseUser}/Deployment.txt) | |
| echo "Login to the ECE Eclipse cluster as \"elastic\" with the password \"${pWord}\"." | sudo tee -a /home/${EclipseUser}/Summary.txt | |
| read -n 1 -s -r -p "Press any key to end" | |
| clear | |
| ;; | |
| 3) clear | |
| echo "Import Elastic gpg key" | |
| echo "" | |
| sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch | |
| echo "Import Elastic gpg key: $(tput setaf 2)[$(tput setaf 4)OK$(tput setaf 2)]$(tput setaf 7)" | |
| # | |
| # | |
| # create Elastic repo | |
| echo "Creating Elastic repository" | |
| echo | |
| sudo touch /etc/yum.repos.d/elasticsearch.repo | |
| echo "[elasticsearch-8.x]" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "name=Elasticsearch repository for 8.x packages" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "baseurl=https://artifacts.elastic.co/packages/8.x/yum" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "gpgcheck=1" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "enabled=1" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "autorefresh=1" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| echo "type=rpm-md" | sudo tee -a /etc/yum.repos.d/elasticsearch.repo | |
| sudo yum install auditbeat metricbeat heartbeat-elastic packetbeat filebeat -y | |
| ;; | |
| 4) clear | |
| esac | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment