-
-
Save jordansirwin/3c63ea354809103cca36 to your computer and use it in GitHub Desktop.
Vagrant box: ElasticSearch 2.0 (plugins: HQ, head), Kibana 4.4.0 (plugins: marvel w/ demo license, sense), Topbeat + Packetbeat + Dashboards
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vagrant.configure("2") do |config| | |
| config.vm.box = "centos/7" | |
| config.vm.network :forwarded_port, guest: 9200, host: 9200 | |
| config.vm.network :forwarded_port, guest: 5601, host: 5601 | |
| config.vm.provider "virtualbox" do |v| | |
| v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] | |
| v.memory = 4096 | |
| v.cpus = 2 | |
| end | |
| config.vm.provision "shell", inline: <<-SHELL | |
| # Oracle JDK8 | |
| sudo yum install -y wget | |
| echo "Grabbing Java RPM (~270MB), this might take a minute..." | |
| wget -nv --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u66-b17/jdk-8u66-linux-x64.rpm" | |
| sudo yum --nogpgcheck localinstall -y jdk-8u66-linux-x64.rpm | |
| # Grab Git, we'll need this for our Beat templates | |
| sudo yum install -y git | |
| # FDs | |
| echo 'fs.file-max=100000' >> /etc/sysctl.conf | |
| echo '* soft nproc 100000' >> /etc/security/limits.conf | |
| echo '* hard nproc 100000' >> /etc/security/limits.conf | |
| sudo sysctl -p | |
| # Grab ES 2.0 | |
| rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch | |
| # Yes, the formatting sucks. please don't touch this... | |
| sudo tee /etc/yum.repos.d/elasticsearch.repo > /dev/null << 'EOF' | |
| [elasticsearch-2.x] | |
| name=Elasticsearch repository for 2.x packages | |
| baseurl=http://packages.elastic.co/elasticsearch/2.x/centos | |
| gpgcheck=1 | |
| gpgkey=http://packages.elastic.co/GPG-KEY-elasticsearch | |
| enabled=1 | |
| EOF | |
| sudo yum install -y elasticsearch | |
| sudo systemctl daemon-reload | |
| sudo systemctl enable elasticsearch.service | |
| # Bind to 0.0.0.0 - by default ES 2.0 only binds to localhost, which won't work here... | |
| echo 'network.host: 0.0.0.0' | sudo tee --append /etc/elasticsearch/elasticsearch.yml > /dev/null | |
| # Install a series of possibly helpful plugins | |
| sudo /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head #/_plugin/head | |
| sudo /usr/share/elasticsearch/bin/plugin install royrusso/elasticsearch-HQ #/_plugin/HQ | |
| # Install Marvel 2.0, which is now free. - though for prolonged use we'll still need to get a Free license (requires registration) | |
| sudo /usr/share/elasticsearch/bin/plugin install license | |
| sudo /usr/share/elasticsearch/bin/plugin install marvel-agent | |
| # Install Kibana 4.2 with Marvel and Sense apps | |
| wget -nv https://download.elastic.co/kibana/kibana/kibana-4.4.0-linux-x64.tar.gz | |
| tar -zxf kibana-4.4.0-linux-x64.tar.gz | |
| sudo chown -R vagrant:vagrant kibana-4.4.0-linux-x64 | |
| cd kibana-4.4.0-linux-x64/bin | |
| ./kibana plugin --install elasticsearch/marvel/latest | |
| ./kibana plugin --install elastic/sense | |
| ./kibana > kibana.log & | |
| cd ../../ | |
| rm *.rpm | |
| rm *.tar.gz | |
| # Start ES, then sleep for a bit to allow all the subsystems to realize we're functional. | |
| sudo service elasticsearch start | |
| sleep 10 | |
| # Now layer in some of the Beats (shippers) | |
| sudo yum install -y libpcap | |
| sudo tee /etc/yum.repos.d/beats.repo > /dev/null << 'EOF' | |
| [beats] | |
| name=Elastic Beats Repository | |
| baseurl=https://packages.elastic.co/beats/yum/el/$basearch | |
| enabled=1 | |
| gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch | |
| gpgcheck=1 | |
| EOF | |
| # Topbeat will do the basic IO stats on the box. | |
| sudo yum install -y topbeat | |
| curl -XPUT 'http://localhost:9200/_template/topbeat' -d@/etc/topbeat/topbeat.template.json | |
| sudo tee /etc/topbeat/topbeat.yml -a > /dev/null << 'EOF' | |
| shipper: | |
| name: Vagrant | |
| EOF | |
| sudo /etc/init.d/topbeat start | |
| # Packetbeat will hook into libpcap for network analysis | |
| sudo yum install -y packetbeat | |
| curl -XPUT 'http://localhost:9200/_template/packetbeat' -d@/etc/packetbeat/packetbeat.template.json | |
| sudo tee /etc/packetbeat/packetbeat.yml -a > /dev/null << 'EOF' | |
| shipper: | |
| name: Vagrant | |
| EOF | |
| sudo /etc/init.d/packetbeat start | |
| # Grab our dashboards | |
| git clone https://github.com/elastic/beats-dashboards.git | |
| cd beats-dashboards/ | |
| ./load.sh -url "http://localhost:9200" | |
| echo "Running Marvel at http://localhost:5601/app/marvel" | |
| echo "Running Sense at http://localhost:5601/app/sense" | |
| echo "Running HQ at http://localhost:9200/_plugin/hq/#cluster" | |
| echo "Beats configured: [topbeat] [packetbeat]" | |
| SHELL | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment