Last active
April 23, 2019 02:59
-
-
Save quintessence/5e3b84a09426a92d4541b225ff191c72 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
## Tested on CentOS 7 | |
## Source: https://docs.chef.io/install_server.html | |
## Verify ports on instance / server are open: https://docs.chef.io/server_firewalls_and_ports.html | |
## Intended for Demo use only | |
## Make sure to change # FIXME lines as needed | |
DEMOPATH="chef-pem-files" | |
mkdir -p ${DEMOPATH} | |
# Setting up the Chef user | |
USERNAME="jaynecobb" # FIXME | |
FORENAME="Jayne" # FIXME | |
SURNAME="Cobb" # FIXME | |
EMAIL="vera@firefly.net" # FIXME | |
PASSWORD="chef-logzio" # FIXME | |
FILENAME="${DEMOPATH}/demo.pem" | |
# Setting up the Chef org | |
SHORTNAME="firefly" # FIXME | |
ORGNAME="Firefly Logz" # FIXME | |
ASSOCUSER="${USERNAME}" | |
ORGFILE="${DEMOPATH}/${SHORTNAME}-validator.pem" | |
# Base Chef server | |
sudo yum install wget -y | |
wget https://packages.chef.io/files/stable/chef-server/12.19.31/el/7/chef-server-core-12.19.31-1.el7.x86_64.rpm -P /tmp/ | |
sudo rpm -Uvh /tmp/chef-server-core-12.19.31-1.el7.x86_64.rpm | |
echo "Running 'reconfigure', may take up to 5 minutes" | |
sudo chef-server-ctl reconfigure | |
echo "Creating chef user ${USERNAME}" | |
echo "sudo chef-server-ctl user-create ${USERNAME} ${FORENAME} ${SURNAME} ${EMAIL} '${PASSWORD}' --filename ${FILENAME}" | |
sudo chef-server-ctl user-create ${USERNAME} ${FORENAME} ${SURNAME} ${EMAIL} '${PASSWORD}' --filename ${FILENAME} | |
echo "Creating chef org ${ORGNAME}" | |
echo "sudo chef-server-ctl org-create ${SHORTNAME} '${ORGNAME}' --association_user ${ASSOCUSER} --filename ${ORGFILE}" | |
sudo chef-server-ctl org-create ${SHORTNAME} '${ORGNAME}' --association_user ${ASSOCUSER} --filename ${ORGFILE} | |
# Chef Management Console (optional: if UI needed in demo) | |
sudo chef-server-ctl install chef-manage | |
sudo chef-server-ctl reconfigure | |
sudo chef-manage-ctl reconfigure | |
echo "You now have a single Chef server" | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
sudo yum upgrade -y | |
sudo yum install tree vim git -y ## Optional tools to make life easier | |
sudo yum install wget -y ## Not optional | |
## Elastic is consistent-ish with their naming conventions for past versions | |
## Please reference their page if you wish to download a different version | |
## than either of the two below: | |
## https://www.elastic.co/downloads/past-releases/ | |
#VERSION="7.0.0" | |
#VERSION="6.5.4" | |
if [ -z ${VERSION} ]; then | |
echo -e "Please uncomment desired version before running script.\n" | |
exit 0 | |
fi | |
############# ELASTICSEARCH ################ | |
echo -e "Starting Elasticsearch ${VERSION} installation\n\n\n" | |
## Needed to add some logic because consistent naming is hard | |
if [ ${VERSION} == "7.0.0" ]; then | |
FILE="elasticsearch-${VERSION}-x86_64.rpm" | |
else | |
FILE="elasticsearch-${VERSION}.rpm" | |
fi | |
echo "${FILE}" | |
## Install Java 8 | |
sudo yum install java-1.8.0-openjdk.x86_64 -y | |
java -version | |
## Install elasticsearch itself | |
wget https://artifacts.elastic.co/downloads/elasticsearch/${FILE} | |
sudo rpm -ivh ${FILE} | |
sudo mv /etc/elasticsearch/elasticsearch.yml{,.bkp} | |
sudo cp elasticsearch-demo.yml /etc/elasticsearch/elasticsearch.yml | |
sudo systemctl enable elasticsearch.service | |
sudo service elasticsearch start | |
sudo service elasticsearch status | |
rm ${FILE} | |
############### LOGSTASH ################## | |
echo -e "\n\n\nStarting Logstash ${VERSION} installation\n\n\n" | |
FILE="logstash-${VERSION}.rpm" | |
wget https://artifacts.elastic.co/downloads/logstash/${FILE} | |
sudo rpm -ivh ${FILE} | |
sudo systemctl enable logstash.service | |
sudo service logstash start | |
sudo service logstash status | |
rm ${FILE} | |
################ KIBANA ################## | |
echo -e "\n\n\nStarting Kibana ${VERSION} installation\n\n\n" | |
FILE="kibana-${VERSION}-x86_64.rpm" | |
## Install Kibana itself | |
wget https://artifacts.elastic.co/downloads/kibana/${FILE} | |
sudo rpm -ivh ${FILE} | |
sudo mv /etc/kibana/kibana.yml{,.bkp} | |
sudo cp kibana-demo.yml /etc/kibana/kibana.yml | |
sudo systemctl enable kibana.service | |
sudo service kibana start | |
sudo service kibana status | |
rm ${FILE} | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ======================== Elasticsearch Configuration ========================= | |
# | |
# NOTE: Elasticsearch comes with reasonable defaults for most settings. | |
# Before you set out to tweak and tune the configuration, make sure you | |
# understand what are you trying to accomplish and the consequences. | |
# | |
# The primary way of configuring a node is via this file. This template lists | |
# the most important settings you may want to configure for a production cluster. | |
# | |
# Please consult the documentation for further information on configuration options: | |
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html | |
# | |
# ---------------------------------- Cluster ----------------------------------- | |
# | |
# Use a descriptive name for your cluster: | |
# | |
#cluster.name: my-application | |
# | |
# ------------------------------------ Node ------------------------------------ | |
# | |
# Use a descriptive name for the node: | |
# | |
#node.name: node-1 | |
# | |
# Add custom attributes to the node: | |
# | |
#node.attr.rack: r1 | |
# | |
# ----------------------------------- Paths ------------------------------------ | |
# | |
# Path to directory where to store the data (separate multiple locations by comma): | |
# | |
path.data: /var/lib/elasticsearch | |
# | |
# Path to log files: | |
# | |
path.logs: /var/log/elasticsearch | |
# | |
# ----------------------------------- Memory ----------------------------------- | |
# | |
# Lock the memory on startup: | |
# | |
#bootstrap.memory_lock: true | |
# | |
# Make sure that the heap size is set to about half the memory available | |
# on the system and that the owner of the process is allowed to use this | |
# limit. | |
# | |
# Elasticsearch performs poorly when the system is swapping the memory. | |
# | |
# ---------------------------------- Network ----------------------------------- | |
# | |
# Set the bind address to a specific IP (IPv4 or IPv6): | |
# | |
network.host: "0.0.0.0" | |
# | |
# Set a custom port for HTTP: | |
# | |
http.port: 9200 | |
# | |
# For more information, consult the network module documentation. | |
# | |
# --------------------------------- Discovery ---------------------------------- | |
# | |
# Pass an initial list of hosts to perform discovery when this node is started: | |
# The default list of hosts is ["127.0.0.1", "[::1]"] | |
# | |
#discovery.seed_hosts: ["host1", "host2"] | |
# | |
# Bootstrap the cluster using an initial set of master-eligible nodes: | |
# | |
cluster.initial_master_nodes: ["172.31.43.31"] # FIXME: Change to instance private IP | |
# | |
# For more information, consult the discovery and cluster formation module documentation. | |
# | |
# ---------------------------------- Gateway ----------------------------------- | |
# | |
# Block initial recovery after a full cluster restart until N nodes are started: | |
# | |
#gateway.recover_after_nodes: 3 | |
# | |
# For more information, consult the gateway module documentation. | |
# | |
# ---------------------------------- Various ----------------------------------- | |
# | |
# Require explicit names when deleting indices: | |
# | |
#action.destructive_requires_name: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
# Logzio SSL cert | |
sudo yum install wget -y | |
sudo wget https://raw.githubusercontent.com/logzio/public-certificates/master/COMODORSADomainValidationSecureServerCA.crt -P /etc/pki/tls/certs/ | |
# Comment out the version you do not wish to install | |
VERSION="7.0.0" | |
#VERSION="6.5.4" | |
FILE="filebeat-${VERSION}-x86_64.rpm" | |
curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILE} | |
sudo rpm -vi ${FILE} | |
sudo service filebeat start | |
filebeat version | |
rm ${FILE} | |
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#### Stripped default Filebeat configuration for demo purposes only | |
#### Make sure to change # FIXME lines as needed | |
#=========================== Filebeat inputs ============================= | |
filebeat.inputs: | |
############## DEFAULT ############## | |
- type: log | |
enabled: false | |
paths: | |
- /var/log/*.log | |
############# LOGZIO DEMO ############# | |
- type: log | |
paths: | |
- /var/log/opscode/nginx/access.log | |
fields: | |
logzio_codec: plain | |
token: ### FIXME - REPLACE WITH YOUR ACCOUNT TOKEN | |
type: nginx | |
fields_under_root: true | |
encoding: utf-8 | |
ignore_older: 3h | |
registry_file: /var/lib/filebeat/registry | |
#============================= Filebeat modules =============================== | |
filebeat.config.modules: | |
path: ${path.config}/modules.d/*.yml | |
reload.enabled: false | |
#==================== Elasticsearch template setting ========================== | |
setup.template.settings: | |
index.number_of_shards: 3 | |
#============================== Kibana ===================================== | |
setup.kibana: | |
#================================ Outputs ===================================== | |
output: | |
logstash: | |
hosts: ["listener.logz.io:5015"] | |
ssl: | |
certificate_authorities: ['/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Kibana is served by a back end server. This setting specifies the port to use. | |
server.port: 5601 | |
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. | |
# The default is 'localhost', which usually means remote machines will not be able to connect. | |
# To allow connections from remote users, set this parameter to a non-loopback address. | |
server.host: "0.0.0.0" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment