Last active
February 14, 2018 21:17
-
-
Save tylerfontaine/a5fe2dfb41f3af04043b to your computer and use it in GitHub Desktop.
Sample Puppet site.pp file for privisioning ES for master, data, and client nodes based on hostname
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Simple Puppet site.pp Example. This sets up regex node definitions so you can automate the setup of master, data, and client nodes with puppet. | |
| # note that because this installs java, it requires the puppetlabs/java module as well | |
| # This is based on the elasticsearch puppet module available here: https://forge.puppetlabs.com/elasticsearch/elasticsearch | |
| # The general idea here is that there's a puppetmaster server setup, with this file sitting in its production environment space. | |
| # To add a node, set its hostname to match for master, data, or client, e.g.: esdata03.eslocal.net in this case. | |
| # Your hostnames will differ, so you will need to adjust the regex to match your particular case. | |
| # This also installs the license and marvel-agent plugins, to serve as an example for installing plugins of any type. | |
| #first the master nodes | |
| node /^esmaster.*\.eslocal\.net/ { | |
| class { 'elasticsearch' : | |
| manage_repo => true, | |
| repo_version => '2.x', | |
| version => '2.3.2', | |
| java_install => true, | |
| config => { | |
| 'cluster.name' => 'PuppetCluster2', | |
| 'discovery.zen.ping.unicast.hosts' => '["esmaster01.eslocal.net", "esmaster02.eslocal.net"]', | |
| 'node.master' => 'true', | |
| 'node.data' => 'false', | |
| 'discovery.zen.minimum_master_nodes' => '2', | |
| 'network.host' => '_site_', | |
| 'shield.audit.enabled' => 'true', | |
| 'shield.authc.realms.file1.type' => 'file', | |
| 'shield.authc.realms.file1.order' => '10', | |
| 'shield.authc.realms.native1.type' => 'native', | |
| 'shield.authc.realms.native1.order' => '20', | |
| } | |
| } | |
| elasticsearch::instance { 'es-01': } | |
| elasticsearch::plugin{'license': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'shield': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'marvel-agent': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'watcher': | |
| instances => 'es-01' | |
| } | |
| exec { 'esusers': | |
| command => "/usr/share/elasticsearch/bin/shield/esusers useradd admin -p elastic -r admin" | |
| } | |
| file { '/etc/elasticsearch/es-01/shield': | |
| source => "/etc/elasticsearch/shield", | |
| recurse => true | |
| } | |
| } | |
| #then the data nodes: | |
| node /^esdata.*\.eslocal\.net/ { | |
| class { 'elasticsearch' : | |
| manage_repo => true, | |
| repo_version => '2.x', | |
| version => '2.3.2', | |
| java_install => true, | |
| config => { | |
| 'cluster.name' => 'PuppetCluster2', | |
| 'discovery.zen.ping.unicast.hosts' => '["esmaster01.eslocal.net", "esmaster02.eslocal.net", "esdata01.eslocal.net", "esdata02.eslocal.net"]', | |
| 'node.master' => 'false', | |
| 'node.data' => 'true', | |
| 'discovery.zen.minimum_master_nodes' => '2', | |
| 'network.host' => '_site_', | |
| 'shield.audit.enabled' => 'true', | |
| 'shield.authc.realms.file1.type' => 'file', | |
| 'shield.authc.realms.file1.order' => '10', | |
| 'shield.authc.realms.native1.type' => 'native', | |
| 'shield.authc.realms.native1.order' => '20', | |
| } | |
| } | |
| elasticsearch::instance { 'es-01': } | |
| elasticsearch::plugin{'license': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'marvel-agent': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'shield': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'watcher': | |
| instances => 'es-01' | |
| } | |
| exec { 'esusers': | |
| command => "/usr/share/elasticsearch/bin/shield/esusers useradd admin -p elastic -r admin" | |
| } | |
| file { '/etc/elasticsearch/es-01/shield': | |
| source => "/etc/elasticsearch/shield", | |
| recurse => true | |
| } | |
| } | |
| #then the client ndoes: | |
| node /^esclient.*\.eslocal\.net/ { | |
| class { 'elasticsearch' : | |
| manage_repo => true, | |
| repo_version => '2.x', | |
| version => '2.3.2', | |
| java_install => true, | |
| config => { | |
| 'cluster.name' => 'PuppetCluster2', | |
| 'discovery.zen.ping.unicast.hosts' => '["esmaster01.eslocal.net", "esmaster02.eslocal.net"]', | |
| 'node.master' => 'false', | |
| 'node.data' => 'false', | |
| 'discovery.zen.minimum_master_nodes' => '2', | |
| 'network.host' => '_site_', | |
| 'shield.audit.enabled' => 'true', | |
| 'shield.authc.realms.file1.type' => 'file', | |
| 'shield.authc.realms.file1.order' => '10', | |
| 'shield.authc.realms.native1.type' => 'native', | |
| 'shield.authc.realms.native1.order' => '20', | |
| } | |
| } | |
| elasticsearch::instance { 'es-01': } | |
| elasticsearch::plugin{'license': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'marvel-agent': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'shield': | |
| instances => 'es-01' | |
| } | |
| elasticsearch::plugin{'watcher': | |
| instances => 'es-01' | |
| } | |
| exec { 'esusers': | |
| command => "/usr/share/elasticsearch/bin/shield/esusers useradd admin -p elastic -r admin" | |
| } | |
| file { '/etc/elasticsearch/es-01/shield': | |
| source => "/etc/elasticsearch/shield", | |
| recurse => true | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment