admingit
/
01-Splunk_Insatall
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request 'master' (#2) from master into main

Browse Source 
Reviewed-on: #2
pull/3/head^2
admingit 3 years ago
parent 457f3a727f f4bf791284
commit bd1c781ac3
20 changed files with 623 additions and 1 deletions
Show Stats Download Patch File Download Diff File

23
install_splunk_uf.yml
Unescape View File

@ -0,0 +1,23 @@
---
- hosts: splunk_uf_Linux_TIC
tasks:
- name: Gathering Facts
include_tasks: roles/splunk_common_uf/tasks/pre_install_subtasks/get_facts.yml
when:
- splunk_get_fact is not defined
- hosts: splunk_uf_Linux_TIC
serial:
- 1
- 100%
roles:
- splunk_common_uf
tags: all,installation
- hosts: localhost
connection: local
tasks:
- name: Cleanup secret
file:
dest: "/tmp/splunk_secret"
state: "absent"

10
install_splunk_uf_win.yml
Unescape View File

@ -0,0 +1,10 @@
- hosts: splunk_uf_win_m-tic
name: Copy source forwarder windows
ansible.windows.win.copy:
src: "{{ playbook_dir }}/roles/sources/{{ hostvars ['127.0.0.1'].splunkforwarder-8.1.3-63079c59e632-x64-release.msi }}"
dest: "C:\Temp\"
- hosts: splunk_uf_win_m-tic
name: Install SplunkForwarder Windows
win_command: C:\Windows\System32\msiexec.exe /i C:\Temp\splunkforwarder-8.1.3-63079c59e632-x64-release.msi AGREETOLICENSE=Yes SPLUNKUSERNAME=admin SPLUNKPASSWORD=Adm1nPa$$w0rd /quiet
when: splunkforwarder_installed.exists == false

4
roles/splunk_common/tasks/pre_install_subtasks/get_facts_build_type.yml
Unescape View File

@ -15,3 +15,7 @@
set_fact:
splunk_build_type: "msi"
when: splunk_build_location is match(".*\.msi$")
when:
- splunk_build_type is not defined
- splunk_build_type is not none
- splunk_build_location is not none

39
roles/splunk_common_uf/tasks/install_splunk.yml
Unescape View File

@ -0,0 +1,39 @@
---
- name: Remove old manifest files
file:
path: "{{ item.path }}"
state: "absent"
ignore_errors: yes
become: yes
become_user: "{{ privileged_user }}"
with_items:
- "{{ manifests.files }}"
when: splunk_upgrade | bool
- name: Remove old directories
file:
path: "{{ item }}"
state: "absent"
ignore_errors: yes
become: yes
become_user: "{{ privileged_user }}"
with_items:
- "{{ splunk_home_uf }}/bin"
- "{{ splunk_home_uf }}/lib"
- "{{ splunk_home_uf }}/share"
- "{{ splunk_home_uf }}/Python-2.7"
when: splunk_upgrade | bool
- name: Install Splunk
include_tasks: install_tasks/install_splunk_{{ splunk_build_type }}.yml
- name: Remove installers
file:
dest: "{{ item }}"
state: "absent"
ignore_errors: yes
become: yes
become_user: "{{ privileged_user }}"
with_items:
- "{{ splunk_build_location_uf }}"
- "/tmp/splunk_msi"

13
roles/splunk_common_uf/tasks/install_tasks/install_splunk_tgz.yml
Unescape View File

@ -0,0 +1,13 @@
- name: Install Splunk (Linux)
unarchive:
src: "{{ splunk_build_location_uf }}"
dest: "{{ splunk_opt }}"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
remote_src: "{{ splunk_build_remote_src }}"
register: install_result
until: install_result is succeeded
retries: "{{ retry_num }}"
delay: 3
become: yes
become_user: "{{ privileged_user }}"

92
roles/splunk_common_uf/tasks/main.yml
Unescape View File

@ -0,0 +1,92 @@
---
- name: Check if splunk user exists
getent:
database: passwd
key: "{{ splunk_user }}"
fail_key: yes
register: user_exist
ignore_errors: true
become: yes
- name: Setup the splunk user
user:
name: "{{ splunk_user }}"
comment: Splunk User
shell: /bin/bash
generate_ssh_key: yes
ssh_key_bits: 2048
ssh_key_file: .ssh/id_rsa
state: present
when: user_exist["failed"] == true
become: yes
become_user: "{{ privileged_user }}"
- name: Changing Splunk directory Owner
include_tasks: pre_install_subtasks/change_splunk_directory_owner.yml
when:
- ansible_system is match("Linux")
- splunk_home_ownership_enforcement is defined
- splunk_home_ownership_enforcement | bool
- name: Stop existing Splunk
include_tasks: stop_splunk.yml
when:
- splunk_upgrade | bool
# Below we will either install or upgrade, which at this moment is the same task.
- name: "Install Splunk"
include_tasks: install_splunk.yml
when:
- splunk_install | bool or (first_run | bool and splunk_build_location and splunk_build_location is match("^(https?|file)://.*"))
- name: "Upgrade Splunk"
include_tasks: install_splunk.yml
when:
- not splunk_install
- not first_run
- splunk_upgrade | bool
- name: Remove First Login
include_tasks: post_install_subtasks/remove_first_login.yml
when:
- first_run | bool
# This needs to be done before any encrypted passkeys are generated
- name: setup splunk_secret
include_tasks: post_install_subtasks/set_splunk_secret.yml
when:
- first_run | bool
- name: Generate user_seed.conf
include_tasks: post_install_subtasks/set_user_seed.yml
when:
- first_run | bool
- name: setup the [general] pass4SymmKey in system/local
include_tasks: "{{ playbook_dir }}/common/tasks/set_conf_stanza.yml"
vars:
conf_file: "server.conf"
conf_directory: "{{ splunk_home_uf }}/etc/system/local"
stanza_name: general
conf_stanzas:
- pass4SymmKey: "{{ splunk_general_pass4SymmKey }}"
- name: Enable Splunk Service
include_tasks: post_install_subtasks/enable_service.yml
when:
- splunk_enable_service and ansible_system is match("Linux")
- first_run | bool
- name: Start Splunk
include_tasks: start_splunk.yml
- name: Clean user_seed.conf
include_tasks: post_install_subtasks/clean_user_seed.yml
when:
- first_run | bool
- name: Get splunk.secret if not provided initially
include_tasks: post_install_subtasks/register_splunk_secret.yml
when:
- first_run | bool
- splunk_secret is undefined or splunk_secret is none

7
roles/splunk_common_uf/tasks/post_install_subtasks/clean_user_seed.yml
Unescape View File

@ -0,0 +1,7 @@
---
- name: Remove user-seed.conf
file:
dest: "{{ splunk_home_uf }}/etc/system/local/user-seed.conf"
state: "absent"
notify:
- Restart the splunkd service

109
roles/splunk_common_uf/tasks/post_install_subtasks/enable_service.yml
Unescape View File

@ -0,0 +1,109 @@
---
- name: "Retrieve PID 1 process information (Linux)"
command: "ps 1"
register: pid1
when: ansible_system is match("Linux")
- name: "Retrieve Splunk version"
command: "{{ splunk_exec_uf }} version --accept-license --answer-yes --no-prompt"
register: installed_splunk_version
when: ansible_system is match("Linux")
become: yes
become_user: "{{ splunk_user }}"
- name: "Set installed version fact"
set_fact:
installed_splunk_version: "{{ installed_splunk_version.stdout | regex_search(regexp, '\\1') }}"
vars:
regexp: 'Splunk\s((\d+)\.(\d+)\.(\d+)).*'
when: ansible_system is match("Linux")
- name: "Enable service via boot-start - Linux (systemd)"
become: yes
become_user: "{{ privileged_user }}"
command: "{{ splunk_exec_uf }} enable boot-start -systemd-managed 1 -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
- installed_splunk_version[0] is version("7.2.2", ">=")
# Using service file approach for systemd rather than 'boot-start' with
# 'systemd-unit-file-name' option because cli's versions older than 7.2.2 do
# not implement systemd in boot-start command.
- name: "Copy Splunkd unit file - Linux (systemd)"
template:
src: Splunkd.service.j2
dest: /etc/systemd/system/Splunkd.service
owner: "{{ privileged_user }}"
group: "{{ privileged_user }}"
mode: 0644
become: yes
become_user: "{{ privileged_user }}"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
- installed_splunk_version[0] is version("7.2.2", "<")
- name: "Reload daemons via systemctl - Linux (systemd)"
become: yes
become_user: "{{ privileged_user }}"
systemd:
daemon-reload: yes
name: Splunkd.service
enabled: true
when:
- ansible_system is match("Linux")
- pid1.stdout.find('systemd') != -1
- name: "Enable service via boot-start - Linux (init)"
become: yes
become_user: "{{ privileged_user }}"
command: "{{ splunk_exec_uf }} enable boot-start -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
when:
- ansible_system is match("Linux")
- pid1.stdout.find('systemd') == -1
- name: "Enable service via boot-start - Windows"
command: "{{ splunk_exec_uf }} enable boot-start -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
when: ansible_os_family == "Windows"
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl restart Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl start Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl stop Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl status Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes

30
roles/splunk_common_uf/tasks/post_install_subtasks/install_java.yml
Unescape View File

@ -0,0 +1,30 @@
---
- name: Install Oracle8 JDK
include_tasks: java_tasks/install_oracle8_jdk.yml
when:
- java_version == "oracle:8"
- ansible_system is match("Linux")
- name: Install Openjdk8 JDK
include_tasks: java_tasks/install_openjdk8_jdk.yml
when:
- java_version == "openjdk:8"
- ansible_system is match("Linux")
- name: Install Openjdk11 JDK
include_tasks: java_tasks/install_openjdk11_jdk.yml
when:
- java_version == "openjdk:11"
- ansible_system is match("Linux")
- name: Install Openjdk13 JDK
include_tasks: java_tasks/install_openjdk11_jdk.yml
when:
- java_version == "openjdk:13"
- ansible_system is match("Linux")
- name: Install Openjdk9 JDK for Windows
include_tasks: java_tasks/install_openjdk9_jdk_windows.yml
when:
- java_version == "openjdk:9"
- ansible_system is match("CYGWIN*|Win32NT")

21
roles/splunk_common_uf/tasks/post_install_subtasks/register_splunk_secret.yml
Unescape View File

@ -0,0 +1,21 @@
---
# - name: Get the Splunk secret
# shell: cat "{{ splunk_home }}/etc/auth/splunk.secret"
# register: splunk_secret_content
# when:
# - splunk_secret is undefined or splunk_secret is none
# - not tmp_splunk_secret.stat.exists
# become: yes
# become_user: "{{ privileged_user }}"
- name: register Splunk secret for use on other hosts
fetch:
src: "{{ splunk_home_uf }}/etc/auth/splunk.secret"
dest: "/tmp/splunk_secret"
flat: yes
become: yes
become_user: "{{ privileged_user }}"
when:
- splunk_secret is undefined or splunk_secret is none
- not tmp_splunk_secret.stat.exists

10
roles/splunk_common_uf/tasks/post_install_subtasks/remove_first_login.yml
Unescape View File

@ -0,0 +1,10 @@
---
- name: "Create .ui_login"
file:
path: "{{ splunk_home_uf }}/etc/.ui_login"
state: touch
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
mode: "u=rw,g=,o="
become: yes
become_user: "{{ splunk_user }}"

33
roles/splunk_common_uf/tasks/post_install_subtasks/set_splunk_secret.yml
Unescape View File

@ -0,0 +1,33 @@
---
- name: Set the Splunk secret from Config
copy:
dest: "{{ splunk_home_uf }}/etc/auth/splunk.secret"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
mode: 0400
content: "{{ splunk_secret }}"
when:
- splunk_secret is defined and splunk_secret is not none
become: yes
become_user: "{{ privileged_user }}"
# Checking that a splunk_secret exists on ansible host
- name: "Checking that a splunk_secret exists on ansible host"
local_action: stat path=/tmp/splunk_secret
register: tmp_splunk_secret
become: yes
become_user: "{{ privileged_user }}"
- name: Set the Splunk secret from First Host
copy:
dest: "{{ splunk_home_uf }}/etc/auth/splunk.secret"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
mode: 0400
src: "/tmp/splunk_secret"
when:
- splunk_secret is undefined or splunk_secret is none
- tmp_splunk_secret.stat.exists
become: yes
become_user: "{{ privileged_user }}"

42
roles/splunk_common_uf/tasks/post_install_subtasks/set_user_seed.yml
Unescape View File

@ -0,0 +1,42 @@
---
- name: "Hash the password"
command: "{{ splunk_exec_uf }} hash-passwd {{ splunk_password }}"
register: hashed_pwd
changed_when: hashed_pwd.rc == 0
become: yes
become_user: "{{ splunk_user }}"
no_log: "{{ hide_password }}"
- name: "Generate user-seed.conf (Linux)"
ini_file:
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
dest: "{{ splunk_home_uf }}/etc/system/local/user-seed.conf"
section: user_info
option: "{{ item.opt }}"
value: "{{ item.val }}"
with_items:
- { opt: "USERNAME", val: "{{ splunk_admin_user }}" }
- { opt: "HASHED_PASSWORD", val: "{{ hashed_pwd.stdout }}" }
loop_control:
label: "{{ item.opt }}"
when: ansible_system is match("Linux")
no_log: "{{ hide_password }}"
become: yes
become_user: "{{ splunk_user }}"
- name: "Generate user-seed.conf (Windows)"
ini_file:
dest: "{{ splunk_home_uf }}/etc/system/local/user-seed.conf"
section: user_info
option: "{{ item.opt }}"
value: "{{ item.val }}"
with_items:
- { opt: "USERNAME", val: "{{ splunk_admin_user }}" }
- { opt: "HASHED_PASSWORD", val: "{{ hashed_pwd.stdout }}" }
loop_control:
label: "{{ item.opt }}"
when: ansible_system is match("CYGWIN*|Win32NT")
no_log: "{{ hide_password }}"
become: yes
become_user: "{{ splunk_user }}"

10
roles/splunk_common_uf/tasks/pre_install_subtasks/change_splunk_directory_owner.yml
Unescape View File

@ -0,0 +1,10 @@
---
- name: Update Splunk directory owner
file:
path: "{{ splunk_home_uf }}"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
recurse: yes
state: directory
become: yes
become_user: "{{ privileged_user }}"

53
roles/splunk_common_uf/tasks/pre_install_subtasks/get_facts.yml
Unescape View File

@ -0,0 +1,53 @@
---
- name: "Set privilege escalation user"
set_fact:
privileged_user: "{% if ansible_system is match('CYGWIN*|Win32NT') %}Administrator{% else %}root{% endif %}"
- name: "Check for existing installation"
stat:
path: "{{ splunk_exec_uf }}"
become: yes
register: pre_existing_splunk_exec
- name: "Set splunk install fact"
set_fact:
splunk_install: "{{ not pre_existing_splunk_exec.stat.exists | default(True) }}"
- name: "Check for existing splunk secret"
stat:
path: "{{ splunk_home_uf }}/etc/auth/splunk.secret"
register: pre_existing_splunk_secret
become: yes
- name: "Set first run fact"
set_fact:
first_run: "{{ not pre_existing_splunk_secret.stat.exists | default(True) }}"
- name: "Set splunk_build_type fact"
include_tasks: get_facts_build_type.yml
- name: "Set target version fact"
include_tasks: get_facts_target_version.yml
when: splunk_target_version is not defined or splunk_target_version == none
- name: "Find manifests"
find:
paths: "{{ splunk_home_uf }}"
patterns: ".*-manifest$"
use_regex: yes
become: yes
register: manifests
- name: "Set current version fact"
set_fact:
splunk_current_version: "{{ manifests.files[0].path | regex_search(regexp, '\\1') if (manifests.matched == 1) else '0' }}"
vars:
regexp: 'splunk\D*?-((\d+)\.(\d+)\.(\d+))'
- name: "Setting upgrade fact"
set_fact:
splunk_upgrade: "{{ splunk_build_location_uf and not splunk_install and splunk_target_version and splunk_target_version != splunk_current_version | default(False) }}"
- name: "Register the fact that we've gather the fact"
set_fact:
splunk_get_fact: true

21
roles/splunk_common_uf/tasks/pre_install_subtasks/get_facts_build_type.yml
Unescape View File

@ -0,0 +1,21 @@
- name: Set splunk_build_type from variable
set_fact:
splunk_build_type: "{{ splunk_build_type }}"
when:
- "splunk_build_type is defined"
- name: Set splunk_build_type from build_location
block:
#check if the build_location is a tgz
- name: "Set build_type (tgz)"
set_fact:
splunk_build_type: "tgz"
when: splunk_build_location is match(".*(\.tar\.gz|\.tgz)$")
- name: "Set build_type (msi)"
set_fact:
splunk_build_type: "msi"
when: splunk_build_location is match(".*\.msi$")
when:
- splunk_build_type is not defined
- splunk_build_type is not none
- splunk_build_location is not none

13
roles/splunk_common_uf/tasks/pre_install_subtasks/get_facts_target_version.yml
Unescape View File

@ -0,0 +1,13 @@
# Use a manually set version, if a it is set
- name: "Set target version fact"
set_fact:
splunk_target_version: "{{ splunk_target_version }}"
when: "splunk_target_version is defined"
# Extracting the numbers from the Splunk installer file name allows us to know the version we are targeting.
- name: "Set target version fact (file)"
set_fact:
splunk_target_version: "{{ splunk_build_location | regex_search(regexp, '\\1') | default('0') }}"
vars:
regexp: 'splunk\D*?-((\d+)\.(\d+)\.(\d+))'
when: "splunk_build_type is defined and splunk_build_type is match('(tgz|msi|rpm|deb)')"

45
roles/splunk_common_uf/tasks/start_splunk.yml
Unescape View File

@ -0,0 +1,45 @@
---
- name: "Get Splunk status"
command: "{{ splunk_exec_uf }} status --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: splunk_status
changed_when: False
failed_when: False
ignore_errors: yes
- name: "Start Splunk via cli"
command: "{{ splunk_exec_uf }} start --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: start_splunk
changed_when: start_splunk.rc == 0 and 'already running' not in start_splunk.stdout
when:
- not splunk_enable_service or pid1 is not defined
- splunk_status.rc != 0
ignore_errors: yes
- name: "Start Splunk via service"
service:
name: "{% if pid1.stdout.find('systemd') != -1 %}Splunkd{% else %}splunk{% endif %}"
state: restarted
when:
- splunk_enable_service
- splunk_status.rc != 0
- ansible_system is match("Linux")
- pid1 is defined
become: yes
become_user: "{{ privileged_user }}"
- name: "Start Splunk via Windows service"
win_service:
name: splunkd
state: restarted
when:
- splunk_enable_service
- splunk_status.rc != 0
- ansible_os_family == "Windows"
- name: "Wait for splunkd management port"
wait_for:
port: "{{ splunk_svc_port }}"

40
roles/splunk_common_uf/tasks/stop_splunk.yml
Unescape View File

@ -0,0 +1,40 @@
---
- name: "Get Splunk status"
command: "{{ splunk_exec_uf }} status --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: splunk_status
changed_when: False
failed_when: False
ignore_errors: yes
- name: "Stop Splunk via cli"
command: "{{ splunk_exec_uf }} stop --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: stop_splunk
changed_when: stop_splunk.rc == 0
when:
- not splunk_enable_service
- splunk_status.rc == 0
- name: "Stop Splunk via systemctl"
service:
name: Splunkd
state: stopped
when:
- splunk_enable_service
- splunk_status.rc == 0
- ansible_system is match("Linux")
become: yes
become_user: "{{ privileged_user }}"
ignore_errors: yes
- name: "Stop Splunk via Windows service"
win_service:
name: splunkd
state: stopped
when:
- splunk_enable_service
- splunk_status.rc == 0
- ansible_os_family == "Windows"

7
test_ping.yml
Unescape View File

@ -0,0 +1,7 @@
- name: Test de connectivité ping pong
hosts: all_splunk_instances
become: true
tasks:
- name: Test de ping pong
ping:
Write Preview
Loading…
Cancel
Save