admingit
/
Splunk_Install
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New_Project

Browse Source
main
JocelynPa 3 years ago
parent a1fa8a3231
commit b82728342e
32 changed files with 824 additions and 31 deletions
Show Stats Download Patch File Download Diff File

24
install_splunk.yml
Unescape View File

@ -0,0 +1,24 @@
- hosts: all_splunk_instances
tasks:
- name: Gathering Facts
include_tasks: roles/splunk_common/tasks/pre_install_subtasks/get_facts.yml
when:
- splunk_get_fact is not defined
- hosts: all_splunk_instances
serial:
- 1
- 100%
roles:
- splunk_common
tags: all,installation
- hosts: localhost
connection: local
tasks:
- name: Cleanup secret
file:
dest: "/tmp/splunk_secret"
state: "absent"
become: yes
become_user: root

26
inventories/cluster/hosts.yml
Unescape View File

@ -0,0 +1,26 @@
all_splunk_instances:
children:
splunk_search_head_TIC:
hosts:
SVLCTPLOGPUB01.mom.fr
SVLCTPLOGPUB02.mom.fr
splunk_indexer_TIC:
hosts:
SVLCTPLOGIDX01.mom.fr
SVLCTPLOGIDX02.mom.fr
splunk_licence_master:
hosts:
SVLCTPLOGLMR.mom.fr
splunk_uf_Linux_TIC:
hosts:
SVLCTPSUPPFI01.mom.fr
SVLCTPSUPPFI02.mom.fr
splunk_uf_Windows_TIC:
hosts:
SVWCTPSUPPFI01.mom.fr
splunk_deployement_TIC:
hosts:
SVLCTPLOGSUP01.mom.fr
splunk_monitoring_TIC:
hosts:
SVLCTPLOGSUP01.mom.fr

49
inventories/group_vars/all.yml
Unescape View File

@ -0,0 +1,49 @@
---
ansible_user: admin
privileged_user: root
retry_num: 3
delay_num: 3
hide_password: false
ansible_script_version: 1.0
author: VABOS
splunk_upgrade: false
splunk_home_ownership_enforcement: true
splunk_user: splunk
splunk_group: splunk
splunk_build_location: /tmp/splunk
splunk_build_location_uf: /tmp/splunk
splunk_build_remote_src: true
splunk_build_type: tgz
splunk_opt: /opt
splunk_home: /opt/splunk
splunk_home_uf: /opt/splunkforwarder
splunk_exec: /opt/splunk/bin/splunk
splunk_exec_uf: /opt/splunkforwarder/bin/splunk
splunk_enable_service: false
splunk_password: 921223Jocpam!?
splunk_admin_user: adminsplunk
splunk_general_pass4SymmKey: Asf#oQcAjOAnw^#zCE#Nd2R0#27j0@
splunk_secret: 6XHPsFI2^jsYI&^ITvxzk#SZBcr1^n
splunk_svc_port: 8089
splunk_http_port: 8000
splunk_enableSSL: true
splunk_ssl_cert_password: CHANGEME
splunk_ssl_generate_cert: false
splunk_ssl_generate_root_cert: false
splunk_s2s_port: 9997
splunk_replication_port: 9100
splunk_shcluster_replication_port: 9200
splunk_shcluster_mode: member
splunk_optimistic_about_file_locking: true
splunk_single_instance: false
#splunk_site: site0
#splunk_multisite: false
#splunk_license_uri: /splunk_apps/splunk.license
splunk_idxc_pass4SymmKey: 1nZ7lubH^KTqKyS3#h5Ad9V^Xkrttq
splunk_app_prefix: SPL

2
inventory/hosts.ini
Unescape View File

@ -1,2 +0,0 @@
[splunk]
localhost ansible_connection=local

10
roles/install-splunk/task/main.yml
Unescape View File

@ -1,10 +0,0 @@
---
- name: Install Splunk
hosts: splunk
vars_files:
- ../vars/main.yml
- vars/main.yml
- roles/install-splunk/vars/main.yml
roles:
- install-splunk
- configure-splunk

9
roles/install-splunk/task/set-splunk-user.yml
Unescape View File

@ -1,9 +0,0 @@
---
- name: Set Splunk user
become: true
user:
name: "{{ splunk_user }}"
home: "{{ splunk_home }}"
shell: /bin/bash
createhome: yes
system: yes

6
roles/install-splunk/task/unpack-splunk.yml
Unescape View File

@ -1,6 +0,0 @@
---
- name: Unpack Splunk
become: true
unarchive:
src: "{{ role_path }}/files/splunk-{{ splunk_version }}-aa7ca

4
roles/splunk_common/handlers/main.yml
Unescape View File

@ -0,0 +1,4 @@
---
# handlers file for splunk_common
- name: "Restart the splunkd service"
include_tasks: "{{ playbook_dir }}/common/handlers/restart_splunk.yml"

39
roles/splunk_common/tasks/install_splunk.yml
Unescape View File

@ -0,0 +1,39 @@
---
- name: Remove old manifest files
file:
path: "{{ item.path }}"
state: "absent"
ignore_errors: yes
become: yes
become_user: "{{ privileged_user }}"
with_items:
- "{{ manifests.files }}"
when: splunk_upgrade | bool
- name: Remove old directories
file:
path: "{{ item }}"
state: "absent"
ignore_errors: yes
become: yes
become_user: "{{ privileged_user }}"
with_items:
- "{{ splunk_home }}/bin"
- "{{ splunk_home }}/lib"
- "{{ splunk_home }}/share"
- "{{ splunk_home }}/Python-2.7"
when: splunk_upgrade | bool
- name: Install Splunk
include_tasks: install_tasks/install_splunk_{{ splunk_build_type }}.yml
- name: Remove installers
file:
dest: "{{ item }}"
state: "absent"
ignore_errors: yes
become: yes
become_user: "{{ privileged_user }}"
with_items:
- "{{ splunk_build_location }}"
- "/tmp/splunk_msi"

7
roles/splunk_common/tasks/install_tasks/install_splunk_msi.yml
Unescape View File

@ -0,0 +1,7 @@
- name: Install Splunk (Windows)
command: "msiexec /I {{ splunk_build_location }}" AGREETOLICENSE=yes LAUNCHSPLUNK=0 /passive /qn"
when: ansible_system is match("CYGWIN*|Win32NT")
register: install_result
until: install_result is succeeded
retries: "{{ retry_num }}"
delay: 3

13
roles/splunk_common/tasks/install_tasks/install_splunk_tgz.yml
Unescape View File

@ -0,0 +1,13 @@
- name: Install Splunk (Linux)
unarchive:
src: "{{ splunk_build_location }}"
dest: "{{ splunk_opt }}"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
remote_src: "{{ splunk_build_remote_src }}"
register: install_result
until: install_result is succeeded
retries: " {{ retry_num}}"
delay: 3
become: yes
become_user: "{{ privileged_user }}"

138
roles/splunk_common/tasks/main.yml
Unescape View File

@ -0,0 +1,138 @@
---
- name: Check if splunk user exists
getent:
database: passwd
key: "{{ splunk_user }}"
fail_key: yes
register: user_exist
ignore_errors: true
become: yes
- name: Setup the splunk user
user:
name: "{{ splunk_user }}"
comment: Splunk User
shell: /bin/bash
generate_ssh_key: yes
ssh_key_bits: 2048
ssh_key_file: .ssh/id_rsa
state: present
when: user_exist["failed"] == true
become: yes
become_user: "{{ privileged_user }}"
- name: Changing Splunk directory Owner
include_tasks: pre_install_subtasks/change_splunk_directory_owner.yml
when:
- ansible_system is match("Linux")
- splunk_home_ownership_enforcement is defined
- splunk_home_ownership_enforcement | bool
- name: Stop existing Splunk
include_tasks: stop_splunk.yml
when:
- splunk_upgrade | bool
# Below we will either install or upgrade, which at this moment is the same task.
- name: "Install Splunk"
include_tasks: install_splunk.yml
when:
- splunk_install | bool or (first_run | bool and splunk_build_location and splunk_build_location is match("^(https?|file)://.*"))
- name: "Upgrade Splunk"
include_tasks: install_splunk.yml
when:
- not splunk_install
- not first_run
- splunk_upgrade | bool
- name: Remove First Login
include_tasks: post_install_subtasks/remove_first_login.yml
when:
- first_run | bool
# This needs to be done before any encrypted passkeys are generated
- name: setup splunk_secret
include_tasks: post_install_subtasks/set_splunk_secret.yml
when:
- first_run | bool
- name: Generate user_seed.conf
include_tasks: post_install_subtasks/set_user_seed.yml
when:
- first_run | bool
- name: setup the [general] pass4SymmKey in system/local
include_tasks: "{{ playbook_dir }}/common/tasks/set_conf_stanza.yml"
vars:
conf_file: "server.conf"
conf_directory: "{{ splunk_home }}/etc/system/local"
stanza_name: general
conf_stanzas:
- pass4SymmKey: "{{ splunk_general_pass4SymmKey }}"
- name: Enable Splunk Service
include_tasks: post_install_subtasks/enable_service.yml
when:
- splunk_enable_service and ansible_system is match("Linux")
- first_run | bool
- name: Setup HTTP port
include_tasks: post_install_subtasks/set_http_port.yml
when:
- splunk_http_port | int != 8000
- name: Setup MGMT port
include_tasks: post_install_subtasks/set_mgmt_port.yml
when:
- splunk_svc_port | int != 8089
- name : Setup SSL
include_tasks: post_install_subtasks/configure_ssl_on_splunk.yml
when:
- splunk_enableSSL | bool
- first_run | bool
- name: Setup Optimistic locking
include_tasks: post_install_subtasks/setup_optimistic_locking.yml
when:
- splunk_optimistic_about_file_locking
- name: "Add generic ssl apps"
copy:
src: "{{ playbook_dir }}/splunk_apps/base_ssl_apps/"
dest: "{{ splunk_home }}/etc/apps/"
group: "{{ splunk_group }}"
owner: "{{ splunk_user }}"
follow: yes
local_follow: yes
become: yes
become_user: "{{ privileged_user }}"
when:
- splunk_enableSSL | bool
- name: Start Splunk
include_tasks: start_splunk.yml
- name: setup http or https for further processing
include_tasks: "{{ playbook_dir }}/common/tasks/set_certificate_prefix.yml"
when :
- cert_prefix is not defined
- name: setup root_endpoint for further processing
include_tasks: post_install_subtasks/set_root_endpoint.yml
when:
- splunk_root_endpoint is defined
- splunk_root_endpoint != None
- first_run | bool
- name: Clean user_seed.conf
include_tasks: post_install_subtasks/clean_user_seed.yml
when:
- first_run | bool
- name: Get splunk.secret if not provided initially
include_tasks: post_install_subtasks/register_splunk_secret.yml
when:
- first_run | bool
- splunk_secret is undefined or splunk_secret is none

7
roles/splunk_common/tasks/post_install_subtasks/clean_user_seed.yml
Unescape View File

@ -0,0 +1,7 @@
---
- name: Remove user-seed.conf
file:
dest: "{{ splunk_home }}/etc/system/local/user-seed.conf"
state: "absent"
notify:
- Restart the splunkd service

48
roles/splunk_common/tasks/post_install_subtasks/configure_ssl_on_splunk.yml
Unescape View File

@ -0,0 +1,48 @@
---
- name: "Transmit certificates from host"
copy:
src: "{{ playbook_dir }}/ssl/{{ item }}"
dest: "{{ splunk_home }}/etc/auth/{{ item }}"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
local_follow: true
mode: 0400
loop:
- ca-cert.pem
- ca-key.pem
- "{{ inventory_hostname }}-cert-concatenated.pem"
- "{{ inventory_hostname }}-cert-concatenated-web.pem"
- "{{ inventory_hostname }}-nopwd-key.pem"
become: yes
become_user: "{{ privileged_user }}"
- name: "Rename Server certificate for simplified usage via symbolic link"
file:
src: "{{ splunk_home }}/etc/auth/{{ inventory_hostname }}-cert-concatenated.pem"
dest: "{{ splunk_home }}/etc/auth/servercertificate.pem"
state: link
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
become: yes
become_user: "{{ privileged_user }}"
- name: "Rename Web Server certificate for simplified usage via symbolic link"
file:
src: "{{ splunk_home }}/etc/auth/{{ inventory_hostname }}-cert-concatenated-web.pem"
dest: "{{ splunk_home }}/etc/auth/web-servercertificate.pem"
state: link
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
become: yes
become_user: "{{ privileged_user }}"
- name: "Rename Web Server certificate Key for simplified usage via symbolic link"
file:
src: "{{ splunk_home }}/etc/auth/{{ inventory_hostname }}-nopwd-key.pem"
dest: "{{ splunk_home }}/etc/auth/web-nopwd-key.pem"
state: link
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
become: yes
become_user: "{{ privileged_user }}"

109
roles/splunk_common/tasks/post_install_subtasks/enable_service.yml
Unescape View File

@ -0,0 +1,109 @@
---
- name: "Retrieve PID 1 process information (Linux)"
command: "ps 1"
register: pid1
when: ansible_system is match("Linux")
- name: "Retrieve Splunk version"
command: "{{ splunk_exec }} version --accept-license --answer-yes --no-prompt"
register: installed_splunk_version
when: ansible_system is match("Linux")
become: yes
become_user: "{{ splunk_user }}"
- name: "Set installed version fact"
set_fact:
installed_splunk_version: "{{ installed_splunk_version.stdout | regex_search(regexp, '\\1') }}"
vars:
regexp: 'Splunk\s((\d+)\.(\d+)\.(\d+)).*'
when: ansible_system is match("Linux")
- name: "Enable service via boot-start - Linux (systemd)"
become: yes
become_user: "{{ privileged_user }}"
command: "{{ splunk_exec }} enable boot-start -systemd-managed 1 -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
- installed_splunk_version[0] is version("7.2.2", ">=")
# Using service file approach for systemd rather than 'boot-start' with
# 'systemd-unit-file-name' option because cli's versions older than 7.2.2 do
# not implement systemd in boot-start command.
- name: "Copy Splunkd unit file - Linux (systemd)"
template:
src: Splunkd.service.j2
dest: /etc/systemd/system/Splunkd.service
owner: "{{ privileged_user }}"
group: "{{ privileged_user }}"
mode: 0644
become: yes
become_user: "{{ privileged_user }}"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
- installed_splunk_version[0] is version("7.2.2", "<")
- name: "Reload daemons via systemctl - Linux (systemd)"
become: yes
become_user: "{{ privileged_user }}"
systemd:
daemon-reload: yes
name: Splunkd.service
enabled: true
when:
- ansible_system is match("Linux")
- pid1.stdout.find('systemd') != -1
- name: "Enable service via boot-start - Linux (init)"
become: yes
become_user: "{{ privileged_user }}"
command: "{{ splunk_exec }} enable boot-start -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
when:
- ansible_system is match("Linux")
- pid1.stdout.find('systemd') == -1
- name: "Enable service via boot-start - Windows"
command: "{{ splunk_exec }} enable boot-start -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
when: ansible_os_family == "Windows"
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl restart Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl start Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl stop Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes
- name: add splunk user to sudoer for systemd
lineinfile:
path: /etc/sudoers
state: present
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl status Splunkd.service"
when:
- ansible_system is match("Linux")
- pid1.stdout.find("systemd") != -1
become: yes

30
roles/splunk_common/tasks/post_install_subtasks/install_java.yml
Unescape View File

@ -0,0 +1,30 @@
---
- name: Install Oracle8 JDK
include_tasks: java_tasks/install_oracle8_jdk.yml
when:
- java_version == "oracle:8"
- ansible_system is match("Linux")
- name: Install Openjdk8 JDK
include_tasks: java_tasks/install_openjdk8_jdk.yml
when:
- java_version == "openjdk:8"
- ansible_system is match("Linux")
- name: Install Openjdk11 JDK
include_tasks: java_tasks/install_openjdk11_jdk.yml
when:
- java_version == "openjdk:11"
- ansible_system is match("Linux")
- name: Install Openjdk13 JDK
include_tasks: java_tasks/install_openjdk11_jdk.yml
when:
- java_version == "openjdk:13"
- ansible_system is match("Linux")
- name: Install Openjdk9 JDK for Windows
include_tasks: java_tasks/install_openjdk9_jdk_windows.yml
when:
- java_version == "openjdk:9"
- ansible_system is match("CYGWIN*|Win32NT")

21
roles/splunk_common/tasks/post_install_subtasks/register_splunk_secret.yml
Unescape View File

@ -0,0 +1,21 @@
---
# - name: Get the Splunk secret
# shell: cat "{{ splunk_home }}/etc/auth/splunk.secret"
# register: splunk_secret_content
# when:
# - splunk_secret is undefined or splunk_secret is none
# - not tmp_splunk_secret.stat.exists
# become: yes
# become_user: "{{ privileged_user }}"
- name: register Splunk secret for use on other hosts
fetch:
src: "{{ splunk_home }}/etc/auth/splunk.secret"
dest: "/tmp/splunk_secret"
flat: yes
become: yes
become_user: "{{ privileged_user }}"
when:
- splunk_secret is undefined or splunk_secret is none
- not tmp_splunk_secret.stat.exists

10
roles/splunk_common/tasks/post_install_subtasks/remove_first_login.yml
Unescape View File

@ -0,0 +1,10 @@
---
- name: "Create .ui_login"
file:
path: "{{ splunk_home }}/etc/.ui_login"
state: touch
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
mode: "u=rw,g=,o="
become: yes
become_user: "{{ splunk_user }}"

8
roles/splunk_common/tasks/post_install_subtasks/set_http_port.yml
Unescape View File

@ -0,0 +1,8 @@
---
- name: Set HTTP Port
ini_file:
dest: "{{ splunk_home }}/etc/system/local/web.conf"
section: settings
option: "httpport"
value: "{{ splunk_http_port }}"

7
roles/splunk_common/tasks/post_install_subtasks/set_mgmt_port.yml
Unescape View File

@ -0,0 +1,7 @@
---
- name: Set mgmt port
ini_file:
dest: "{{ splunk_home }}/etc/system/local/web.conf"
section: settings
option: "mgmtHostPort"
value: "127.0.0.1:{{ splunk_svc_port }}"

19
roles/splunk_common/tasks/post_install_subtasks/set_root_endpoint.yml
Unescape View File

@ -0,0 +1,19 @@
---
- name: Set root endpoint
uri:
url: "{{ cert_prefix }}://127.0.0.1:{{ splunk_svc_port }}/servicesNS/nobody/system/configs/conf-web/settings"
method: POST
user: "{{ splunk_admin_user }}"
password: "{{ splunk_password }}"
validate_certs: false
body:
root_endpoint: "{{ splunk_root_endpoint }}"
body_format: "form-urlencoded"
status_code: 200
timeout: 10
when: splunk_root_endpoint
register: set_root_endpoint
changed_when: set_root_endpoint.status == 200
no_log: "{{ hide_password }}"
notify:
- Restart the splunkd service

35
roles/splunk_common/tasks/post_install_subtasks/set_splunk_secret.yml
Unescape View File

@ -0,0 +1,35 @@
---
- name: Set the Splunk secret from Config
copy:
dest: "{{ splunk_home }}/etc/auth/splunk.secret"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
mode: 0400
content: "{{ splunk_secret }}"
when:
- splunk_secret is defined and splunk_secret is not none
become: yes
become_user: "{{ privileged_user }}"
# Checking that a splunk_secret exists on ansible host
- name: "Checking that a splunk_secret exists on ansible host"
local_action: stat path=/tmp/splunk_secret
register: tmp_splunk_secret
become: yes
become_user: "{{ privileged_user }}"
- name: Set the Splunk secret from First Host
copy:
dest: "{{ splunk_home }}/etc/auth/splunk.secret"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
mode: 0400
src: "/tmp/splunk_secret"
when:
- splunk_secret is undefined or splunk_secret is none
- tmp_splunk_secret.stat.exists
become: yes
become_user: "{{ privileged_user }}"

42
roles/splunk_common/tasks/post_install_subtasks/set_user_seed.yml
Unescape View File

@ -0,0 +1,42 @@
---
- name: "Hash the password"
command: "{{ splunk_exec }} hash-passwd {{ splunk_password }}"
register: hashed_pwd
changed_when: hashed_pwd.rc == 0
become: yes
become_user: "{{ splunk_user }}"
no_log: "{{ hide_password }}"
- name: "Generate user-seed.conf (Linux)"
ini_file:
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
dest: "{{ splunk_home }}/etc/system/local/user-seed.conf"
section: user_info
option: "{{ item.opt }}"
value: "{{ item.val }}"
with_items:
- { opt: "USERNAME", val: "{{ splunk_admin_user }}" }
- { opt: "HASHED_PASSWORD", val: "{{ hashed_pwd.stdout }}" }
loop_control:
label: "{{ item.opt }}"
when: ansible_system is match("Linux")
no_log: "{{ hide_password }}"
become: yes
become_user: "{{ splunk_user }}"
- name: "Generate user-seed.conf (Windows)"
ini_file:
dest: "{{ splunk_home }}/etc/system/local/user-seed.conf"
section: user_info
option: "{{ item.opt }}"
value: "{{ item.val }}"
with_items:
- { opt: "USERNAME", val: "{{ splunk_admin_user }}" }
- { opt: "HASHED_PASSWORD", val: "{{ hashed_pwd.stdout }}" }
loop_control:
label: "{{ item.opt }}"
when: ansible_system is match("CYGWIN*|Win32NT")
no_log: "{{ hide_password }}"
become: yes
become_user: "{{ splunk_user }}"

7
roles/splunk_common/tasks/post_install_subtasks/setup_optimistic_locking.yml
Unescape View File

@ -0,0 +1,7 @@
- name: Ensure Optimistic locking is set to splunk-launch.conf
lineinfile:
path: "{{ splunk_home }}/etc/splunk-launch.conf"
regexp: "^OPTIMISTIC_ABOUT_FILE_LOCKING="
line: OPTIMISTIC_ABOUT_FILE_LOCKING=1
become: yes
become_user: "{{ privileged_user }}"

10
roles/splunk_common/tasks/pre_install_subtasks/change_splunk_directory_owner.yml
Unescape View File

@ -0,0 +1,10 @@
---
- name: Update Splunk directory owner
file:
path: "{{ splunk_home }}"
owner: "{{ splunk_user }}"
group: "{{ splunk_group }}"
recurse: yes
state: directory
become: yes
become_user: "{{ privileged_user }}"

56
roles/splunk_common/tasks/pre_install_subtasks/get_facts.yml
Unescape View File

@ -0,0 +1,56 @@
---
- name: "Set privilege escalation user"
set_fact:
privileged_user: "{% if ansible_system is match('CYGWIN*|Win32NT') %}Administrator{% else %}root{% endif %}"
- name: "Check for existing installation"
stat:
path: "{{ splunk_exec }}"
become: yes
register: pre_existing_splunk_exec
- name: "Set splunk install fact"
set_fact:
splunk_install: "{{ not pre_existing_splunk_exec.stat.exists | default(True) }}"
- name: "Check for existing splunk secret"
stat:
path: "{{ splunk_home }}/etc/auth/splunk.secret"
register: pre_existing_splunk_secret
become: yes
become_user: "{{ privileged_user }}"
- name: "Set first run fact"
set_fact:
first_run: "{{ not pre_existing_splunk_secret.stat.exists | default(True) }}"
become: yes
become_user: "{{ privileged_user }}"
- name : "Set splunk_build_type fact"
include_tasks: get_facts_build_type.yml
- name: "Set target version fact"
include_tasks: get_facts_target_version.yml
when: splunk_target_version is not defined or splunk_target_version == none
- name: "Find manifest"
find:
paths: "{{ splunk_home }}"
patterns: ".*-manifest$"
use_regex: yes
become: yes
register: manifests
- name: "Set current version fact"
set_fact:
splunk_current_version: "{{ manifests.files[0].path | regex_search(regexp, '\\1') if (manifests.matched == 1) else '0' }}"
vars:
regexp: 'splunk\D*?-((\d+)\.(\d+)\.(\d+))'
- name: "Setting upgrade fact"
set_fact:
splunk_upgrade: "{{ splunk_build_location and not splunk_install and splunk_target_version and splunk_target_version != splunk_current_version | default(False) }}"
- name: "Register the fact that we've gather the fact"
set_fact:
splunk_get_fact: true

17
roles/splunk_common/tasks/pre_install_subtasks/get_facts_build_type.yml
Unescape View File

@ -0,0 +1,17 @@
- name: Set splunk_build_type from variable
set_fact:
splunk_build_type: "{{ splunk_build_type }}"
when:
- "splunk_build_type is defined"
- name: Set splunk_build_type from build_location
block:
#check if the build_location is a tgz
- name: "Set build_type (tgz)"
set_fact:
splunk_build_type: "tgz"
when: splunk_build_location is match(".*(\.tar\.gz|\.tgz)$")
- name: "Set build_type (msi)"
set_fact:
splunk_build_type: "msi"
when: splunk_build_location is match(".*\.msi$")

13
roles/splunk_common/tasks/pre_install_subtasks/get_facts_target_version.yml
Unescape View File

@ -0,0 +1,13 @@
# Use a manually set version, if a it is set
- name: "Set target version fact"
set_fact:
splunk_target_version: "{{ splunk_target_version }}"
when: "splunk_target_version is defined"
# Extracting the numbers from the Splunk installer file name allows us to know the version we are targeting.
- name: "Set target version fact (file)"
set_fact:
splunk_target_version: "{{ splunk_build_location | regex_search(regexp, '\\1') | default('0') }}"
vars:
regexp: 'splunk\D*?-((\d+)\.(\d+)\.(\d+))'
when: "splunk_build_type is defined and splunk_build_type is match('(tgz|msi|rpm|deb)')"

45
roles/splunk_common/tasks/start_splunk.yml
Unescape View File

@ -0,0 +1,45 @@
---
- name: "Get Splunk status"
command: "{{ splunk_exec }} status --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: splunk_status
changed_when: False
failed_when: False
ignore_errors: yes
- name: "Start Splunk via cli"
command: "{{ splunk_exec }} start --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: start_splunk
changed_when: start_splunk.rc == 0 and 'already running' not in start_splunk.stdout
when:
- not splunk_enable_service or pid1 is not defined
- splunk_status.rc != 0
ignore_errors: yes
- name: "Start Splunk via service"
service:
name: "{% if pid1.stdout.find('systemd') != -1 %}Splunkd{% else %}splunk{% endif %}"
state: restarted
when:
- splunk_enable_service
- splunk_status.rc != 0
- ansible_system is match("Linux")
- pid1 is defined
become: yes
become_user: "{{ privileged_user }}"
- name: "Start Splunk via Windows service"
win_service:
name: splunkd
state: restarted
when:
- splunk_enable_service
- splunk_status.rc != 0
- ansible_os_family == "Windows"
- name: "Wait for splunkd management port"
wait_for:
port: "{{ splunk_svc_port }}"

40
roles/splunk_common/tasks/stop_splunk.yml
Unescape View File

@ -0,0 +1,40 @@
---
- name: "Get Splunk status"
command: "{{ splunk_exec }} status --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: splunk_status
changed_when: False
failed_when: False
ignore_errors: yes
- name: "Stop Splunk via cli"
command: "{{ splunk_exec }} stop --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ splunk_user }}"
register: stop_splunk
changed_when: stop_splunk.rc == 0
when:
- not splunk_enable_service
- splunk_status.rc == 0
- name: "Stop Splunk via systemctl"
service:
name: Splunkd
state: stopped
when:
- splunk_enable_service
- splunk_status.rc == 0
- ansible_system is match("Linux")
become: yes
become_user: "{{ privileged_user }}"
ignore_errors: yes
- name: "Stop Splunk via Windows service"
win_service:
name: splunkd
state: stopped
when:
- splunk_enable_service
- splunk_status.rc == 0
- ansible_os_family == "Windows"

0
roles/install-splunk/vars/main.yml → roles/splunk_common/vars/main.yml
Unescape View File

4
vars/main.yml
Unescape View File

@ -1,4 +0,0 @@
splunk_username: "admin"
splunk_password: "password"
splunk_home: "/opt/splunk"
splunk_https: "true"
Write Preview
Loading…
Cancel
Save