admingit
/
Splunk_Int
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ajout des yml

Browse Source
master
admingit 1 year ago
parent 595502df96
commit 266130ca5f
23 changed files with 603 additions and 7 deletions
Show Stats Download Patch File Download Diff File

BIN
.DS_Store vendored
View File

Binary file not shown.

12
Copy_keys.yml
Unescape View File

@ -0,0 +1,12 @@
---
- name: Copie de la clé du DSMC sur les instances splunk
become: yes
become_user: "{{ privileged_user }}"
hosts: all:!splunk_deployement:!splunk_uf_Linux
tasks:
- name: Copie de la clé du DSMC sur les instances splunk
copy:
src: "{{ playbook_dir }}/Keys_public/SVLCTMLOGSUP01.unit-c.edf.fr/"
dest: /opt/splunk/etc/auth/distServerKeys/SVLCTMLOGSUP01.unit-c.edf.fr/
owner: splunk
group: splunk

33
Deleted_Splunk.yml
Unescape View File

@ -0,0 +1,33 @@
---
- name: Supprimer Splunk de Linux
hosts: all:!splunk_uf_Linux
become: true
become_user: root
vars:
splunk_dir: "/opt/splunk"
tasks:
- name: Arrêter tous les processus Splunk en cours d'exécution
shell: "{{ splunk_dir }}/bin/splunk stop"
ignore_errors: true
- name: Désinstaller le service Splunk
shell: "{{ splunk_dir }}/bin/splunk disable boot-start"
- name: Supprimer le répertoire d'installation de Splunk
file:
path: "{{ splunk_dir }}"
state: absent
- name: Supprimer l'utilisateur Splunk et son groupe
user:
name: splunk
state: absent
ignore_errors: true
- name: Supprimer les entrées de démarrage automatique de Splunk
file:
path: "{{ item }}"
state: absent
with_items:
- /etc/init.d/splunk
- /etc/systemd/system/splunk.service

33
Deleted_SplunkForwarder.yml
Unescape View File

@ -0,0 +1,33 @@
---
- name: Supprimer Splunk de Linux
hosts: splunk_uf_Linux
become: true
become_user: root
vars:
splunkforwarder_dir: "/opt/splunkforwarder"
tasks:
- name: Arrêter tous les processus Splunkforwarder en cours d'exécution
shell: "{{ splunkforwarder_dir }}/bin/splunk stop"
ignore_errors: true
- name: Désinstaller le service Splunk
shell: "{{ splunkforwarder_dir }}/bin/splunk disable boot-start"
- name: Supprimer le répertoire d'installation de Splunk
file:
path: "{{ splunkforwarder_dir }}"
state: absent
- name: Supprimer l'utilisateur Splunk et son groupe
user:
name: splunk
state: absent
ignore_errors: true
- name: Supprimer les entrées de démarrage automatique de Splunk
file:
path: "{{ item }}"
state: absent
with_items:
- /etc/init.d/splunk
- /etc/systemd/system/splunk.service

45
Deploy_Conf_Splunk.yml
Unescape View File

@ -0,0 +1,45 @@
---
- name: "Deploy Conf for Instance Splunk"
become: yes
hosts: all:!splunk_uf_Linux
tasks:
- name: "Deploy Conf to Splunk"
include_tasks: roles/splunk_deploy/tasks/Deploy_Conf-to-Splunk.yml
- name: "Deploy Conf for Instance Splunk DSMC"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_deployement
tasks:
- name: Deploy_Conf_DSMC
include_tasks: roles/splunk_deploy/tasks/Deploy_Conf_DSMC.yml
#- name: "Deploy Configuration Initial SHC"
# become: yes
# become_user: "{{ privileged_user }}"
# hosts: splunk_search_head
# tasks:
# - name: Deploy_Conf_SHC_Init
# include_tasks: roles/splunk_deploy/tasks/Deploy_Conf_SHC_Init.yml
- name: "Restart de fin d'initialisation Splunk"
become: yes
hosts: all:!splunk_uf_Linux
tasks:
- name: Restart_SPL
include_tasks: roles/splunk_deploy/tasks/Restart_SPL.yml
# - name: "Deploy Configuration Bootstrap SHC"
# become: yes
# become_user: "{{ privileged_user }}"
# hosts: SVLCTMLOGPUB02.unit-c.edf.fr
# tasks:
# - name: Deploy_Conf_SHC_BS
# include_tasks: roles/splunk_deploy/tasks/Deploy_Conf_SHC_BS.yml
# - name: "Arrête de fin de deploiement Splunk"
# become: yes
# hosts: all:!splunk_uf_Linux
# tasks:
# - name: Stop_SPL
# include_tasks: roles/splunk_deploy/tasks/Stop_SPL.yml

8
Deploy_UF_Linux-IDN.yml
Unescape View File

@ -0,0 +1,8 @@
---
- name: "Tâche pour SplunkForwarder Linux"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_uf_Linux
tasks:
- name: "Déploiement Configuration UF"
include_tasks: "roles/splunk_deploy_uf/tasks/Deploy_Conf-to-uf-idn.yml"

8
Deploy_UF_Linux.yml
Unescape View File

@ -0,0 +1,8 @@
---
- name: "Tâche pour SplunkForwarder Linux"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_uf_Linux
tasks:
- name: "Déploiement Configuration UF"
include_tasks: "roles/splunk_deploy_uf/tasks/Deploy_Conf-to-uf.yml"

6
Deploy_UF_Windows.yml
Unescape View File

@ -0,0 +1,6 @@
---
- name: "Tâche pour SplunkForwarder Windows"
hosts: splunk_uf_Windows
tasks:
- name: "Déploiement Configuration UF"
include_tasks: "roles/splunk_deploy_uf/tasks/Deploy_Conf-to-uf_Win.yml"

26
Disable_THP.yml
Unescape View File

@ -0,0 +1,26 @@
- name: Disable_THP
hosts: all:!splunk_uf_Windows
become: yes
become_user: root
vars:
THP_enable: "echo never > /sys/kernel/mm/transparent_hugepage/enabled"
THP_defrag: "echo never > /sys/kernel/mm/transparent_hugepage/defrag"
tasks:
- name: Disable_THP_Enable
shell: "{{ THP_enable }}"
- name: Disable_THP_defrag
shell: "{{ THP_defrag }}"
- name: Rendre persistante les modifications lors d'un redémarrage
lineinfile:
path: /etc/rc.local
line: |
#disable THP at boot time
if test -f /sys/kernel/mm/transparent_hugepage/enabled; then
echo never > /sys/kernel/mm/transparent_hugepage/enabled
fi
if test -f /sys/kernel/mm/transparent_hugepage/defrag; then
echo never > /sys/kernel/mm/transparent_hugepage/defrag
fi

7
Ping.yml
Unescape View File

@ -0,0 +1,7 @@
- name: Test de connectivité ping pong
hosts: all_splunk_instances
become: true
tasks:
- name: Test de ping pong
ping:

0
README.md
Unescape View File

40
Restart_Splunk.yml
Unescape View File

@ -0,0 +1,40 @@
---
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_indexer
tasks:
- name: "Stop IDX"
include_tasks: roles/splunk_power/tasks/Restart_idx.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_search_head
tasks:
- name: "Stop SH"
include_tasks: roles/splunk_power/tasks/Restart_sh.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_cluster_master
tasks:
- name: "Stop CM"
include_tasks: roles/splunk_power/tasks/Restart_cm.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_deployment
tasks:
- name: "Stop DSMC"
include_tasks: roles/splunk_power/tasks/Restart_dsmc.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_uf_Linux
tasks:
- name: "Stop FW"
include_tasks: roles/splunk_power/tasks/Restart_fw.yml

40
Shutdown_Splunk.yml
Unescape View File

@ -0,0 +1,40 @@
---
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_indexer
tasks:
- name: "Stop IDX"
include_tasks: roles/splunk_power/tasks/Stop_idx.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_search_head
tasks:
- name: "Stop SH"
include_tasks: roles/splunk_power/tasks/Stop_sh.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_cluster_master
tasks:
- name: "Stop CM"
include_tasks: roles/splunk_power/tasks/Stop_cm.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_deployment
tasks:
- name: "Stop DSMC"
include_tasks: roles/splunk_power/tasks/Stop_dsmc.yml
- name: "Shutdown Infra Splunk"
become: yes
become_user: "{{ privileged_user }}"
hosts: splunk_uf_Linux
tasks:
- name: "Stop FW"
include_tasks: roles/splunk_power/tasks/Stop_fw.yml

8
Start_Splunk.yml
Unescape View File

@ -0,0 +1,8 @@
---
- name: Start Splunk
become: yes
become_user: "{{ privileged_user }}"
hosts: all
tasks:
- name: "Start Splunk via cli"
command: "{{ splunk_exec }} start"

154
Update_Splunk.yml
Unescape View File

@ -0,0 +1,154 @@
---
- name: Mise à jour de Splunk
hosts: all:!splunk_uf_Linux
become: yes
become_user: root
tasks:
- name: Copier la sources sur le client
get_url:
url: "https://{{ repo_url }}/{{ projet }}/{{ app_name }}"
dest: /tmp/
username: "{{ repo_user }}"
password: "{{ repo_password }}"
validate_certs: false
- name: Suppression jp.py pour upgrade 9.3.X et +
file:
state: absent
path: "/opt/splunk/bin/jp.py"
- name: Suppression python2 pour upgrade 9.3.X et +
file:
state: absent
path: "/opt/splunk/bin/python2"
- name: Suppression python2.7 pour upgrade 9.3.X et +
file:
state: absent
path: "/opt/splunk/bin/python2.7"
- name: Mettre à jour le serveur de deploiement
hosts: splunk_deployement
become: yes
become_user: root
tasks:
- name: Arrêter les processus Splunk
shell: "/opt/splunk/bin/splunk stop"
become: yes
- name: Extraire le fichier d'installation de Splunk
unarchive:
src: "/tmp/{{ app_name }}"
dest: "/opt"
remote_src: yes
- name: Attribution des droits
shell: "chown -R splunk:splunk /opt/splunk/"
- name: Mettre à jour Splunk
shell: "/opt/splunk/bin/splunk start --accept-license --answer-yes --no-prompt"
- name: Vérifier l'état de Splunk
wait_for:
host: localhost
port: 8089
delay: 10
timeout: 180
state: started
msg: "Splunk n'a pas redémarré correctement"
- name: Mettre à jour le master cluster Splunk
hosts: splunk_cluster_master
become: yes
become_user: root
tasks:
- name: Arrêter les processus Splunk
shell: "/opt/splunk/bin/splunk stop"
become: yes
- name: Extraire le fichier d'installation de Splunk
unarchive:
src: "/tmp/{{ app_name }}"
dest: "/opt"
remote_src: yes
- name: Attribution des droits
shell: "chown -R splunk:splunk /opt/splunk/"
- name: Mettre à jour Splunk
shell: "/opt/splunk/bin/splunk start --accept-license --answer-yes --no-prompt"
- name: Vérifier l'état de Splunk
wait_for:
host: localhost
port: 8089
delay: 10
timeout: 180
state: started
msg: "Splunk n'a pas redémarré correctement"
- name: Mettre à jour le cluster de Search Head
hosts: splunk_search_head
become: yes
become_user: root
tasks:
- name: Arrêter les processus Splunk
shell: "/opt/splunk/bin/splunk stop"
become: yes
- name: Extraire le fichier d'installation de Splunk
unarchive:
src: "/tmp/{{ app_name }}"
dest: "/opt"
remote_src: yes
- name: Attribution des droits
shell: "chown -R splunk:splunk /opt/splunk/"
- name: Mettre à jour Splunk
shell: "/opt/splunk/bin/splunk start --accept-license --answer-yes --no-prompt"
- name: Vérifier l'état de Splunk
wait_for:
host: localhost
port: 8089
delay: 10
timeout: 180
state: started
msg: "Splunk n'a pas redémarré correctement"
- name: Mettre à jour un cluster d'indexeurs
hosts: splunk_indexer
become: yes
become_user: root
tasks:
- name: Arrêter les processus Splunk
shell: "/opt/splunk/bin/splunk stop"
become: yes
- name: Extraire le fichier d'installation de Splunk
unarchive:
src: "/tmp/{{ app_name }}"
dest: "/opt"
remote_src: yes
- name: Attribution des droits
shell: "chown -R splunk:splunk /opt/splunk/"
- name: Mettre à jour Splunk
shell: "/opt/splunk/bin/splunk start --accept-license --answer-yes --no-prompt"
- name: Vérifier l'état de Splunk
wait_for:
host: localhost
port: 8089
delay: 10
timeout: 180
state: started
msg: "Splunk n'a pas redémarré correctement"

30
Update_Splunk_UF.yml
Unescape View File

@ -0,0 +1,30 @@
- name: Mise à jour de Splunk
hosts: splunk_uf_Linux
become: yes
become_user: root
tasks:
- name: Copier la sources sur le client
get_url:
url: "https://{{ repo_url }}/{{ projet }}/{{ app_name_uf }}"
dest: /tmp/
username: "{{ repo_user }}"
password: "{{ repo_password }}"
validate_certs: false
- name: Arrêter les processus Splunk
shell: "/opt/splunkforwarder/bin/splunk stop"
become: yes
- name: Extraire le fichier d'installation de Splunk
unarchive:
src: "/tmp/{{ app_name_uf }}"
dest: "/opt"
remote_src: yes
- name: Attribution des droits
shell: "chown -R splunk:splunk /opt/splunkforwarder/"
- name: Redémarrer le Splunk Universal Forwarder
shell: "/opt/splunkforwarder/bin/splunk start --accept-license --answer-yes --no-prompt"
become: yes

35
check-space.yml
Unescape View File

@ -0,0 +1,35 @@
---
- name: Check space
hosts: all:!splunk_uf_Linux
become: yes
become_user: root
tasks:
- name: Get available space in /home
shell: df -k /home | tail -1 | awk '{print $4}'
register: home_avail
- name: Convert available space to MB
set_fact:
home_avail_mb: "{{ home_avail.stdout | int // 1024 }}"
- name: Debug space available
debug:
msg: "Available space in /home: {{ home_avail_mb }} MB"
- name: Fail if available space is less than 1GB
fail:
msg: "Not enough space in /home. Only {{ home_avail_mb }} MB available."
when: home_avail_mb | int < 1000
- name: Set global fail flag if space check fails
set_fact:
global_fail: "{{ home_avail_mb | int < 1000 }}"
run_once: true
- name: Fail play if any host failed the space check
fail:
msg: "The playbook is stopping due to insufficient space on one or more hosts."
when: global_fail | bool
run_once: true

67
install_splunk.yml
Unescape View File

@ -0,0 +1,67 @@
- hosts: splunk_indexer
tasks:
- name: Gathering Facts
include_tasks: roles/splunk_common/tasks/pre_install_subtasks/config_lvm_idx.yml
- hosts: splunk_cluster_master
tasks:
- name: Gathering Facts
include_tasks: roles/splunk_common/tasks/pre_install_subtasks/config_lvm_other.yml
- hosts: splunk_search_head
tasks:
- name: Gathering Facts
include_tasks: roles/splunk_common/tasks/pre_install_subtasks/config_lvm_other.yml
- hosts: all_splunk_instances:!splunk_uf_Linux:!splunk_uf_Windows
tasks:
- name: Gathering Facts
include_tasks: roles/splunk_common/tasks/pre_install_subtasks/get_facts.yml
when:
- splunk_get_fact is not defined
- hosts: all_splunk_instances:!splunk_uf_Linux:!splunk_uf_Windows
serial:
- 1
- 100%
roles:
- splunk_common
tags: all,installation
- hosts: localhost
connection: local
tasks:
- name: Cleanup secret
file:
dest: "/tmp/splunk_secret"
state: "absent"
become: yes
become_user: root
- hosts: splunk_indexer
become: true
become_user: root
tasks:
- name: Changer le propriétaire et le groupe du répertoire1
file:
path: /data/splunk_data
owner: splunk
group: splunk
state: directory
- name: Changer le propriétaire et le groupe du répertoire2
file:
path: /data_cold/splunk_data
owner: splunk
group: splunk
state: directory
- name: "Start Splunk via cli"
command: "{{ splunk_exec }} start --accept-license --answer-yes --no-prompt"
become: yes
become_user: "{{ privileged_user }}"
- name: "Boot-Start Splunk via cli"
command: "{{ splunk_exec }} enable boot-start"
become: yes
become_user: "{{ privileged_user }}"

26
install_splunk_uf_lin.yml
Unescape View File

@ -0,0 +1,26 @@
---
- hosts: splunk_uf_Linux
tasks:
- name: "Configuration des lvm UF"
include_tasks: roles/splunk_common_uf/tasks/pre_install_subtask/config_lvm_uf.yml
- name: Gathering Facts
include_tasks: roles/splunk_common_uf/tasks/pre_install_subtasks/get_facts.yml
when:
- splunk_get_fact is not defined
- hosts: splunk_uf_Linux
serial:
- 1
- 100%
roles:
- splunk_common_uf
tags: all,installation
# - hosts: localhost
# connection: local
# tasks:
# - name: Cleanup secret
# file:
# dest: "/tmp/splunk_secret"
# state: "absent"

18
install_splunk_uf_win.yml
Unescape View File

@ -0,0 +1,18 @@
- hosts: splunk_uf_Windows
tasks:
- name: Téléchargement des sources
win_get_url:
url: "https://{{ repo_url }}/{{ projet }}/{{ app_name }}"
dest: c:\temp\
username: "{{ repo_user }}"
password: "{{ repo_password }}"
tags: install
- hosts: splunk_uf_Windows
tasks:
- name: Installation de l'agent Splunk UF
win_package:
path: C:\Temp\splunkforwarder-9.3.0-51ccf43db5bd-x64-release.msi
#product_id: "{6C243C23-42E6-46E7-AECC-81428601A55E}"
state: present
arguments: 'INSTALLDIR="C:\Program Files\SplunkUniversalForwarder" AGREETOLICENSE=Yes /quiet SPLUNK_USER="admin" SPLUNK_PASSWORD="Adm1nPa$$w0rd"'

6
roles/splunk_common/tasks/pre_install_subtasks/config_lvm_idx.yml
Unescape View File

@ -6,17 +6,17 @@
### Initialisation des partitions ### Initialisation des partitions
- name: Init /dev/sdb - name: Init /dev/sdb
shell: "echo -e 'n\np\n1\n\n\nt\n8e\nw' | fdisk /dev/sdb" shell: "echo ,,8e | sfdisk /dev/sdb"
become: yes become: yes
become_user: root become_user: root
- name: Init /dev/sdc - name: Init /dev/sdc
shell: "echo -e 'n\np\n1\n\n60G\nt\n8e\nw' | fdisk /dev/sdc" shell: "echo ,60G,8e | sfdisk /dev/sdc"
become: yes become: yes
become_user: root become_user: root
- name: Init /dev/sdc - name: Init /dev/sdc
shell: "echo -e 'n\np\n2\n\n\nt\n8e\nw' | fdisk /dev/sdc" shell: "echo ,,8e | sfdisk -N 2 /dev/sdc"
become: yes become: yes
become_user: root become_user: root

4
roles/splunk_common/tasks/pre_install_subtasks/config_lvm_other.yml
Unescape View File

@ -6,7 +6,7 @@
### Initialisation des partitions ### Initialisation des partitions
- name: Init /dev/sdb - name: Init /dev/sdb
shell: "echo -e 'n\np\n1\n\n\nt\n8e\nw' | fdisk /dev/sdb" shell: "echo ,,8e | sfdisk /dev/sdb"
become: yes become: yes
become_user: root become_user: root
@ -40,4 +40,4 @@
- name: Add mount in fstab file - name: Add mount in fstab file
shell: "echo -e '/dev/mapper/splunk_vg-lv_splunk /opt xfs defaults 0 0' >> /etc/fstab" shell: "echo -e '/dev/mapper/splunk_vg-lv_splunk /opt xfs defaults 0 0' >> /etc/fstab"
become: yes become: yes
become_user: root become_user: root

4
roles/splunk_common_uf/tasks/pre_install_subtasks/config_lvm_uf.yml
Unescape View File

@ -6,12 +6,12 @@
### Initialisation des partitions ### Initialisation des partitions
- name: Init /dev/sdb - name: Init /dev/sdb
shell: "echo -e 'n\np\n1\n\n\nt\n8e\nw' | fdisk /dev/sdb" shell: "echo ,,8e | sfdisk /dev/sdb"
become: yes become: yes
become_user: root become_user: root
- name: Init /dev/sdc - name: Init /dev/sdc
shell: "echo -e 'n\np\n1\n\n\nt\n8e\nw' | fdisk /dev/sdc" shell: "echo ,,8e | sfdisk /dev/sdc"
become: yes become: yes
become_user: root become_user: root

Write Preview
Loading…
Cancel
Save