1
0
mirror of https://github.com/krislamo/graylog_demo synced 2024-11-09 21:50:35 +00:00
graylog_demo/Vagrantfile

179 lines
5.5 KiB
Ruby
Raw Permalink Normal View History

2020-01-22 15:09:57 +00:00
# vi: set ft=ruby :
2020-03-19 21:19:00 +00:00
PRIVATE_NET_IP = "172.28.128."
2020-01-22 15:09:57 +00:00
Vagrant.configure("2") do |config|
2020-01-22 19:57:33 +00:00
2020-03-19 21:19:00 +00:00
vmservers = ["graylog", "systems"]
last_octet = 30
vmservers.each do |server|
config.vm.define "#{server}" do |node|
node.vm.box = "centos/7"
node.vm.hostname = "#{server}"
node.vm.network "private_network", ip: PRIVATE_NET_IP + last_octet.to_s
node.vm.synced_folder ".", "/vagrant", type: "nfs"
last_octet = last_octet + 1
node.vm.provider "virtualbox" do |vbox|
vbox.memory = 4096
vbox.cpus = 4
end
# Common provision
2020-03-19 21:19:00 +00:00
node.vm.provision "shell", inline: <<-SHELL
# Set SELinux to permissive
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/selinux/config
# Import GPG keys
rpm --import \
/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 \
https://download.docker.com/linux/centos/gpg \
http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 \
https://packages.treasuredata.com/GPG-KEY-td-agent
# Install Docker Community Edition
yum-config-manager --add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io
systemctl start docker
systemctl -q enable docker
usermod -aG docker vagrant
# Convenience
yum install -y vim
2020-03-24 19:22:39 +00:00
# Install rsyslog
yum install -y rsyslog
systemctl start rsyslog
systemctl -q enable rsyslog
# Add rsyslog forwarding option if it does not exist
if ! grep -q "127.0.0.1:5140" /etc/rsyslog.conf; then
echo "*.* @127.0.0.1:5140" >> /etc/rsyslog.conf
systemctl restart rsyslog
fi
2020-07-24 15:56:06 +00:00
# Setup TLS
if [ ! -f /vagrant/tmp/ca_key.pem ]; then
echo "Generating TLS certificates..."
cd /vagrant/tmp
openssl req -newkey rsa:4096 \
-x509 \
-sha256 \
-days 3650 \
-nodes \
-out ca_cert.pem \
-keyout ca_key.pem \
-subj "/C=US/ST=Local/L=Local/O=Org/OU=IT/CN=example.com" \
2> /dev/null
fi
2020-03-19 21:19:00 +00:00
# Install td-agent
cp /vagrant/td-agent.repo /etc/yum.repos.d/
yum check-update
yum install -y td-agent
td-agent-gem install fluent-plugin-gelf-hs gelf
systemctl -q enable td-agent
SHELL
# Commmon provision: install docker-compose
2020-03-19 21:19:00 +00:00
node.vm.provision "shell", path: "install-compose.sh"
# Graylog specific provision
if server == "graylog"
node.vm.provision "shell", inline: <<-SHELL
cp /vagrant/td-agent-server.conf /etc/td-agent/td-agent.conf
mkdir -p /var/log/graylog_buffer
chown -R td-agent:td-agent /var/log/graylog_buffer
systemctl restart td-agent
# Install jq
yum install -y epel-release
yum install -y jq
# Start Graylog
cd /vagrant
/usr/local/bin/docker-compose up -d 2> /dev/null
# Wait 120 seconds for Graylog to come online
2020-07-01 19:15:46 +00:00
SECONDS=0
while true
do
GRAYLOG_STATE=$(
docker inspect vagrant_graylog_1 \
| jq --raw-output '.[] | .State.Health.Status')
if [[ "$GRAYLOG_STATE" == "healthy" ]]; then
echo "Graylog is available."
sleep 5
break
elif [[ "$GRAYLOG_STATE" != "starting" ]]; then
echo "Something is wrong with Graylog. Aborting."
exit 1
elif [[ $SECONDS -le 120 ]]; then
echo "Waiting for Graylog ($SECONDS/120 seconds)"
sleep 10
else
echo "Waiting on Graylog timed out. Aborting."
exit 1
fi
done
# Check for existing GELF TCP Input
INPUTSTATE=$(
curl -s -X GET \
-H "Content-Type: application/json" \
-H "X-Requested-By: cli" \
-u admin:admin \
"http://graylog.172.28.128.30.xip.io:8080/api/system/inputstates")
INPUT_TYPES=$(echo $INPUTSTATE | jq --raw-output '.states | .[] | .message_input.type')
for TYPE in $INPUT_TYPES; do
if [[ "$TYPE" == "org.graylog2.inputs.gelf.tcp.GELFTCPInput" ]]; then
echo "Found GELF TCP input in Graylog, aborting input installation."
exit
fi
done
# Install GELF TCP Input
curl -i -s -X POST \
-H "Content-Type: application/json" \
-H "X-Requested-By: cli" \
-u admin:admin \
"http://graylog.172.28.128.30.xip.io:8080/api/system/inputs" \
-d @GELFTCPInput.json
SHELL
elsif server == "systems"
node.vm.provision "shell", inline: <<-SHELL
# Install apache
yum install -y httpd
systemctl start httpd
systemctl -q enable httpd
# Configure td-agent
cp /vagrant/td-agent.conf /etc/td-agent/td-agent.conf
mkdir -p /var/log/containers /var/log/fluentd_buffer
chown -R td-agent:td-agent /var/log/containers /var/log/fluentd_buffer
chmod -R 755 /var/log
systemctl restart td-agent
# Bring up WordPress test containers
cd /vagrant/wordpress
/usr/local/bin/docker-compose up -d 2> /dev/null
SHELL
end
2020-03-19 21:19:00 +00:00
end
2020-01-22 19:57:33 +00:00
end
2020-01-22 15:09:57 +00:00
end