diff --git a/Vagrantfile b/Vagrantfile index ff6296e..06c7b7f 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -62,11 +62,32 @@ Vagrant.configure("2") do |config| # Start compose services and add default input config.vm.provision "shell", inline: <<-SHELL + # Remove old keys and create directories mkdir -p /vagrant/pki rm -r /vagrant/pki/* mkdir -p /vagrant/pki/{fluentd,graylog} + # Generate and install TLS keys + cd /vagrant/pki + + # Generate Graylog's CA + openssl genrsa -out rootCA.key 4096 2> /dev/null + openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 \ + -out rootCA.crt -subj "/C=US/ST=GA/O=MyOrg/CN=localhost" 2> /dev/null + + # Generate Fluentd's keys + openssl genrsa -out fluentd.key 4096 2> /dev/null + openssl req -new -sha256 -key fluentd.key \ + -subj "/C=US/ST=GA/O=MyOrg/CN=localhost" -out fluentd.csr 2> /dev/null + + # Sign Fluentd's certificate + openssl x509 -req -in fluentd.csr -CA rootCA.crt -CAkey rootCA.key \ + -CAcreateserial -out fluentd-signed.crt -days 500 -sha256 2> /dev/null + + mv fluentd*.* fluentd/ + mv root*.* graylog/ + # Bring up containers cd /vagrant /usr/local/bin/docker-compose up -d 2> /dev/null @@ -129,26 +150,6 @@ Vagrant.configure("2") do |config| -d @GELFTCPInput.json fi - # Generate and install TLS keys - cd /vagrant/pki - - # Generate Graylog's CA - openssl genrsa -out rootCA.key 4096 2> /dev/null - openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 \ - -out rootCA.crt -subj "/C=US/ST=GA/O=MyOrg/CN=localhost" 2> /dev/null - - # Generate Fluentd's keys - openssl genrsa -out fluentd.key 4096 2> /dev/null - openssl req -new -sha256 -key fluentd.key \ - -subj "/C=US/ST=GA/O=MyOrg/CN=localhost" -out fluentd.csr 2> /dev/null - - # Sign Fluentd's certificate - openssl x509 -req -in fluentd.csr -CA rootCA.crt -CAkey rootCA.key \ - -CAcreateserial -out fluentd-signed.crt -days 500 -sha256 2> /dev/null - - mv fluentd*.* fluentd/ - mv root*.* graylog/ - SHELL end diff --git a/fluentd/Dockerfile b/fluentd/Dockerfile index c4a6686..27ab3d2 100644 --- a/fluentd/Dockerfile +++ b/fluentd/Dockerfile @@ -3,7 +3,8 @@ USER root RUN apt-get update \ && apt-get -y install --no-install-recommends wget \ && rm -rf /var/lib/apt/lists/* +RUN gem uninstall gelf -v 3.1.0 +RUN gem install gelf -v 3.0.0 RUN gem install fluent-plugin-rewrite-tag-filter RUN gem install fluent-plugin-gelf-hs -RUN gem install gelf -v 3.0.0 COPY fluent.conf /fluentd/etc/