kris/graylog_demo
1
0
Fork 0
mirror of https://github.com/krislamo/graylog_demo synced 2024-09-19 21:50:36 +00:00
Code Issues Releases Wiki Activity

Refactoring to divide services among two boxes

Browse Source
This commit is contained in:
Kris Lamoureux 2020-03-20 13:13:32 -04:00
parent d9139b715a
commit c95cbdbaa6
Signed by: kris
GPG Key ID: A30022791E1719A4
2 changed files with 86 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
Vagrantfile vendored
View File

@ -20,6 +20,7 @@ Vagrant.configure("2") do |config|
vbox.cpus = 4 vbox.cpus = 4
end end
# Common provision
node.vm.provision "shell", inline: <<-SHELL node.vm.provision "shell", inline: <<-SHELL
# Set SELinux to permissive # Set SELinux to permissive
@ -44,20 +45,6 @@ Vagrant.configure("2") do |config|
# Convenience # Convenience
yum install -y vim yum install -y vim
# Install jq
yum install -y epel-release
yum install -y jq
# Install apache
yum install -y httpd
systemctl start httpd
systemctl -q enable httpd
# Install rsyslog
yum install -y rsyslog
systemctl start rsyslog
systemctl -q enable rsyslog
# Install td-agent # Install td-agent
cp /vagrant/td-agent.repo /etc/yum.repos.d/ cp /vagrant/td-agent.repo /etc/yum.repos.d/
yum check-update yum check-update
@ -70,77 +57,100 @@ Vagrant.configure("2") do |config|
systemctl restart td-agent systemctl restart td-agent
systemctl -q enable td-agent systemctl -q enable td-agent
# Add rsyslog forwarding option if it does not exist
if ! grep -q "127.0.0.1:5140" /etc/rsyslog.conf; then
echo "*.* @127.0.0.1:5140" >> /etc/rsyslog.conf
systemctl restart rsyslog
fi
SHELL SHELL
# Install newest docker-compose # Commmon provision: install docker-compose
node.vm.provision "shell", path: "install-compose.sh" node.vm.provision "shell", path: "install-compose.sh"
# Start compose services and add default input # Graylog specific provision
node.vm.provision "shell", inline: <<-SHELL if server == "graylog"
node.vm.provision "shell", inline: <<-SHELL
# Bring up containers # Install jq
cd /vagrant yum install -y epel-release
/usr/local/bin/docker-compose up -d 2> /dev/null yum install -y jq
cd /vagrant/wordpress
/usr/local/bin/docker-compose up -d 2> /dev/null
cd /vagrant
# Wait 120 seconds for Graylog to come online # Start Graylog
SECONDS=0 cd /vagrant
while true /usr/local/bin/docker-compose up -d 2> /dev/null
do
GRAYLOG_STATE=$(
docker inspect vagrant_graylog_1 \
| jq --raw-output '.[] | .State.Health.Status')
if [[ "$GRAYLOG_STATE" == "healthy" ]]; then # Wait 120 seconds for Graylog to come online
echo "Graylog is available." SECONDS=0
sleep 5 while true
break do
elif [[ "$GRAYLOG_STATE" != "starting" ]]; then GRAYLOG_STATE=$(
echo "Something is wrong with Graylog. Aborting." docker inspect vagrant_graylog_1 \
exit 1 | jq --raw-output '.[] | .State.Health.Status')
elif [[ $SECONDS -le 120 ]]; then
echo "Waiting for Graylog ($SECONDS/120 seconds)" if [[ "$GRAYLOG_STATE" == "healthy" ]]; then
sleep 10 echo "Graylog is available."
else sleep 5
echo "Waiting on Graylog timed out. Aborting." break
exit 1 elif [[ "$GRAYLOG_STATE" != "starting" ]]; then
echo "Something is wrong with Graylog. Aborting."
exit 1
elif [[ $SECONDS -le 120 ]]; then
echo "Waiting for Graylog ($SECONDS/120 seconds)"
sleep 10
else
echo "Waiting on Graylog timed out. Aborting."
exit 1
fi
done
# Check for existing GELF TCP Input
INPUTSTATE=$(
curl -s -X GET \
-H "Content-Type: application/json" \
-H "X-Requested-By: cli" \
-u admin:admin \
"http://graylog.172.28.128.30.xip.io:8080/api/system/inputstates")
INPUT_TYPES=$(echo $INPUTSTATE | jq --raw-output '.states | .[] | .message_input.type')
for TYPE in $INPUT_TYPES; do
if [[ "$TYPE" == "org.graylog2.inputs.gelf.tcp.GELFTCPInput" ]]; then
echo "Found GELF TCP input in Graylog, aborting input installation."
exit
fi
done
# Install GELF TCP Input
curl -i -s -X POST \
-H "Content-Type: application/json" \
-H "X-Requested-By: cli" \
-u admin:admin \
"http://graylog.172.28.128.30.xip.io:8080/api/system/inputs" \
-d @GELFTCPInput.json
SHELL
elsif server == "systems"
node.vm.provision "shell", inline: <<-SHELL
# Install apache
yum install -y httpd
systemctl start httpd
systemctl -q enable httpd
# Install rsyslog
yum install -y rsyslog
systemctl start rsyslog
systemctl -q enable rsyslog
# Add rsyslog forwarding option if it does not exist
if ! grep -q "127.0.0.1:5140" /etc/rsyslog.conf; then
echo "*.* @127.0.0.1:5140" >> /etc/rsyslog.conf
systemctl restart rsyslog
fi fi
done
# Check for existing GELF TCP Input # Bring up WordPress test containers
INPUTSTATE=$( cd /vagrant/wordpress
curl -s -X GET \ /usr/local/bin/docker-compose up -d 2> /dev/null
-H "Content-Type: application/json" \
-H "X-Requested-By: cli" \
-u admin:admin \
"http://graylog.172.28.128.30.xip.io:8080/api/system/inputstates")
INPUT_TYPES=$(echo $INPUTSTATE | jq --raw-output '.states | .[] | .message_input.type') SHELL
for TYPE in $INPUT_TYPES; do
if [[ "$TYPE" == "org.graylog2.inputs.gelf.tcp.GELFTCPInput" ]]; then
echo "Found GELF TCP input in Graylog, aborting input installation."
exit
fi
done
# Install GELF TCP Input
curl -i -s -X POST \
-H "Content-Type: application/json" \
-H "X-Requested-By: cli" \
-u admin:admin \
"http://graylog.172.28.128.30.xip.io:8080/api/system/inputs" \
-d @GELFTCPInput.json
SHELL
end
end end
end end
end end

4
wordpress/docker-compose.yml
View File

@ -40,8 +40,8 @@ services:
networks: networks:
traefik-net: traefik-net:
external: # external:
name: vagrant_traefik-net # name: vagrant_traefik-net
volumes: volumes:
db_data: {} db_data: {}