015-Ansible批量安装Elastic Beats(支持Linux和Windows)

栏目: 服务器 · 发布时间: 6年前

内容简介:这是坚持技术写作计划(含翻译)的第15篇,定个小目标999,每周最少2篇。使用注意: 主控端需要安装Ansible 2.7.12 可参考

这是坚持技术写作计划(含翻译)的第15篇,定个小目标999,每周最少2篇。

使用 elastic beats 进行拨测,metric采集,主机监控,但是批量化安装仍是个问题,好在elastic官方有开源的 ansible-beats 但是只支持Linux,而我们在某些业务场景下,还有WinServer的存在。故而在官方基础上fork并增加了windows的支持( 已提交PR ,但是官方不一定给合并 [捂脸] )。关于Ansible管理windows可以参考我之前写的一篇文章 Ansible2.7批量管理Windows

实验环境

类型 系统 ip
Server(主控) Ubuntu Server 16.04.5 LTS X64 192.168.0.22
Client(受控) Windows Server 2008 R2 SP1 192.168.0.23
Clinet(受控) Ubuntu Server 16.04.5 LTS X64 192.168.0.24
Clinet(受控) CentOS 7.6.1810 (Core) 192.168.0.25

注意: 主控端需要安装Ansible 2.7.12 可参考

步骤

此处已假设主控端已安装Ansible 2.7+,被控端的Windows的WinRM已配置完成

安装 anjia0532.ansible_beats

在主控端(192.168.0.22)执行以下命令 

root@ubuntu:/root/# ansible-galaxy install anjia0532.ansible_beats
- downloading role 'ansible_beats', owned by anjia0532
- downloading role from https://github.com/anjia0532/ansible-beats/archive/master.tar.gz
- extracting anjia0532.ansible_beats to /root/.ansible/roles/anjia0532.ansible_beats
- anjia0532.ansible_beats (master) was installed successfully

创建inventorys

创建 inventorys/hosts.yml 

beats:
  hosts: 
    192.168.0.23:
        ansible_user: Administrator
        ansible_password: password
        ansible_connection: winrm
        ansible_winrm_transport: basic
        ansible_port: 5985
    192.168.0.24:
        ansible_user: root
        ansible_ssh_private_key_file: /root/.ssh/id_rsa
    192.168.0.25:
        ansible_user: root
        ansible_ssh_private_key_file: /root/.ssh/id_rsa

创建 task

创建 beats.yml

- name: Example playbook for installing packetbeat
  hosts: beats
  roles:
    - { role: anjia0532.ansible_beats,
        beat: "packetbeat",
        beat_conf: {
          "interfaces": {"device":"any"},
          "protocols": {
            "dns": {
              "ports": [53],
              "include_authorities":true
            },
            "http": {
              "ports": [80, 8080, 8000, 5000, 8002]
            },
            "memcache": {
              "ports": [11211]
            },
            "mysql": {
              "ports": [3306]
            },
            "pgsql": {
              "ports": [5432]
            },
            "redis": {
              "ports": [6379]
            },
            "thrift": {
              "ports": [9090]
            },
            "mongodb": {
              "ports": [27017]
            }
          }
        },
        output_conf : {
          "elasticsearch": {
            "hosts": ["localhost:9200"]
          }
        }
    }
  vars:
    use_repository: true

安装beats 

# ansible-playbook -i inventorys/hosts.yml ./beats.yml

// 忽略输出
PLAY RECAP *******************************************************************************************************************************************************************************************************************************************************************
192.168.0.23               : ok=17   changed=17    unreachable=0    failed=0
192.168.0.24               : ok=19   changed=19    unreachable=0    failed=0
192.168.0.25               : ok=19   changed=19    unreachable=0    failed=0

表明都成功了

查看配置文件和日志 

ssh root@192.168.0.24
cat /etc/packetbeat/packetbeat.yml

################### packetbeat Configuration #########################

############################# packetbeat ######################################
interfaces:
    device: any
protocols:
    dns:
        include_authorities: true
        ports:
        - 53
    http:
        ports:
        - 80
        - 8080
        - 8000
        - 5000
        - 8002
    memcache:
        ports:
        - 11211
    mongodb:
        ports:
        - 27017
    mysql:
        ports:
        - 3306
    pgsql:
        ports:
        - 5432
    redis:
        ports:
        - 6379
    thrift:
        ports:
        - 9090


###############################################################################
############################# Libbeat Config ##################################
# Base config file used by all other beats for using libbeat features

############################# Output ##########################################

output:
    elasticsearch:
        hosts:
        - localhost:9200


############################# Logging #########################################

logging:
    files:
        rotateeverybytes: 10485760

# less /var/log/packetbeat/packetbeat

2019-04-13T09:38:44.865+0800    INFO    instance/beat.go:611    Home path: [/usr/share/packetbeat] Config path: [/etc/packetbeat] Data path: [/var/lib/packetbeat] Logs path: [/var/log/packetbeat]
2019-04-13T09:38:44.868+0800    INFO    instance/beat.go:618    Beat UUID: 8fbd86a8-0bbc-4349-8aca-d4dc8c897ba2
2019-04-13T09:38:44.868+0800    INFO    [seccomp]       seccomp/seccomp.go:116  Syscall filter successfully installed
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:931    Beat info       {"system_info": {"beat": {"path": {"config": "/etc/packetbeat", "data": "/var/lib/packetbeat", "home": "/usr/share/packetbeat", "logs": "/var/log/packetbeat"}, "type": "packetbeat", "uuid": "8fbd86a8-0bbc-4349-8aca-d4dc8c897ba2"}}}
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:940    Build info      {"system_info": {"build": {"commit": "1d55b4bd9dbf106a4ad4bc34fe9ee425d922363b", "libbeat": "6.7.1", "time": "2019-04-02T15:15:12.000Z", "version": "6.7.1"}}}
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:943    Go runtime info {"system_info": {"go": {"os":"linux","arch":"amd64","max_procs":4,"version":"go1.10.8"}}}
2019-04-13T09:38:44.872+0800    INFO    [beat]  instance/beat.go:947    Host info       {"system_info": {"host": {"architecture":"x86_64","boot_time":"2019-04-12T20:58:45+08:00","containerized":true,"name":"localhost.localdomain","ip":["127.0.0.1/8","::1/128","172.60.20.116/24","fe80::536d:17d0:e9f6:57c/64"],"kernel_version":"3.10.0-957.el7.x86_64","mac":["00:50:56:9f:8b:b7"],"os":{"family":"redhat","platform":"centos","name":"CentOS Linux","version":"7 (Core)","major":7,"minor":6,"patch":1810,"codename":"Core"},"timezone":"CST","timezone_offset_sec":28800,"id":"cd7bb2d0c80a41c89bb5b596c22fc85e"}}}
2019-04-13T09:38:44.873+0800    INFO    [beat]  instance/beat.go:976    Process info    {"system_info": {"process": {"capabilities": {"inheritable":null,"permitted":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"effective":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"bounding":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"ambient":null}, "cwd": "/", "exe": "/usr/share/packetbeat/bin/packetbeat", "name": "packetbeat", "pid": 9683, "ppid": 1, "seccomp": {"mode":"filter"}, "start_time": "2019-04-13T09:38:44.350+0800"}}}
2019-04-13T09:38:44.874+0800    INFO    instance/beat.go:280    Setup Beat: packetbeat; Version: 6.7.1
2019-04-13T09:38:44.874+0800    INFO    elasticsearch/client.go:164     Elasticsearch url: http://localhost:9200
2019-04-13T09:38:44.875+0800    INFO    [publisher]     pipeline/module.go:110  Beat name: localhost.localdomain
2019-04-13T09:38:44.875+0800    INFO    procs/procs.go:101      Process watcher disabled
2019-04-13T09:38:44.877+0800    INFO    instance/beat.go:402    packetbeat start running.
2019-04-13T09:38:44.877+0800    INFO    [monitoring]    log/log.go:117  Starting metrics logging every 30s
2019-04-13T09:39:14.887+0800    INFO    [monitoring]    log/log.go:144  Non-zero metrics in the last 30s        {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":160,"time":{"ms":162}},"total":{"ticks":610,"time":{"ms":614},"value":0},"user":{"ticks":450,"time":{"ms":452}}},"handles":{"limit":{"hard":4096,"soft":1024},"open":7},"info":{"ephemeral_id":"691a2203-1433-44d4-b173-938a52dbea22","uptime":{"ms":30042}},"memstats":{"gc_next":36201104,"memory_alloc":18724416,"memory_total":23093208,"rss":45715456}},"libbeat":{"config":{"module":{"running":0}},"output":{"type":"elasticsearch"},"pipeline":{"clients":0,"events":{"active":0}}},"system":{"cpu":{"cores":4},"load":{"1":0.1,"15":0.06,"5":0.05,"norm":{"1":0.025,"15":0.015,"5":0.0125}}}}}}

以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

码农书籍
图解物联网

图解物联网

[ 日] NTT DATA集团、河村雅人、大塚纮史、小林佑辅、小山武士、宫崎智也、石黑佑树、小岛康平 / 丁 灵 / 人民邮电出版社 / 2017-4 / 59.00元

本书图例丰富,从设备、传感器及传输协议等构成IoT的技术要素讲起,逐步深入讲解如何灵活运用IoT。内容包括用于实现IoT的架构、传感器的种类及能从传感器获取的信息等,并介绍了传感设备原型设计必需的Arduino等平台及这些平台的选择方法,连接传感器的电路,传感器的数据分析,乃至IoT跟智能手机/可穿戴设备的联动等。此外,本书以作者们开发的IoT系统为例,讲述了硬件设置、无线通信及网络安全等运用Io......一起来看看 《图解物联网》 这本书的介绍吧!

码农工具
JSON 在线解析
JSON 在线解析

在线 JSON 格式化工具

RGB CMYK 转换工具
RGB CMYK 转换工具

RGB CMYK 互转工具

HSV CMYK 转换工具
HSV CMYK 转换工具

HSV CMYK互换工具

  • New
  • 文章
  • 话题
  • 教程
    • 关注 码农网 公众号
    版权所有,保留一切权利!© 2018-2026 码农网 粤ICP备17054400号-3