015-Ansible批量安装Elastic Beats(支持Linux和Windows)

栏目: 服务器 · 发布时间: 5年前

内容简介:这是坚持技术写作计划(含翻译)的第15篇,定个小目标999,每周最少2篇。使用注意: 主控端需要安装Ansible 2.7.12 可参考

这是坚持技术写作计划(含翻译)的第15篇,定个小目标999,每周最少2篇。

使用 elastic beats 进行拨测,metric采集,主机监控,但是批量化安装仍是个问题,好在elastic官方有开源的 ansible-beats 但是只支持Linux,而我们在某些业务场景下,还有WinServer的存在。故而在官方基础上fork并增加了windows的支持( 已提交PR ,但是官方不一定给合并 [捂脸] )。关于Ansible管理windows可以参考我之前写的一篇文章 Ansible2.7批量管理Windows

实验环境

类型 系统 ip
Server(主控) Ubuntu Server 16.04.5 LTS X64 192.168.0.22
Client(受控) Windows Server 2008 R2 SP1 192.168.0.23
Clinet(受控) Ubuntu Server 16.04.5 LTS X64 192.168.0.24
Clinet(受控) CentOS 7.6.1810 (Core) 192.168.0.25

注意: 主控端需要安装Ansible 2.7.12 可参考

步骤

此处已假设主控端已安装Ansible 2.7+,被控端的Windows的WinRM已配置完成

安装 anjia0532.ansible_beats

在主控端(192.168.0.22)执行以下命令

root@ubuntu:/root/# ansible-galaxy install anjia0532.ansible_beats
- downloading role 'ansible_beats', owned by anjia0532
- downloading role from https://github.com/anjia0532/ansible-beats/archive/master.tar.gz
- extracting anjia0532.ansible_beats to /root/.ansible/roles/anjia0532.ansible_beats
- anjia0532.ansible_beats (master) was installed successfully

创建inventorys

创建 inventorys/hosts.yml

beats:
  hosts: 
    192.168.0.23:
        ansible_user: Administrator
        ansible_password: password
        ansible_connection: winrm
        ansible_winrm_transport: basic
        ansible_port: 5985
    192.168.0.24:
        ansible_user: root
        ansible_ssh_private_key_file: /root/.ssh/id_rsa
    192.168.0.25:
        ansible_user: root
        ansible_ssh_private_key_file: /root/.ssh/id_rsa

创建 task

创建 beats.yml

- name: Example playbook for installing packetbeat
  hosts: beats
  roles:
    - { role: anjia0532.ansible_beats,
        beat: "packetbeat",
        beat_conf: {
          "interfaces": {"device":"any"},
          "protocols": {
            "dns": {
              "ports": [53],
              "include_authorities":true
            },
            "http": {
              "ports": [80, 8080, 8000, 5000, 8002]
            },
            "memcache": {
              "ports": [11211]
            },
            "mysql": {
              "ports": [3306]
            },
            "pgsql": {
              "ports": [5432]
            },
            "redis": {
              "ports": [6379]
            },
            "thrift": {
              "ports": [9090]
            },
            "mongodb": {
              "ports": [27017]
            }
          }
        },
        output_conf : {
          "elasticsearch": {
            "hosts": ["localhost:9200"]
          }
        }
    }
  vars:
    use_repository: true

安装beats

# ansible-playbook -i inventorys/hosts.yml ./beats.yml

// 忽略输出
PLAY RECAP *******************************************************************************************************************************************************************************************************************************************************************
192.168.0.23               : ok=17   changed=17    unreachable=0    failed=0
192.168.0.24               : ok=19   changed=19    unreachable=0    failed=0
192.168.0.25               : ok=19   changed=19    unreachable=0    failed=0

表明都成功了

查看配置文件和日志

ssh root@192.168.0.24
cat /etc/packetbeat/packetbeat.yml
################### packetbeat Configuration #########################

############################# packetbeat ######################################
interfaces:
    device: any
protocols:
    dns:
        include_authorities: true
        ports:
        - 53
    http:
        ports:
        - 80
        - 8080
        - 8000
        - 5000
        - 8002
    memcache:
        ports:
        - 11211
    mongodb:
        ports:
        - 27017
    mysql:
        ports:
        - 3306
    pgsql:
        ports:
        - 5432
    redis:
        ports:
        - 6379
    thrift:
        ports:
        - 9090


###############################################################################
############################# Libbeat Config ##################################
# Base config file used by all other beats for using libbeat features

############################# Output ##########################################

output:
    elasticsearch:
        hosts:
        - localhost:9200


############################# Logging #########################################

logging:
    files:
        rotateeverybytes: 10485760
# less /var/log/packetbeat/packetbeat

2019-04-13T09:38:44.865+0800    INFO    instance/beat.go:611    Home path: [/usr/share/packetbeat] Config path: [/etc/packetbeat] Data path: [/var/lib/packetbeat] Logs path: [/var/log/packetbeat]
2019-04-13T09:38:44.868+0800    INFO    instance/beat.go:618    Beat UUID: 8fbd86a8-0bbc-4349-8aca-d4dc8c897ba2
2019-04-13T09:38:44.868+0800    INFO    [seccomp]       seccomp/seccomp.go:116  Syscall filter successfully installed
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:931    Beat info       {"system_info": {"beat": {"path": {"config": "/etc/packetbeat", "data": "/var/lib/packetbeat", "home": "/usr/share/packetbeat", "logs": "/var/log/packetbeat"}, "type": "packetbeat", "uuid": "8fbd86a8-0bbc-4349-8aca-d4dc8c897ba2"}}}
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:940    Build info      {"system_info": {"build": {"commit": "1d55b4bd9dbf106a4ad4bc34fe9ee425d922363b", "libbeat": "6.7.1", "time": "2019-04-02T15:15:12.000Z", "version": "6.7.1"}}}
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:943    Go runtime info {"system_info": {"go": {"os":"linux","arch":"amd64","max_procs":4,"version":"go1.10.8"}}}
2019-04-13T09:38:44.872+0800    INFO    [beat]  instance/beat.go:947    Host info       {"system_info": {"host": {"architecture":"x86_64","boot_time":"2019-04-12T20:58:45+08:00","containerized":true,"name":"localhost.localdomain","ip":["127.0.0.1/8","::1/128","172.60.20.116/24","fe80::536d:17d0:e9f6:57c/64"],"kernel_version":"3.10.0-957.el7.x86_64","mac":["00:50:56:9f:8b:b7"],"os":{"family":"redhat","platform":"centos","name":"CentOS Linux","version":"7 (Core)","major":7,"minor":6,"patch":1810,"codename":"Core"},"timezone":"CST","timezone_offset_sec":28800,"id":"cd7bb2d0c80a41c89bb5b596c22fc85e"}}}
2019-04-13T09:38:44.873+0800    INFO    [beat]  instance/beat.go:976    Process info    {"system_info": {"process": {"capabilities": {"inheritable":null,"permitted":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"effective":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"bounding":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"ambient":null}, "cwd": "/", "exe": "/usr/share/packetbeat/bin/packetbeat", "name": "packetbeat", "pid": 9683, "ppid": 1, "seccomp": {"mode":"filter"}, "start_time": "2019-04-13T09:38:44.350+0800"}}}
2019-04-13T09:38:44.874+0800    INFO    instance/beat.go:280    Setup Beat: packetbeat; Version: 6.7.1
2019-04-13T09:38:44.874+0800    INFO    elasticsearch/client.go:164     Elasticsearch url: http://localhost:9200
2019-04-13T09:38:44.875+0800    INFO    [publisher]     pipeline/module.go:110  Beat name: localhost.localdomain
2019-04-13T09:38:44.875+0800    INFO    procs/procs.go:101      Process watcher disabled
2019-04-13T09:38:44.877+0800    INFO    instance/beat.go:402    packetbeat start running.
2019-04-13T09:38:44.877+0800    INFO    [monitoring]    log/log.go:117  Starting metrics logging every 30s
2019-04-13T09:39:14.887+0800    INFO    [monitoring]    log/log.go:144  Non-zero metrics in the last 30s        {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":160,"time":{"ms":162}},"total":{"ticks":610,"time":{"ms":614},"value":0},"user":{"ticks":450,"time":{"ms":452}}},"handles":{"limit":{"hard":4096,"soft":1024},"open":7},"info":{"ephemeral_id":"691a2203-1433-44d4-b173-938a52dbea22","uptime":{"ms":30042}},"memstats":{"gc_next":36201104,"memory_alloc":18724416,"memory_total":23093208,"rss":45715456}},"libbeat":{"config":{"module":{"running":0}},"output":{"type":"elasticsearch"},"pipeline":{"clients":0,"events":{"active":0}}},"system":{"cpu":{"cores":4},"load":{"1":0.1,"15":0.06,"5":0.05,"norm":{"1":0.025,"15":0.015,"5":0.0125}}}}}}

以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

常用算法程序集

常用算法程序集

徐士良 编 / 清华大学 / 2004-1 / 48.00元

本书针对工程中常用的行之有效的算法而编写,其主要内容包括多项式的计算、复数运算、随机数的产生 、矩阵特征值与特征向量的计算、线性代数方程组的求解、非线性方程与方程组的求解、插值与逼近、数值积分、常微分方程组的求解、数学变换与滤波、特殊函数的计算、排序和查找。 书中所有的算法均用C语言描述,并存放在一张光盘上。 本书可供广大科研人员、工程技术人员以及管理工作者阅读使用,也......一起来看看 《常用算法程序集》 这本书的介绍吧!

MD5 加密
MD5 加密

MD5 加密工具

正则表达式在线测试
正则表达式在线测试

正则表达式在线测试

RGB CMYK 转换工具
RGB CMYK 转换工具

RGB CMYK 互转工具