015-Ansible批量安装Elastic Beats(支持Linux和Windows)

栏目: 服务器 · 发布时间: 6年前

内容简介：这是坚持技术写作计划（含翻译）的第15篇，定个小目标999，每周最少2篇。使用注意: 主控端需要安装Ansible 2.7.12 可参考

这是坚持技术写作计划（含翻译）的第15篇，定个小目标999，每周最少2篇。

使用 elastic beats 进行拨测，metric采集，主机监控，但是批量化安装仍是个问题，好在elastic官方有开源的 ansible-beats 但是只支持Linux，而我们在某些业务场景下，还有WinServer的存在。故而在官方基础上fork并增加了windows的支持（已提交PR ，但是官方不一定给合并 [捂脸] ）。关于Ansible管理windows可以参考我之前写的一篇文章 Ansible2.7批量管理Windows 。

实验环境

类型	系统	ip
Server(主控)	Ubuntu Server 16.04.5 LTS X64	192.168.0.22
Client(受控)	Windows Server 2008 R2 SP1	192.168.0.23
Clinet(受控)	Ubuntu Server 16.04.5 LTS X64	192.168.0.24
Clinet(受控)	CentOS 7.6.1810 (Core)	192.168.0.25

注意: 主控端需要安装Ansible 2.7.12 可参考

步骤

此处已假设主控端已安装Ansible 2.7+，被控端的Windows的WinRM已配置完成

安装 anjia0532.ansible_beats

在主控端(192.168.0.22)执行以下命令

root@ubuntu:/root/# ansible-galaxy install anjia0532.ansible_beats
- downloading role 'ansible_beats', owned by anjia0532
- downloading role from https://github.com/anjia0532/ansible-beats/archive/master.tar.gz
- extracting anjia0532.ansible_beats to /root/.ansible/roles/anjia0532.ansible_beats
- anjia0532.ansible_beats (master) was installed successfully

创建inventorys

创建 inventorys/hosts.yml

beats:
  hosts: 
    192.168.0.23:
        ansible_user: Administrator
        ansible_password: password
        ansible_connection: winrm
        ansible_winrm_transport: basic
        ansible_port: 5985
    192.168.0.24:
        ansible_user: root
        ansible_ssh_private_key_file: /root/.ssh/id_rsa
    192.168.0.25:
        ansible_user: root
        ansible_ssh_private_key_file: /root/.ssh/id_rsa

创建 task

创建 beats.yml

- name: Example playbook for installing packetbeat
  hosts: beats
  roles:
    - { role: anjia0532.ansible_beats,
        beat: "packetbeat",
        beat_conf: {
          "interfaces": {"device":"any"},
          "protocols": {
            "dns": {
              "ports": [53],
              "include_authorities":true
            },
            "http": {
              "ports": [80, 8080, 8000, 5000, 8002]
            },
            "memcache": {
              "ports": [11211]
            },
            "mysql": {
              "ports": [3306]
            },
            "pgsql": {
              "ports": [5432]
            },
            "redis": {
              "ports": [6379]
            },
            "thrift": {
              "ports": [9090]
            },
            "mongodb": {
              "ports": [27017]
            }
          }
        },
        output_conf : {
          "elasticsearch": {
            "hosts": ["localhost:9200"]
          }
        }
    }
  vars:
    use_repository: true

安装beats

# ansible-playbook -i inventorys/hosts.yml ./beats.yml

// 忽略输出
PLAY RECAP *******************************************************************************************************************************************************************************************************************************************************************
192.168.0.23               : ok=17   changed=17    unreachable=0    failed=0
192.168.0.24               : ok=19   changed=19    unreachable=0    failed=0
192.168.0.25               : ok=19   changed=19    unreachable=0    failed=0

表明都成功了

查看配置文件和日志

ssh root@192.168.0.24
cat /etc/packetbeat/packetbeat.yml

################### packetbeat Configuration #########################

############################# packetbeat ######################################
interfaces:
    device: any
protocols:
    dns:
        include_authorities: true
        ports:
        - 53
    http:
        ports:
        - 80
        - 8080
        - 8000
        - 5000
        - 8002
    memcache:
        ports:
        - 11211
    mongodb:
        ports:
        - 27017
    mysql:
        ports:
        - 3306
    pgsql:
        ports:
        - 5432
    redis:
        ports:
        - 6379
    thrift:
        ports:
        - 9090


###############################################################################
############################# Libbeat Config ##################################
# Base config file used by all other beats for using libbeat features

############################# Output ##########################################

output:
    elasticsearch:
        hosts:
        - localhost:9200


############################# Logging #########################################

logging:
    files:
        rotateeverybytes: 10485760

# less /var/log/packetbeat/packetbeat

2019-04-13T09:38:44.865+0800    INFO    instance/beat.go:611    Home path: [/usr/share/packetbeat] Config path: [/etc/packetbeat] Data path: [/var/lib/packetbeat] Logs path: [/var/log/packetbeat]
2019-04-13T09:38:44.868+0800    INFO    instance/beat.go:618    Beat UUID: 8fbd86a8-0bbc-4349-8aca-d4dc8c897ba2
2019-04-13T09:38:44.868+0800    INFO    [seccomp]       seccomp/seccomp.go:116  Syscall filter successfully installed
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:931    Beat info       {"system_info": {"beat": {"path": {"config": "/etc/packetbeat", "data": "/var/lib/packetbeat", "home": "/usr/share/packetbeat", "logs": "/var/log/packetbeat"}, "type": "packetbeat", "uuid": "8fbd86a8-0bbc-4349-8aca-d4dc8c897ba2"}}}
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:940    Build info      {"system_info": {"build": {"commit": "1d55b4bd9dbf106a4ad4bc34fe9ee425d922363b", "libbeat": "6.7.1", "time": "2019-04-02T15:15:12.000Z", "version": "6.7.1"}}}
2019-04-13T09:38:44.868+0800    INFO    [beat]  instance/beat.go:943    Go runtime info {"system_info": {"go": {"os":"linux","arch":"amd64","max_procs":4,"version":"go1.10.8"}}}
2019-04-13T09:38:44.872+0800    INFO    [beat]  instance/beat.go:947    Host info       {"system_info": {"host": {"architecture":"x86_64","boot_time":"2019-04-12T20:58:45+08:00","containerized":true,"name":"localhost.localdomain","ip":["127.0.0.1/8","::1/128","172.60.20.116/24","fe80::536d:17d0:e9f6:57c/64"],"kernel_version":"3.10.0-957.el7.x86_64","mac":["00:50:56:9f:8b:b7"],"os":{"family":"redhat","platform":"centos","name":"CentOS Linux","version":"7 (Core)","major":7,"minor":6,"patch":1810,"codename":"Core"},"timezone":"CST","timezone_offset_sec":28800,"id":"cd7bb2d0c80a41c89bb5b596c22fc85e"}}}
2019-04-13T09:38:44.873+0800    INFO    [beat]  instance/beat.go:976    Process info    {"system_info": {"process": {"capabilities": {"inheritable":null,"permitted":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"effective":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"bounding":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend"],"ambient":null}, "cwd": "/", "exe": "/usr/share/packetbeat/bin/packetbeat", "name": "packetbeat", "pid": 9683, "ppid": 1, "seccomp": {"mode":"filter"}, "start_time": "2019-04-13T09:38:44.350+0800"}}}
2019-04-13T09:38:44.874+0800    INFO    instance/beat.go:280    Setup Beat: packetbeat; Version: 6.7.1
2019-04-13T09:38:44.874+0800    INFO    elasticsearch/client.go:164     Elasticsearch url: http://localhost:9200
2019-04-13T09:38:44.875+0800    INFO    [publisher]     pipeline/module.go:110  Beat name: localhost.localdomain
2019-04-13T09:38:44.875+0800    INFO    procs/procs.go:101      Process watcher disabled
2019-04-13T09:38:44.877+0800    INFO    instance/beat.go:402    packetbeat start running.
2019-04-13T09:38:44.877+0800    INFO    [monitoring]    log/log.go:117  Starting metrics logging every 30s
2019-04-13T09:39:14.887+0800    INFO    [monitoring]    log/log.go:144  Non-zero metrics in the last 30s        {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":160,"time":{"ms":162}},"total":{"ticks":610,"time":{"ms":614},"value":0},"user":{"ticks":450,"time":{"ms":452}}},"handles":{"limit":{"hard":4096,"soft":1024},"open":7},"info":{"ephemeral_id":"691a2203-1433-44d4-b173-938a52dbea22","uptime":{"ms":30042}},"memstats":{"gc_next":36201104,"memory_alloc":18724416,"memory_total":23093208,"rss":45715456}},"libbeat":{"config":{"module":{"running":0}},"output":{"type":"elasticsearch"},"pipeline":{"clients":0,"events":{"active":0}}},"system":{"cpu":{"cores":4},"load":{"1":0.1,"15":0.06,"5":0.05,"norm":{"1":0.025,"15":0.015,"5":0.0125}}}}}}

以上就是本文的全部内容，希望本文的内容对大家的学习或者工作能带来一定的帮助，也希望大家多多支持码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络，本站转载出于传递更多信息之目的，版权归原作者或者来源机构所有，如转载稿涉及版权问题，请联系我们。

码农书籍

技术之瞳——阿里巴巴技术笔试心得

阿里巴巴集团校园招聘笔试项目组 / 电子工业出版社 / 2016-11 / 69

《技术之瞳——阿里巴巴技术笔试心得》由阿里巴巴集团校园招聘笔试项目组所著，收集了阿里历年校招中的精华笔试题，涉及多个领域。《技术之瞳——阿里巴巴技术笔试心得》中内容大量结合了阿里巴巴的实际工作场景，以例题、解析、习题的形式，引导读者深入理解技术上的关键点、紧要处，夯实基础，启发思考。《技术之瞳——阿里巴巴技术笔试心得》内容不仅专业、有趣，更是将理论知识与实践应用结合起来，以场景化的问答娓娓道......一起来看看《技术之瞳——阿里巴巴技术笔试心得》这本书的介绍吧!

码农工具

RGB HSV 转换

RGB HSV 互转工具

HSV CMYK 转换工具

HSV CMYK互换工具