devide instalation into multiple steps (start and stop docker containers, init...

devide instalation into multiple steps (start and stop docker containers, init cluster and also seperate actions for start, stop, restart and update-config)

dockercontainers.yml

+---
+
+- name: Manage docker containers 
+  hosts: soctoolsmain
+  roles:
+    - docker
+

initsoctools.yml

+---
+
+- name: Reconfigure and start haproxy
+  hosts: haproxy
+  roles:
+    - haproxy
+
+- name: Reconfigure and start mysql
+  hosts: mysql
+  roles:
+    - mysql
+
+- name: Reconfigure and start Cassandra
+  hosts: cassandra
+  roles:
+    - cassandra
+
+- name: Reconfigure and start Keycloak
+  hosts: keycloakcontainers
+  roles:
+    - keycloak
+
+- name: Reconfigure and start MISP
+  hosts: mispcontainers
+  roles:
+    - misp
+
+- name: Reconfigure and start NiFi
+  hosts: nificontainers
+  roles:
+    - nifi
+
+- name: Reconfigure and start TheHive
+  hosts: thehive
+  roles:
+    - thehive
+
+- name: Reconfigure and start Cortex
+  hosts: cortex
+  roles:
+    - cortex
+
+- name: Reconfigure and start OpenDistro for Elasticsearch
+  hosts: odfeescontainers
+  roles:
+    - odfees
+
+- name: Reconfigure and start OpenDistro Kibana for Elasticsearch
+  hosts: odfekibanacontainers
+  roles:
+    - odfekibana
+
+- name: Install and run filebeat
+  hosts: filebeat
+  roles:
+    - filebeat
+

roles/cassandra/tasks/init.yml

+---
+
+- name: Configure Cassandra
+  remote_user: cassandra
+  template:
+    src: cassandra.yaml.j2
+    dest: /usr/share/cassandra/conf/cassandra.yaml
+
+- name: Set Autostart for supervisord's services
+  replace:
+    path: /etc/supervisord.conf
+    regexp: '^autostart=false$'
+    replace: 'autostart=true'
+
+

roles/cassandra/tasks/main.yml

 ---
 
+- include: init.yml
+  tags:
+   - init
 - include: start.yml
   tags:
    - start
+   - init
 - include: stop.yml
   tags:
    - stop

roles/cassandra/tasks/restart.yml

@@ -4,3 +4,10 @@
   remote_user: root
   command: "supervisorctl restart cassandra"
 
+- name: Wait for Cassandra
+  remote_user: root
+  wait_for:
+    host: "{{groups['cassandra'][0]}}"
+    port: 9042
+    state: started
+    delay: 5

roles/cassandra/tasks/start.yml

 ---
 
-- name: Configure Cassandra
-  remote_user: cassandra
-  template:
-    src: cassandra.yaml.j2
-    dest: /usr/share/cassandra/conf/cassandra.yaml
-
 - name: Start Cassandra
   remote_user: root
   command: "supervisorctl start cassandra"
@@ -18,10 +12,4 @@
     state: started
     delay: 5
 
-- name: Set Autostart for supervisord's services
-  replace:
-    path: /etc/supervisord.conf
-    regexp: '^autostart=false$'
-    replace: 'autostart=true'
-
 

roles/cassandra/tasks/update-config.yml

@@ -6,10 +6,3 @@
     src: cassandra.yaml.j2
     dest: /usr/share/cassandra/conf/cassandra.yaml
 
-- name: Wait for Cassandra
-  remote_user: root
-  wait_for:
-    host: "{{groups['cassandra'][0]}}"
-    port: 9042
-    state: started
-    delay: 5

roles/cortex/tasks/init.yml

+---
+
+- name: Copy cacert to ca-trust dir
+  remote_user: root
+  copy:
+    src: "{{playbook_dir}}/secrets/CA/ca.crt"
+    dest: /etc/pki/ca-trust/source/anchors/ca.crt
+
+- name: Install cacert to root truststore
+  remote_user: root
+  command: "update-ca-trust"
+
+- name: Copy certificates in cortex conf dir
+  remote_user: cortex
+  copy:
+    src:  "{{ item }}"
+    dest: "/etc/cortex/"
+    mode: 0600
+  with_items:
+    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12"
+    - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt"
+    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key"
+    - "{{playbook_dir}}/secrets/CA/cacerts.jks"
+    - "{{playbook_dir}}/secrets/CA/ca.crt"
+
+- name: Get openid authkey
+  set_fact:
+    cortexsecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/cortexsecret',convert_data=False) | from_json}}"
+
+- name: Configure embedded Elasticsearch 6
+  remote_user: root
+  template:
+    src: jvm.options.j2
+    dest: /etc/elasticsearch/jvm.options
+
+- name: Configure Cortex
+  remote_user: cortex
+  template:
+    src: application.conf.j2
+    dest: /etc/cortex/application.conf
+
+- name: Set Autostart for supervisord's services
+  replace:
+    path: /etc/supervisord.conf
+    regexp: '^autostart=false$'
+    replace: 'autostart=true'
+

roles/cortex/tasks/main.yml

 ---
 
+- include: init.yml
+  tags:
+   - init
 - include: start.yml
   tags:
    - start
+   - init
 - include: stop.yml
   tags:
    - stop

roles/cortex/tasks/start.yml

 ---
 
-- name: Copy cacert to ca-trust dir
-  remote_user: root
-  copy:
-    src: "{{playbook_dir}}/secrets/CA/ca.crt"
-    dest: /etc/pki/ca-trust/source/anchors/ca.crt
-
-- name: Install cacert to root truststore
-  remote_user: root
-  command: "update-ca-trust"
-
-- name: Copy certificates in cortex conf dir
-  remote_user: cortex
-  copy:
-    src:  "{{ item }}"
-    dest: "/etc/cortex/"
-    mode: 0600
-  with_items:
-    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12"
-    - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt"
-    - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key"
-    - "{{playbook_dir}}/secrets/CA/cacerts.jks"
-    - "{{playbook_dir}}/secrets/CA/ca.crt"
-
-- name: Get openid authkey
-  set_fact:
-    cortexsecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/cortexsecret',convert_data=False) | from_json}}"
-
-- name: Configure embedded Elasticsearch 6
-  remote_user: root
-  template:
-    src: jvm.options.j2
-    dest: /etc/elasticsearch/jvm.options
-
 - name: Start embedded Elasticsearch 6
   remote_user: root
   command: "supervisorctl start elasticsearch"
 
-- name: Configure Cortex
-  remote_user: cortex
-  template:
-    src: application.conf.j2
-    dest: /etc/cortex/application.conf
-
 - name: Start Cortex
   remote_user: root
   command: "supervisorctl start cortex"
@@ -55,9 +16,3 @@
     state: started
     delay: 5
 
-- name: Set Autostart for supervisord's services
-  replace:
-    path: /etc/supervisord.conf
-    regexp: '^autostart=false$'
-    replace: 'autostart=true'
-

roles/docker/tasks/cassandra.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['cassandra'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect cassandra containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['cassandra'] }}"
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/cortex.yml

@@ -8,15 +8,12 @@
     networks:
       - name: "{{ soctools_netname }}"
     networks_cli_compatible: yes
-#    published_ports:
-#      - "9001:9001"
     volumes: 
       - "{{item}}:/var/lib/elasticsearch/"
     interactive: "yes"
   with_items: "{{ groups['cortex'] }}"
   tags:
-    - start
-    - startcortex
+    - start-docker-containers
 
 - name: Disconnect cortex containers from network and remove
   docker_container:
@@ -24,5 +21,4 @@
     state: absent
   with_items: "{{ groups['cortex'] }}"
   tags:
-    - stop
-    - stopcortex
+    - stop-docker-containers

roles/docker/tasks/haproxy.yml

@@ -21,11 +21,11 @@
       - "9001:9001"
     interactive: "yes"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Destroy haproxy container
   docker_container:
     name: "{{ haproxy_name }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers

roles/docker/tasks/keycloak.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['keycloakcontainers'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect keycloak containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['keycloakcontainers'] }}"
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/misp.yml

@@ -12,11 +12,11 @@
     published_ports:
       - "6443:6443"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Destroy misp container
   docker_container:
     name: "{{ misp_name }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers

roles/docker/tasks/mysql.yml

@@ -11,11 +11,11 @@
     volumes:
       - "{{mysql_name}}:/var/opt/rh/rh-mariadb103/lib/mysql"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Destroy mysql container
   docker_container:
     name: "{{ mysql_name }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers

roles/docker/tasks/networkcreate.yml

@@ -7,6 +7,5 @@
     ipam_config:
       - subnet: "{{ soctools_network }}"
   tags:
-    - start
-    - startcortex
+    - start-docker-containers
 

roles/docker/tasks/networkremove.yml

@@ -5,5 +5,5 @@
     name: "{{ soctools_netname }}"
     state: absent
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/nifi.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['nificontainers'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect Nifi containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['nificontainers'] }}"
   tags:
-    - stop
+    - stop-docker-containers
 

roles/docker/tasks/odfees.yml

@@ -13,7 +13,7 @@
     interactive: "yes"
   with_items: "{{ groups['odfeescontainers'] }}"
   tags:
-    - start
+    - start-docker-containers
 
 - name: Disconnect odfe elasticsearch containers from network and remove
   docker_container:
@@ -21,5 +21,5 @@
     state: absent
   with_items: "{{ groups['odfeescontainers'] }}"
   tags:
-    - stop
+    - stop-docker-containers