Commit 5e9aac83 authored by Arne Øslebø's avatar Arne Øslebø
Browse files

restructured inventory

parent 39416f33
......@@ -24,13 +24,13 @@ Edit group_vars/all/main.yml and change 'dslproxy' so that it point to the FQDN
The first entry in the soctools_users variable is the user with full admin privileges in NiFi and Kibana.
To configure the server running soctools, run the ansible playbook:
`ansible-playbook -i soctools-inventory soctools_server.yml`
`ansible-playbook -i inventories soctools_server.yml`
To build the Docker images needed, run the ansible playbook:
`ansible-playbook -i soctools-inventory buildimages.yml`
`ansible-playbook -i inventories buildimages.yml`
To build the CA needed for host and user certificates, run the ansible playbook:
`ansible-playbook -i soctools-inventory buildca.yml`
`ansible-playbook -i inventories buildca.yml`
If using soclab CA certificates provided with this installation, you first need to download and import root certificate found at roles/ca/files/CA/ca.crt.
For Windows, CA certificate should be installed in Trusted Root Certification Authorities store.
......@@ -39,10 +39,10 @@ User certificates are can be found in the directory roles/ca/files/CA/private. I
For Windows, user certificate should be installed in Personal store.
To start the cluster, run the ansible playbook soctools.yml:
`ansible-playbook -i soctools-inventory soctools.yml -t start`
`ansible-playbook -i inventories soctools.yml -t start`
To stop the cluster, run the ansible playbook soctools.yml:
`ansible-playbook -i soctools-inventory soctools.yml -t stop`
`ansible-playbook -i inventories soctools.yml -t stop`
Web interfaces are available on the following ports:
* 9443 - NiFi
......
---
docker_image_path: images
base_image: python:2.7-stretch
all:
hosts:
nifi-image:
ansible_connection: docker
ansible_python_interpreter: /usr/bin/python
localhost:
ansible_python_interpreter: /usr/bin/python
ansible_connection: local
children:
nifi:
hosts:
localhost:
[cassandra]
dsoclab-cassandra ansible_connection=docker
[cortex]
dsoclab-cortex ansible_connection=docker
---
index: haproxy
scale: "{{ haproxy_scale | default('1')}}"
docker:
haproxy:
image: haproxy:latest
volumes:
- /usr/local/etc/haproxy/:/usr/local/etc/haproxy:ro
ports:
- "80:80"
source: pull
\ No newline at end of file
---
index: nifi
scale: "{{ nifi_scale | default('1')}}"
docker:
nifi:
# image: nifi-soctools #For nifi image built by soctools
# source: load
image: apache/nifi:latest
source: pull
command: /opt/nifi/nifi-current/scripts/start.sh
env:
NIFI_HOME: "/opt/nifi/nifi-current"
NIFI_LOG_DIR: "/opt/nifi/nifi-current/logs"
NIFI_PID_DIR: "/opt/nifi/nifi-current/run"
NIFI_CLUSTER_IS_NODE: "true"
NIFI_ZK_CONNECT_STRING: "zookeeper_1:2181"
NIFI_CLUSTER_NODE_PROTOCOL_PORT: "8082"
NIFI_ELECTION_MAX_WAIT: "1 min"
load_path: "{{ image_location }}/nifi-soctools.tar"
---
index: zookeeper
scale: "{{ zookeeper_scale | default('1')}}"
docker:
zookeeper:
image: zookeeper:latest
source: pull
\ No newline at end of file
all:
hosts:
host1:
ansible_ssh_user: debian
ansible_python_interpreter: /usr/bin/python
become: yes
children:
soctools_server:
hosts:
host1:
nifi:
hosts:
host1:
nifi_scale: 3
haproxy:
hosts:
host1:
zookeeper:
hosts:
host1:
zookeeper_scale: 3
\ No newline at end of file
[odfeescontainers]
dsoclab-odfe-1 ansible_connection=docker
dsoclab-odfe-2 ansible_connection=docker
[filebeat]
dsoclab-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi"
dsoclab-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi"
dsoclab-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi"
#dsoclab-odfe-1 ansible_connection=docker FILEBEAT_FILES='[""]'
#dsoclab-odfe-2 ansible_connection=docker FILEBEAT_FILES='[""]'
dsoclab-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana"
#dsoclab-keycloak ansible_connection=docker FILEBEAT_FILES='[""]'
dsoclab-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql"
#dsoclab-misp ansible_connection=docker FILEBEAT_FILES='[""]'
dsoclab-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy"
#dsoclab-zookeeper ansible_connection=docker FILEBEAT_FILES='[""]'
[haproxy]
dsoclab-haproxy ansible_connection=docker
\ No newline at end of file
[keycloakcontainers]
dsoclab-keycloak ansible_connection=docker
[odfekibanacontainers]
dsoclab-kibana ansible_connection=docker
[mispcontainers]
dsoclab-misp ansible_connection=docker
[mysql]
dsoclab-mysql ansible_connection=docker
\ No newline at end of file
[nificontainers]
dsoclab-nifi-1 ansible_connection=docker
dsoclab-nifi-2 ansible_connection=docker
dsoclab-nifi-3 ansible_connection=docker
[dsldev]
localhost ansible_connection=local
[thehive]
dsoclab-thehive ansible_connection=docker
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment