diff --git a/awx/README.md b/awx/README.md index 2e35493..10e13de 100644 --- a/awx/README.md +++ b/awx/README.md @@ -5,5 +5,31 @@ awx on top of Ansible. It is the upstream project for [Tower][2], a commercial derivative of AWX. +## directory tree + +``` +data +├── projects +│ └── example +│ └── playbook.yml +└── settings + ├── SECRET_KEY + ├── credentials.py + └── environment.sh +``` + +## up and running + +``` +$ docker-compose up -d +$ docker-compose exec web bash +>>> awx-manage inventory_import --inventory-name=xxx --source=/path/to/inventory.ini +INFO Reading Ansible inventory source: /path/to/inventory.ini +INFO Loaded 1 groups, 30 hosts +INFO Inventory import completed for (xxx - 13) in 1.0s +>>> exit +$ curl http://127.0.0.1:8052 +``` + [1]: https://github.com/ansible/awx [2]: https://www.ansible.com/tower diff --git a/awx/data/projects/example/playbook.yml b/awx/data/projects/example/playbook.yml new file mode 100644 index 0000000..90f2924 --- /dev/null +++ b/awx/data/projects/example/playbook.yml @@ -0,0 +1,7 @@ +- name: example playbook + hosts: 127.0.0.1 + connection: local + gather_facts: false + tasks: + - debug: + msg: hello world diff --git a/awx/data/etc/SECRET_KEY b/awx/data/settings/SECRET_KEY similarity index 100% rename from awx/data/etc/SECRET_KEY rename to awx/data/settings/SECRET_KEY diff --git a/awx/data/etc/credentials.py b/awx/data/settings/credentials.py similarity index 100% rename from awx/data/etc/credentials.py rename to awx/data/settings/credentials.py diff --git a/awx/data/etc/environment.sh b/awx/data/settings/environment.sh similarity index 100% rename from awx/data/etc/environment.sh rename to awx/data/settings/environment.sh diff --git a/awx/docker-compose.yml b/awx/docker-compose.yml index 8e4f4c2..76e9309 100644 --- a/awx/docker-compose.yml +++ b/awx/docker-compose.yml @@ -14,10 +14,10 @@ services: ports: - "8052:8052" volumes: - - ./data/etc/SECRET_KEY:/etc/tower/SECRET_KEY - - ./data/etc/environment.sh:/etc/tower/conf.d/environment.sh - - ./data/etc/credentials.py:/etc/tower/conf.d/credentials.py - - ./data/awx:/var/lib/awx/projects + - ./data/settings/SECRET_KEY:/etc/tower/SECRET_KEY + - ./data/settings/environment.sh:/etc/tower/conf.d/environment.sh + - ./data/settings/credentials.py:/etc/tower/conf.d/credentials.py + - ./data/projects:/var/lib/awx/projects depends_on: - rabbitmq - memcached @@ -30,10 +30,10 @@ services: hostname: awx user: root volumes: - - ./data/etc/SECRET_KEY:/etc/tower/SECRET_KEY - - ./data/etc/environment.sh:/etc/tower/conf.d/environment.sh - - ./data/etc/credentials.py:/etc/tower/conf.d/credentials.py - - ./data/awx:/var/lib/awx/projects + - ./data/settings/SECRET_KEY:/etc/tower/SECRET_KEY + - ./data/settings/environment.sh:/etc/tower/conf.d/environment.sh + - ./data/settings/credentials.py:/etc/tower/conf.d/credentials.py + - ./data/projects:/var/lib/awx/projects depends_on: - rabbitmq - memcached diff --git a/elastalert/Dockerfile b/elastalert/Dockerfile new file mode 100644 index 0000000..de21032 --- /dev/null +++ b/elastalert/Dockerfile @@ -0,0 +1,29 @@ +# +# Dockerfile for elastalert +# + +FROM python:3.6-alpine + +ENV ELASTALERT_VERSION=v0.2.1 +ENV ELASTALERT_HOME=/opt/elastalert + +WORKDIR ${ELASTALERT_HOME} + +RUN set -xe \ + && apk add --no-cache -t .build-deps \ + build-base \ + curl \ + libffi-dev \ + libmagic \ + musl-dev \ + openssl-dev \ + python-dev \ + tzdata \ + && pip install elastalert==${ELASTALERT_VERSION} \ + && mkdir -p rules \ + && curl -sSL https://github.com/Yelp/elastalert/raw/${ELASTALERT_VERSION}/config.yaml.example > config.yaml \ + && apk del .build-deps + +VOLUME ${ELASTALERT_HOME} + +CMD ["elastalert", "--config", "config.yaml"] diff --git a/elastalert/README.md b/elastalert/README.md index 6498218..72391b5 100644 --- a/elastalert/README.md +++ b/elastalert/README.md @@ -10,7 +10,7 @@ patterns of interest from data in Elasticsearch. $ docker-compose up -d $ docker-compose exec elastalert sh >>> cd /opt/elastalert/rules ->>> elastalert-test-rule xxx.yaml +>>> elastalert-test-rule example.yaml >>> exit ``` diff --git a/elastalert/data/config.yaml b/elastalert/data/config.yaml index 9d7b677..b4f6060 100644 --- a/elastalert/data/config.yaml +++ b/elastalert/data/config.yaml @@ -12,7 +12,7 @@ rules_folder: rules # How often ElastAlert will query elasticsearch # The unit can be anything from weeks to seconds run_every: - seconds: 60 + minutes: 1 # ElastAlert will buffer results from the most recent # period of time, in case some log sources are not in real time diff --git a/elastalert/data/rules/example.yaml b/elastalert/data/rules/example.yaml new file mode 100644 index 0000000..4c4db57 --- /dev/null +++ b/elastalert/data/rules/example.yaml @@ -0,0 +1,25 @@ +name: Example rule + +es_host: elasticsearch +es_port: 9200 + +type: frequency + +index: logstash-* + +num_events: 10 + +timeframe: + hours: 1 + +filter: +- query: + query_string: + query: 'response:[500 TO *]' + +alert: +- command + +command: +- echo +- "{match[@timestamp]} {match[message]}" diff --git a/elastalert/docker-compose.yml b/elastalert/docker-compose.yml index 0e9d414..182dad3 100644 --- a/elastalert/docker-compose.yml +++ b/elastalert/docker-compose.yml @@ -1,13 +1,13 @@ -elastalert: - image: bitsensor/elastalert:2.0.0 - ports: - - "3030:3030" - - "3333:3333" - volumes: - - ./data/config.yaml:/opt/elastalert/config.yaml - - ./data/rules:/opt/elastalert/rules - external_links: - - elk_elasticsearch_1:elasticsearch -# extra_hosts: -# - elasticsearch:1.2.3.4 - restart: always +version: "3.7" + +services: + elastalert: + image: vimagick/elastalert + volumes: + - ./data:/opt/elastalert + restart: unless-stopped + +networks: + default: + external: + name: elk_default