This repository has been archived by the owner on Jun 24, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 855
/
Copy pathmain.yml
112 lines (91 loc) · 3.31 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
---
- set_fact: "es_major_version={{ es_version.split('.')[0] }}.x"
when:
- es_major_version is undefined
tags:
- always
- name: os-specific vars
include_vars: "{{ansible_os_family}}.yml"
tags:
- always
- name: set compatibility variables
include: compatibility-variables.yml
tags:
- always
- name: check-set-parameters
include: elasticsearch-parameters.yml
tags:
- always
- name: use snapshot release
include: snapshot-release.yml
when: es_use_snapshot_release
- name: include java.yml
include: java.yml
when: es_java_install
tags:
- java
- name: include elasticsearch.yml
include: elasticsearch.yml
tags:
- install
- name: include elasticsearch-config.yml
include: elasticsearch-config.yml
tags:
- config
- name: include elasticsearch-plugins.yml
include: elasticsearch-plugins.yml
when: es_plugins is defined or es_plugins_reinstall
tags:
- plugins
#We always execute xpack as we may need to remove features
- name: include xpack/elasticsearch-xpack.yml
include: xpack/elasticsearch-xpack.yml
tags:
- xpack
- name: include elasticsearch-ssl.yml
include: elasticsearch-ssl.yml
when: es_enable_http_ssl or es_enable_transport_ssl
tags:
- xpack
- name: flush handlers
meta: flush_handlers
- name: Make sure elasticsearch is started
become: yes
service: name=elasticsearch state=started enabled=yes
when: es_start_service
- name: Wait for elasticsearch to startup
wait_for: host={{ es_api_host }} port={{ es_api_port }} delay=5 connect_timeout=1
when: es_restarted is defined and es_restarted.changed and es_start_service
- name: set fact manage_native_realm to false
set_fact: manage_native_realm=false
- name: set fact manage_native_realm to true
set_fact: manage_native_realm=true
when:
- es_start_service
- not oss_version
- (es_users is defined and es_users.native is defined) or (es_roles is defined and es_roles.native is defined)
# If playbook runs too fast, Native commands could fail as the Native Realm is not yet up
- name: Wait {{ es_api_sleep }} seconds for the Native Realm to come up
wait_for:
timeout: "{{ es_api_sleep }}"
when: manage_native_realm | bool
- name: activate-license
include: ./xpack/security/elasticsearch-xpack-activation.yml
when: es_start_service and not oss_version and es_xpack_license is defined and es_xpack_license != ''
run_once: True
- name: activate-trial
include: ./xpack/security/elasticsearch-xpack-trial-activation.yml
when: es_start_service and not oss_version and es_xpack_trial
run_once: True
#perform security actions here now elasticsearch is started
- name: include xpack/security/elasticsearch-security-native.yml
include: ./xpack/security/elasticsearch-security-native.yml
when: manage_native_realm | bool
run_once: True
#Templates done after restart - handled by flushing the handlers. e.g. suppose user removes security on a running node and doesn't specify es_api_basic_auth_username and es_api_basic_auth_password. The templates will subsequently not be removed if we don't wait for the node to restart.
#We also do after the native realm to ensure any changes are applied here first and its denf up.
- name: include elasticsearch-template.yml
include: elasticsearch-template.yml
when: es_templates | bool
tags:
- templates