Puppet Class: wazuh::elasticsearch

Defined in:

manifests/elasticsearch.pp

Overview

Wazuh App Copyright © 2019 Wazuh Inc. (License GPLv2) Setup for elasticsearch

Parameters:

• elasticsearch_cluster_name (Any) (defaults to: 'es-wazuh')
• elasticsearch_node_name (Any) (defaults to: 'es-node-01')
• elasticsearch_node_master (Any) (defaults to: true)
• elasticsearch_node_data (Any) (defaults to: true)
• elasticsearch_node_ingest (Any) (defaults to: true)
• elasticsearch_node_max_local_storage_nodes (Any) (defaults to: '1')
• elasticsearch_service (Any) (defaults to: 'elasticsearch')
• elasticsearch_package (Any) (defaults to: 'elasticsearch')
• elasticsearch_version (Any) (defaults to: '7.2.0')
• elasticsearch_path_data (Any) (defaults to: '/var/lib/elasticsearch')
• elasticsearch_path_logs (Any) (defaults to: '/var/log/elasticsearch')
• elasticsearch_ip (Any) (defaults to: '<YOUR_ELASTICSEARCH_IP>')
• elasticsearch_port (Any) (defaults to: '9200')
• elasticsearch_discovery_option (Any) (defaults to: 'discovery.type: single-node')
• elasticsearch_cluster_initial_master_nodes (Any) (defaults to: "#cluster.initial_master_nodes: ['es-node-01']")
• jvm_options_memmory (Any) (defaults to: '1g')

# File 'manifests/elasticsearch.pp', line 3

class wazuh::elasticsearch (
  # Elasticsearch.yml configuration

  $elasticsearch_cluster_name = 'es-wazuh',
  $elasticsearch_node_name = 'es-node-01',
  $elasticsearch_node_master = true,
  $elasticsearch_node_data = true,
  $elasticsearch_node_ingest = true,
  $elasticsearch_node_max_local_storage_nodes = '1',
  $elasticsearch_service = 'elasticsearch',
  $elasticsearch_package = 'elasticsearch',
  $elasticsearch_version = '7.2.0',

  $elasticsearch_path_data = '/var/lib/elasticsearch',
  $elasticsearch_path_logs = '/var/log/elasticsearch',


  $elasticsearch_ip = '<YOUR_ELASTICSEARCH_IP>',
  $elasticsearch_port = '9200',
  $elasticsearch_discovery_option = 'discovery.type: single-node',
  $elasticsearch_cluster_initial_master_nodes = "#cluster.initial_master_nodes: ['es-node-01']",

# JVM options
  $jvm_options_memmory = '1g',

){

  # install package
  package { 'Installing elasticsearch...':
    ensure => $elasticsearch_version,
    name   => $elasticsearch_package,
  }

  file { 'Configure elasticsearch.yml':
    owner   => 'elasticsearch',
    path    => '/etc/elasticsearch/elasticsearch.yml',
    group   => 'elasticsearch',
    mode    => '0644',
    notify  => Service[$elasticsearch_service], ## Restarts the service
    content => template('wazuh/elasticsearch_yml.erb')
  }

  file { 'Configure jvm.options':
    owner   => 'elasticsearch',
    path    => '/etc/elasticsearch/jvm.options',
    group   => 'elasticsearch',
    mode    => '0660',
    notify  => Service[$elasticsearch_service], ## Restarts the service
    content => template('wazuh/jvm_options.erb')
  }

  service { 'elasticsearch':
    ensure => running,
    enable => true,
  }

  exec { 'Insert line limits':
    path    => '/usr/bin:/bin/',
    command => "echo 'elasticsearch - nofile  65535\nelasticsearch - memlock unlimited' >> /etc/security/limits.conf",

  }

  exec { 'Verify Elasticsearch folders owner':
    path    => '/usr/bin:/bin',
    command => "chown elasticsearch:elasticsearch -R /etc/elasticsearch\
             && chown elasticsearch:elasticsearch -R /usr/share/elasticsearch\
             && chown elasticsearch:elasticsearch -R /var/lib/elasticsearch",

  }


}