diff --git a/data/common/common.yaml b/data/common/common.yaml --- a/data/common/common.yaml +++ b/data/common/common.yaml @@ -2857,6 +2857,40 @@ - http://esnode2.internal.softwareheritage.org:9200 - http://esnode3.internal.softwareheritage.org:9200 +# To override per "deployment" fact or instance +elasticsearch::config::network::host: "" + +elasticsearch::config::jvm_options::heap_size: 16g + +elasticsearch::config::jvm_options: + - "-Xms%{lookup('elasticsearch::config::jvm_options::heap_size')}" + - "-Xmx%{lookup('elasticsearch::config::jvm_options::heap_size')}" + +elasticsearch::config::cluster::name: swh-logging-prod +elasticsearch::config::path::data: /srv/elasticsearch +elasticsearch::config::path::logs: /var/log/elasticsearch +elasticsearch::config::index::store::type: hybridfs +elasticsearch::config::indices::memory::index_buffer_size: 50% +elasticsearch::config::discovery::seed_hosts: + - esnode1.internal.softwareheritage.org + - esnode2.internal.softwareheritage.org + - esnode3.internal.softwareheritage.org +elasticsearch::config::cluster::initial_master_nodes: + - esnode1 + - esnode2 + - esnode3 + +elasticsearch::config: + cluster.name: "%{alias('elasticsearch::config::cluster::name')}" + node.name: "%{::hostname}" + network.host: "%{alias('elasticsearch::config::network::host')}" + discovery.seed_hosts: "%{alias('elasticsearch::config::discovery::seed_hosts')}" + cluster.initial_master_nodes: "%{alias('elasticsearch::config::cluster::initial_master_nodes')}" + path.data: "%{alias('elasticsearch::config::path::data')}" + path.logs: "%{alias('elasticsearch::config::path::logs')}" + index.store.type: "%{alias('elasticsearch::config::index::store::type')}" + indices.memory.index_buffer_size: "%{alias('elasticsearch::config::indices::memory::index_buffer_size')}" + logstash::listen_network: "%{lookup('internal_network')}" logstash::elasticsearch::hosts: "%{alias('elasticsearch::hosts')}" diff --git a/data/deployments/production/common.yaml b/data/deployments/production/common.yaml --- a/data/deployments/production/common.yaml +++ b/data/deployments/production/common.yaml @@ -1,3 +1,2 @@ swh::deploy::deposit::reverse_proxy::backend_http_host: "::1" swh::deploy::webapp::reverse_proxy::backend_http_host: "::1" - diff --git a/data/deployments/staging/common.yaml b/data/deployments/staging/common.yaml --- a/data/deployments/staging/common.yaml +++ b/data/deployments/staging/common.yaml @@ -244,3 +244,19 @@ apache::http_port: 9080 # Disable default vhost on port 80 apache::default_vhost: false + +# Elasticsearch + +elastic::elk_version: '7.9.3' + +swh::elasticsearch::nodes: + - host: esnode1.internal.staging.swh.network + port: 9200 + +elasticsearch::config::cluster::name: swh-logging-staging +elasticsearch::config::network::host: 0.0.0.0 + +elasticsearch::config::discovery::seed_hosts: + - search-esnode0.internal.softwareheritage.org +elasticsearch::config::cluster::initial_master_nodes: + - search-esnode0 diff --git a/data/hostname/esnode1.internal.softwareheritage.org.yaml b/data/hostname/esnode1.internal.softwareheritage.org.yaml new file mode 100644 --- /dev/null +++ b/data/hostname/esnode1.internal.softwareheritage.org.yaml @@ -0,0 +1 @@ +elasticsearch::config::network::host: 192.168.100.61 diff --git a/data/hostname/esnode2.internal.softwareheritage.org.yaml b/data/hostname/esnode2.internal.softwareheritage.org.yaml new file mode 100644 --- /dev/null +++ b/data/hostname/esnode2.internal.softwareheritage.org.yaml @@ -0,0 +1 @@ +elasticsearch::config::network::host: 192.168.100.62 diff --git a/data/hostname/esnode3.internal.softwareheritage.org.yaml b/data/hostname/esnode3.internal.softwareheritage.org.yaml new file mode 100644 --- /dev/null +++ b/data/hostname/esnode3.internal.softwareheritage.org.yaml @@ -0,0 +1 @@ +elasticsearch::config::network::host: 192.168.100.63 diff --git a/data/hostname/search-esnode0.internal.staging.swh.network.yaml b/data/hostname/search-esnode0.internal.staging.swh.network.yaml new file mode 100644 --- /dev/null +++ b/data/hostname/search-esnode0.internal.staging.swh.network.yaml @@ -0,0 +1,5 @@ +networks: + eth0: + address: 192.168.130.80 + netmask: 255.255.255.0 + gateway: 192.168.130.1 diff --git a/manifests/site.pp b/manifests/site.pp --- a/manifests/site.pp +++ b/manifests/site.pp @@ -39,7 +39,7 @@ } node /^esnode\d+.(internal.)?softwareheritage.org$/ { - include role::swh_elasticsearch + include role::swh_elasticsearch_broker } node /^zookeeper\d+.(internal.)?softwareheritage.org$/ { @@ -160,6 +160,10 @@ include role::swh_worker_inria } +node /^search-esnode\d\.internal\.staging\.swh\.network$/ { + include role::swh_elasticsearch +} + node 'webapp.internal.staging.swh.network' { include role::swh_webapp } diff --git a/site-modules/profile/manifests/elasticsearch.pp b/site-modules/profile/manifests/elasticsearch.pp --- a/site-modules/profile/manifests/elasticsearch.pp +++ b/site-modules/profile/manifests/elasticsearch.pp @@ -2,48 +2,91 @@ class profile::elasticsearch { - user { 'elasticsearch': + # Retro-compatibility + $uid = 114; + $gid = 119; + + group { 'elasticsearch': ensure => 'present', - uid => '114', - gid => '119', - home => '/home/elasticsearch', - shell => '/bin/false', + gid => $gid, } - - package { 'openjdk-8-jre-headless': + -> user { 'elasticsearch': ensure => 'present', + uid => $uid, + gid => $gid, + home => '/home/elasticsearch', + shell => '/bin/false', } include ::profile::elastic::apt_config + $elasticsearch_config = lookup('elasticsearch::config') + $elasticsearch_extra_config = lookup('elasticsearch::config::extras', {default_value => {}}) $version = lookup('elastic::elk_version') - package { 'elasticsearch': - ensure => $version, + $path_data = lookup('elasticsearch::config::path::data') + $jvm_options = lookup('elasticsearch::config::jvm_options') + + file { $path_data: + ensure => 'directory', + owner => $uid, + group => $gid, + mode => '2755', } apt::pin { 'elasticsearch': packages => 'elasticsearch elasticsearch-oss', - version => $version, + version => $version, priority => 1001, + } -> package { 'elasticsearch': + ensure => $version, + require => [ + User['elasticsearch'], + Class['::profile::elastic::apt_config'] + ] + } + + file { '/etc/elasticsearch/elasticsearch.yml': + ensure => file, + owner => $uid, + group => $gid, + mode => '0644', + content => inline_yaml($elasticsearch_config + $elasticsearch_extra_config), + require => Package['elasticsearch'], + notify => Service['elasticsearch'], + } + + concat {'es_jvm_options': + ensure => present, + path => '/etc/elasticsearch/jvm.options.d/jvm.options', + owner => $uid, + group => $gid, + mode => '0644', + ensure_newline => true, + require => Package['elasticsearch'], + notify => Service['elasticsearch'], } - # hybridfs is the best of both worlds between niofs and mmapfs. It's the ES - # 7.x default. - file_line { 'elasticsearch store type': - ensure => present, - line => 'index.store.type: hybridfs', - match => '^(#\s*)?index\.store\.type:', - path => '/etc/elasticsearch/elasticsearch.yml', + $jvm_options.each |$index, $option| { + concat::fragment {"${index}_es_jvm_option": + target => 'es_jvm_options', + content => $option, + order => '00', + } } systemd::dropin_file { 'elasticsearch.conf': - unit => 'elasticsearch.service', - content => template('profile/swh/elasticsearch.conf.erb'), + unit => 'elasticsearch.service', + content => template('profile/swh/elasticsearch.conf.erb'), + notify => Service['elasticsearch'], } service { 'elasticsearch': - ensure => running, - enable => true, + ensure => running, + enable => true, + require => [ + Package['elasticsearch'], + File[$path_data], + ], } } diff --git a/site-modules/role/manifests/swh_elasticsearch.pp b/site-modules/role/manifests/swh_elasticsearch.pp --- a/site-modules/role/manifests/swh_elasticsearch.pp +++ b/site-modules/role/manifests/swh_elasticsearch.pp @@ -1,5 +1,3 @@ class role::swh_elasticsearch inherits role::swh_base { include profile::elasticsearch - - include profile::kafka::broker } diff --git a/site-modules/role/manifests/swh_elasticsearch_broker.pp b/site-modules/role/manifests/swh_elasticsearch_broker.pp new file mode 100644 --- /dev/null +++ b/site-modules/role/manifests/swh_elasticsearch_broker.pp @@ -0,0 +1,3 @@ +class role::swh_elasticsearch_broker inherits role::swh_elasticsearch { + include profile::kafka::broker +}