diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml new file mode 100644 index 0000000..75bec15 --- /dev/null +++ b/.config/ansible-lint.yml @@ -0,0 +1,10 @@ +--- +# .ansible-lint +exclude_paths: + - .cache/ # implicit unless exclude_paths is defined in config + - .ansible/ + - molecule/ + - .github/ + +# install collection dependencies +offline: false diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml new file mode 100644 index 0000000..57dfbdf --- /dev/null +++ b/.github/workflows/ansible-lint.yml @@ -0,0 +1,32 @@ +--- +name: Ansible Lint # feel free to pick your own name + +on: # yamllint disable-line rule:truthy + # Run CI against all pushes (direct commits, also merged PRs), Pull Requests + push: + branches: [master] + paths: + - 'roles/**' + - 'molecule/**' + - 'requirements.txt' + - '.github/workflows/ansible-lint.yml' + - '.config/ansible-lint.yml' + pull_request: + # The branches below must be a subset of the branches above + branches: [master] + paths: + - 'roles/**' + - 'molecule/**' + - 'requirements.txt' + - '.github/workflows/ansible-lint.yml' + - '.config/ansible-lint.yml' + +jobs: + ansible-lint: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + + - name: Lint Ansible Playbook + uses: ansible/ansible-lint@v25.11.0 # 25 diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml new file mode 100644 index 0000000..85d7895 --- /dev/null +++ b/.github/workflows/molecule.yml @@ -0,0 +1,72 @@ +--- +name: molecule +on: # yamllint disable-line rule:truthy + workflow_dispatch: + push: + branches: [master] + paths: + - 'roles/vector/**' + - 'molecule/ssh_hardening/**' + - '.github/workflows/molecule.yml' + - 'requirements.txt' + pull_request: + branches: [master] + paths: + - 'roles/vector/**' + - 'molecule/default/**' + - '.github/workflows/molecule.yml' + - 'requirements.txt' + schedule: + - cron: '20 10 * * tue' + + +jobs: + build: + runs-on: ubuntu-latest + env: + PY_COLORS: 1 + ANSIBLE_FORCE_COLOR: 1 + strategy: + fail-fast: false + matrix: + include: + - molecule_distro: rockylinux8 + molecule_docker_command: /usr/lib/systemd/systemd + - molecule_distro: rockylinux9 + molecule_docker_command: /usr/lib/systemd/systemd + - molecule_distro: debian13 + molecule_docker_command: /usr/lib/systemd/systemd + molecule_distro: + - debian12 + - ubuntu2204 + - ubuntu2404 + molecule_docker_command: + - "/bin/systemd" + steps: + - name: Checkout repo + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + path: ansible_collections/telekom_mms/vector + submodules: true + + - name: Set up Python + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 + with: + python-version: 3.12 + cache: 'pip' + + - name: Install dependencies + run: pip install -r requirements.txt + working-directory: ansible_collections/telekom_mms/vector + + - name: Downgrade Ansible for Rocky 8 tests + run: pip install "ansible-core<2.17" + working-directory: ansible_collections/telekom_mms/vector + if: matrix.molecule_distro == 'rockylinux8' + + - name: Test with molecule + run: molecule test -s vector + env: + MOLECULE_DISTRO: ${{ matrix.molecule_distro }} + MOLECULE_DOCKER_COMMAND: ${{ matrix.molecule_docker_command }} + working-directory: ansible_collections/telekom_mms/vector diff --git a/.github/workflows/new_version.yml b/.github/workflows/new_version.yml deleted file mode 100644 index 5a0be23..0000000 --- a/.github/workflows/new_version.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- - -name: publish - -on: - push: - tags: - - v* - -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - # Sets RELEASE_VERSION to be refs/tags/v -> - - name: Get the version from the tag - run: echo "RELEASE_VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV - - - name: Upload to ansible-galaxy - uses: artis3n/ansible_galaxy_collection@v2 - with: - api_key: '${{ secrets.GALAXY_API_KEY }}' - galaxy_version: '${{ env.RELEASE_VERSION }}' diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml deleted file mode 100644 index 3da9bf4..0000000 --- a/.github/workflows/push.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -name: Tests - -on: - push: - pull_request: - schedule: - - cron: '20 10 * * tue' -jobs: - build: - runs-on: ubuntu-latest - strategy: - max-parallel: 4 - matrix: - python-version: [3.6, 3.7] - - steps: - - uses: actions/checkout@v1 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v1 - with: - python-version: ${{ matrix.python-version }} - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip3 install -r requirements-tests.txt - ansible --version - ansible-lint --version - - name: Test - run: | - cd roles/vector && molecule test - - diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..821e42d --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,3 @@ +# 1.0.0 + +* initial release diff --git a/README.md b/README.md index 035f4c3..5551aed 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,79 @@ -![publish](https://github.com/dzervas/ansible-vector/workflows/publish/badge.svg) +[![molecule](https://github.com/telekom-mms/ansible-vector/actions/workflows/molecule.yml/badge.svg)](https://github.com/telekom-mms/ansible-vector/actions/workflows/molecule.yml) [![ansible-lint](https://github.com/telekom-mms/ansible-vector/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/telekom-mms/ansible-vector/actions/workflows/ansible-lint.yml) -# Vector ansible role +# ansible-vector -This is an ansible role to set up [vector](https://vector.dev). -It translates the YAML configuration to TOML, so any configuration is possible. +This is a ansible collection to set up [vector](https://vector.dev) on various systems. -For available variables check out [defaults](roles/vector/defaults/main.yml) +## supported & tested OS -Currently only amd64, arch64, arch7 through deb and rpm packages are supported +| OS | Tested +|--------------|-------------------- +| Debian 12 | :white_check_mark: +| Debian 13 | :white_check_mark: +| RL8 | :white_check_mark: +| RL9 | :white_check_mark: +| Ubuntu 22.04 | :white_check_mark: +| Ubuntu 24.04 | :white_check_mark: + +## Variables + +| Variable | Required | Default | Description +|-------------------------------|----------|--------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------- +| vector_template | yes | vector.yaml.j2 | path of your vector.yaml template +| vector_config_file | yes | /etc/vector/vector.yaml | system path of your vector.yaml configuration +| vector_groups | no | | add user vector to specified groups +| vector_manage_repo | no | false | configure deb or redhat based repositories +| vector_install_from_repo | no | false | whether to install vector from packages or install from deb or redhat based repositories +| vector_repo_key | no | see `defaults/main.yml` | configurable repo key, in case repo proxy is used +| vector_repo | no | see `defaults/main.yml` | configurable repo, in case repo proxy is used +| vector_restartsec | no | | add RestartSec to systemd config +| vector_package | no | vector | option to define vector version with package name +| vector_version | no | | define vector version while vector is installed by source +| sources | yes | false | ingest observability data from a wide variety of targets [link](https://vector.dev/docs/reference/configuration/sources/) +| transforms | no | false | shape your data as it moves through your Vector topology [link](https://vector.dev/docs/reference/configuration/transforms/) +| sinks | yes | false | deliver your observability data to a variety of destinations [link](https://vector.dev/docs/reference/configuration/sinks/) + +## Example for configuration with ansible +```yaml +sources: + journald: + type: journald + current_boot_only: true + +transforms: + grok: + type: grok_parser + inputs: + - journald + pattern: '(?\\d+)%{GREEDYDATA}' + +sinks: + vector: + type: vector + inputs: ["journald"] + address: "vector.example.com:9000" +``` + +## Example playbook +```yaml +- name: Install and configure vector + hosts: all + vars: + sources: + journald: + type: journald + current_boot_only: true + transforms: + grok: + type: grok_parser + inputs: + - journald + pattern: '(?\\d+)%{GREEDYDATA}' + sinks: + vector: + type: vector + inputs: ["journald"] + address: "vector.example.com:9000" + roles: + - telekom_mms.vector.vector +``` diff --git a/galaxy.yml b/galaxy.yml index ee8ed07..989beb9 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,18 +1,24 @@ --- - -namespace: dzervas +namespace: telekom_mms name: vector +version: 2.0.2 readme: README.md authors: - Dimitris Zervas - Gaëtan Duchaussois - Dylan Humphreys -description: vector.dev ansible role + - Daniel Uhlmann + - Christopher Grau +description: >- + This is an ansible collection to set up [vector](https://vector.dev) on various systems. license_file: LICENSE tags: - vector - logging - monitoring -repository: https://github.com/dzervas/ansible-vector -documentation: https://github.com/dzervas/ansible-vector -issues: https://github.com/dzervas/ansible-vector/issues +dependencies: + community.general: ">=8.6.0" +repository: https://github.com/telekom-mms/ansible-vector +documentation: https://github.com/telekom-mms/ansible-vector +homepage: https://github.com/telekom-mms/ansible-vector +issues: https://github.com/telekom-mms/ansible-vector/issues diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..ac77637 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,14 @@ +--- +galaxy_info: + namespace: telekom_mms + role_name: vector + author: >- + Dimitris Zervas + Gaëtan Duchaussois + Dylan Humphreys + Daniel Uhlmann + Christopher Grau + description: >- + This is an ansible collection to set up [vector](https://vector.dev) on various systems. + license: LICENSE + min_ansible_version: "2.17" diff --git a/meta/runtime.yml b/meta/runtime.yml new file mode 100644 index 0000000..a764a08 --- /dev/null +++ b/meta/runtime.yml @@ -0,0 +1,2 @@ +--- +requires_ansible: ">=2.17.0" diff --git a/molecule/vector/converge.yml b/molecule/vector/converge.yml new file mode 100644 index 0000000..1dd4cd3 --- /dev/null +++ b/molecule/vector/converge.yml @@ -0,0 +1,21 @@ +--- +- name: Converge + hosts: all + vars: + sources: + journald: + type: journald + current_boot_only: true + sinks: + vector: + type: vector + inputs: ["journald"] + address: "vector.example.com:9000" + healthcheck: + enabled: false + vector_install_from_repo: true + vector_manage_repo: true + tasks: + - name: Include role vector + ansible.builtin.include_role: + name: telekom_mms.vector.vector diff --git a/molecule/vector/molecule.yml b/molecule/vector/molecule.yml new file mode 100644 index 0000000..0d106ab --- /dev/null +++ b/molecule/vector/molecule.yml @@ -0,0 +1,37 @@ +--- +driver: + name: docker + +platforms: + - name: instance + image: geerlingguy/docker-${MOLECULE_DISTRO}-ansible:latest + command: ${MOLECULE_DOCKER_COMMAND:-/bin/systemd} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + cgroupns_mode: host + pre_build_image: true + +provisioner: + name: ansible + config_options: + defaults: + deprecation_warnings: false + callback_whitelist: timer,profile_tasks + fact_caching: jsonfile + fact_caching_connection: ./cache + forks: 100 + connection: + pipelining: true +verifier: + name: ansible + +scenario: + test_sequence: + - dependency + - syntax + - create + - prepare + - converge + - verify + - destroy diff --git a/molecule/vector/verify.yml b/molecule/vector/verify.yml new file mode 100644 index 0000000..6943b14 --- /dev/null +++ b/molecule/vector/verify.yml @@ -0,0 +1,31 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Verify existing configuration file /etc/vector/vector.yaml + ansible.builtin.file: + path: /etc/vector/vector.yaml + state: file + register: result_vector_config_file + + - name: Validate existing configuration file /etc/vector/vector.yaml + ansible.builtin.assert: + that: + - result_vector_config_file.state == 'file' + - result_vector_config_file.owner == 'root' + - result_vector_config_file.group == 'root' + - result_vector_config_file.mode == '0644' + + - name: Verify that serivce vector is running + ansible.builtin.service: + name: vector + state: started + register: result_vector_service + + - name: Validate that serivce vector is running + ansible.builtin.assert: + that: + - result_vector_service.state == 'started' + - result_vector_service.changed == false + - result_vector_service.name == 'vector' diff --git a/requirements-tests.txt b/requirements-tests.txt deleted file mode 100644 index 5045816..0000000 --- a/requirements-tests.txt +++ /dev/null @@ -1,4 +0,0 @@ -ansible -ansible-lint -molecule[docker] -flake8 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..95eb492 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,4 @@ +molecule==24.12.0 +molecule-plugins[docker]==23.5.3 +ansible-core==2.18.1 +docker==7.1.0 diff --git a/roles/vector/.yamllint b/roles/vector/.yamllint deleted file mode 100644 index 8827676..0000000 --- a/roles/vector/.yamllint +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Based on ansible-lint config -extends: default - -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - colons: - max-spaces-after: -1 - level: error - commas: - max-spaces-after: -1 - level: error - comments: disable - comments-indentation: disable - document-start: disable - empty-lines: - max: 3 - level: error - hyphens: - level: error - indentation: disable - key-duplicates: enable - line-length: disable - new-line-at-end-of-file: disable - new-lines: - type: unix - trailing-spaces: disable - truthy: disable diff --git a/roles/vector/README.md b/roles/vector/README.md deleted file mode 120000 index fe84005..0000000 --- a/roles/vector/README.md +++ /dev/null @@ -1 +0,0 @@ -../../README.md \ No newline at end of file diff --git a/roles/vector/defaults/main.yml b/roles/vector/defaults/main.yml index 534df01..b2ef4c3 100644 --- a/roles/vector/defaults/main.yml +++ b/roles/vector/defaults/main.yml @@ -1,23 +1,28 @@ -vector_template: vector.toml.j2 -vector_config_file: /etc/vector/vector.toml -vector_nightly: no -vector_version: "{{ vector_nightly | ternary('nightly','latest') }}" -add_vector_docker_group: no # Add vector user to "docker" group -add_vector_journal_group: no # Add vector user to "systemd-journal" group +--- -sources: - journald: - type: journald - current_boot_only: true +# vector configuration file +vector_template: vector.yaml.j2 +vector_config_file: /etc/vector/vector.yaml -transforms: - grok: - type: grok_parser - inputs: - - journald - pattern: '(?\\d+)%{GREEDYDATA}' -sinks: - vector: - type: vector - inputs: ["journald"] - address: "vector.example.com:9000" +# vector groups +# vector_groups: [] + +# install vector from repo +vector_install_from_repo: false +vector_manage_repo: false +vector_repo: + Debian: deb [signed-by=/usr/share/keyrings/datadog-archive-keyring.gpg] https://apt.vector.dev/ stable vector-0 + RedHat: https://yum.vector.dev/stable/vector-0/$basearch/ +vector_repo_key: + Debian: + - https://keys.datadoghq.com/DATADOG_APT_KEY_CURRENT.public + - https://keys.datadoghq.com/DATADOG_APT_KEY_F14F620E.public + - https://keys.datadoghq.com/DATADOG_APT_KEY_C0962C7D.public + RedHat: + - https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public + - https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public + - https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public +vector_repo_gpgcheck: true + +# vector package name +vector_package: vector diff --git a/roles/vector/handlers/main.yml b/roles/vector/handlers/main.yml index 9081f3d..0ab4aa7 100644 --- a/roles/vector/handlers/main.yml +++ b/roles/vector/handlers/main.yml @@ -1,5 +1,10 @@ -- name: restart vector - service: +--- +- name: Reload systemd + ansible.builtin.systemd_service: + daemon_reload: true + +- name: Restart vector + ansible.builtin.service: state: restarted - daemon_reload: yes + daemon_reload: true name: vector diff --git a/roles/vector/meta/main.yml b/roles/vector/meta/main.yml deleted file mode 100644 index cef098b..0000000 --- a/roles/vector/meta/main.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- - -galaxy_info: - role_name: vector - namespace: dzervas - author: Dimitris Zervas - description: vector.dev ansible role - license: MIT - platforms: - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - vector - - logging - - monitoring - min_ansible_version: 2.9 diff --git a/roles/vector/molecule/default/converge.yml b/roles/vector/molecule/default/converge.yml deleted file mode 100644 index 6d39e2e..0000000 --- a/roles/vector/molecule/default/converge.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Converge - hosts: all - tasks: - - name: "Include vector" - include_role: - name: "vector" diff --git a/roles/vector/molecule/default/molecule.yml b/roles/vector/molecule/default/molecule.yml deleted file mode 100644 index 38186a5..0000000 --- a/roles/vector/molecule/default/molecule.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: | - set -e - yamllint . - ansible-lint - flake8 -platforms: - - name: debian10 - image: jrei/systemd-debian:10 - privileged: true - command: /lib/systemd/systemd - tmpfs: - - /run - - /tmp - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: debian9 - image: jrei/systemd-debian:9 - privileged: true - command: /lib/systemd/systemd - tmpfs: - - /run - - /tmp - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: ubuntu1804 - image: jrei/systemd-ubuntu:18.04 - privileged: true - command: /lib/systemd/systemd - tmpfs: - - /run - - /tmp - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: ubuntu2004 - image: jrei/systemd-ubuntu:20.04 - privileged: true - command: /lib/systemd/systemd - tmpfs: - - /run - - /tmp - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - name: centos8 - image: jrei/systemd-centos:8 - privileged: true - command: /usr/sbin/init - tmpfs: - - /run - - /tmp - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - -provisioner: - name: ansible -verifier: - name: ansible diff --git a/roles/vector/molecule/default/verify.yml b/roles/vector/molecule/default/verify.yml deleted file mode 100644 index e5586a0..0000000 --- a/roles/vector/molecule/default/verify.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Verify - hosts: all - gather_facts: false - tasks: - - name: Execute vector - command: vector --version - changed_when: false - register: vector_version_rc - - name: Check grok pattern is not mangled - lineinfile: - path: /etc/vector/vector.toml - line: ' pattern = "(?\\d+)%{GREEDYDATA}"' - diff: true - register: grok_pattern_rc - - name: Assert vector is installed - assert: - that: - - vector_version_rc is success - - grok_pattern_rc is not changed diff --git a/roles/vector/tasks/config.yml b/roles/vector/tasks/config.yml new file mode 100644 index 0000000..a352b49 --- /dev/null +++ b/roles/vector/tasks/config.yml @@ -0,0 +1,44 @@ +--- +- name: Create configuration + ansible.builtin.template: + src: "{{ vector_template }}" + dest: "{{ vector_config_file }}" + mode: "0644" + notify: Restart vector + +- name: Add vector to specified groups + when: + - vector_groups is defined + - vector_groups | length > 0 + ansible.builtin.user: + name: vector + groups: "{{ item }}" + append: true + loop: "{{ vector_groups }}" + notify: Restart vector + +- name: Create a directory for drop-in configuration if it does not exist + when: + - vector_restartsec is defined + ansible.builtin.file: + path: /etc/systemd/system/vector.service.d + state: directory + owner: root + mode: '0755' + +- name: Add RestartSec to systemd config + when: + - vector_restartsec is defined + ansible.builtin.template: + src: vector_restartsec.j2 + dest: /etc/systemd/system/vector.service.d/vector.conf + owner: root + group: root + mode: '0644' + notify: Reload systemd + +- name: Start vector + ansible.builtin.service: + state: started + enabled: true + name: vector diff --git a/roles/vector/tasks/install.yml b/roles/vector/tasks/install.yml new file mode 100644 index 0000000..071d83e --- /dev/null +++ b/roles/vector/tasks/install.yml @@ -0,0 +1,31 @@ +--- + +- name: Install vector from downloaded package + when: not vector_install_from_repo | bool + block: + - name: Install vector (Debian) + when: ansible_facts.os_family == 'Debian' + ansible.builtin.apt: + deb: "https://apt.vector.dev/pool/v/ve/vector_{{ vector_version }}-1_{{ arch }}.deb" + install_recommends: true + notify: Restart vector + vars: + arch: "{{ vector_arch[ansible_facts.machine] }}" + + - name: Install vector (RedHat) + when: ansible_facts.os_family == 'RedHat' + ansible.builtin.dnf: + name: "https://yum.vector.dev/stable/vector-0/{{ arch }}/vector-{{ vector_version }}-1.{{ arch }}.rpm" + state: present + disable_gpg_check: true # package is not signed + notify: Restart vector + vars: + arch: "{{ vector_arch[ansible_facts.machine] }}" + +- name: Install vector from repository + when: vector_install_from_repo | bool + block: + - name: Install vector + ansible.builtin.package: + name: "{{ vector_package }}" + state: present diff --git a/roles/vector/tasks/main.yml b/roles/vector/tasks/main.yml index 81dbd93..99a8c87 100644 --- a/roles/vector/tasks/main.yml +++ b/roles/vector/tasks/main.yml @@ -1,65 +1,11 @@ -# Workaround for latest version being named against a version number -- name: Get latest version - uri: - url: https://s3.amazonaws.com/packages.timber.io/?prefix=vector/latest&max-keys=1 - return_content: true - register: bucket_content - when: vector_version == "latest" +--- -- name: Set latest version - set_fact: - vector_version: "{{ bucket_content.content | regex_replace('.*\\n.*[^-]+-(?P[\\d\\.]+)-.*','\\g') }}" - when: vector_version == "latest" +- name: Create repository for debian or redhat based systems + when: vector_manage_repo | bool + ansible.builtin.include_tasks: repo.yml -- name: Install Vector (Debian) - apt: - deb: "https://packages.timber.io/vector/{{ version }}/vector-{{ version }}-{{ arch }}.deb" - install_recommends: yes - notify: - - restart vector - vars: - version: "{{ (vector_version == 'nightly')| bool | ternary('nightly/latest', vector_version) }}" - arch: "{{ vector_debian_arch[ansible_machine] }}" - when: ansible_os_family == 'Debian' +- name: Install vector + ansible.builtin.include_tasks: install.yml -- name: Install Vector (RedHat) - yum: - name: "https://packages.timber.io/vector/{{ version }}/vector-{{ package_version }}.{{ arch }}.rpm" - state: present - disable_gpg_check: yes # package is not signed - notify: - - restart vector - vars: - version: "{{ (vector_version == 'nightly')| bool | ternary('nightly/latest', vector_version) }}" - package_version: "{{ vector_version is match('latest') | ternary(vector_version, vector_version ~ '-1') }}" - arch: "{{ vector_redhat_arch[ansible_machine] }}" - when: ansible_os_family == 'RedHat' - -- name: Copy config - template: - src: "{{ vector_template }}" - dest: "{{ vector_config_file }}" - mode: 0644 - notify: restart vector - -- name: Add vector user to docker group - user: - name: vector - groups: docker - append: yes - when: add_vector_docker_group | default(no) - notify: restart vector - -- name: Add vector user to systemd-journal group - user: - name: vector - groups: systemd-journal - append: yes - when: add_vector_journal_group | default(no) - notify: restart vector - -- name: Start Vector - service: - state: started - enabled: yes - name: vector +- name: Create configuration for vector + ansible.builtin.include_tasks: config.yml diff --git a/roles/vector/tasks/repo.yml b/roles/vector/tasks/repo.yml new file mode 100644 index 0000000..ff5d79f --- /dev/null +++ b/roles/vector/tasks/repo.yml @@ -0,0 +1,48 @@ +--- + +- name: Configure repository and Repository key on Debian + when: ansible_facts.os_family == "Debian" + block: + - name: Ensure apt-transport-https curl and gnupg are installed + ansible.builtin.apt: + name: + - apt-transport-https + - curl + - gnupg + state: present + update_cache: true + + - name: Create key file /usr/share/keyrings/datadog-archive-keyring.gpg + ansible.builtin.file: + path: /usr/share/keyrings/datadog-archive-keyring.gpg + mode: "0644" + owner: root + group: root + state: touch + + - name: Download key and put them into key file + ansible.builtin.shell: | + set -o pipefail + curl {{ item }} | gpg --no-default-keyring --keyring /usr/share/keyrings/datadog-archive-keyring.gpg --import --batch + register: vector_download_repo_key + changed_when: true + failed_when: vector_download_repo_key.rc != 0 + args: + executable: /bin/bash + loop: "{{ vector_repo_key[ansible_facts.os_family] }}" + + - name: Add vector repository + ansible.builtin.apt_repository: + repo: "{{ vector_repo[ansible_facts.os_family] }}" + state: present + filename: vector + +- name: Add vector repository for RedHat based distributions + when: ansible_facts.os_family == "RedHat" + ansible.builtin.yum_repository: + name: vector + description: Vector + baseurl: "{{ vector_repo[ansible_facts.os_family] }}" + gpgcheck: true + repo_gpgcheck: "{{ vector_repo_gpgcheck }}" + gpgkey: "{{ vector_repo_key[ansible_facts.os_family] }}" diff --git a/roles/vector/templates/vector.yaml.j2 b/roles/vector/templates/vector.yaml.j2 new file mode 100644 index 0000000..908d040 --- /dev/null +++ b/roles/vector/templates/vector.yaml.j2 @@ -0,0 +1,9 @@ +{{ vector_general_config | default("") }} +sources: + {{ sources | to_nice_yaml | indent(2) }} +{% if transforms is defined %} +transforms: + {{ transforms | to_nice_yaml | indent(2) }} +{% endif %} +sinks: + {{ sinks | to_nice_yaml | indent(2) }} diff --git a/roles/vector/templates/vector_restartsec.j2 b/roles/vector/templates/vector_restartsec.j2 new file mode 100644 index 0000000..8706475 --- /dev/null +++ b/roles/vector/templates/vector_restartsec.j2 @@ -0,0 +1,2 @@ +[Service] +RestartSec={{ vector_restartsec }} diff --git a/roles/vector/vars/main.yml b/roles/vector/vars/main.yml deleted file mode 100644 index af90c4b..0000000 --- a/roles/vector/vars/main.yml +++ /dev/null @@ -1,8 +0,0 @@ -vector_debian_arch: - armv7l: armhf - aarch64: arm64 - x86_64: amd64 -vector_redhat_arch: - armv7l: armv7hl - aarch64: aarch64 - x86_64: x86_64