Simonx123
Simonx123
/ startup_input_var.sh
Created
September 7, 2020 01:04
— forked from Callonski/startup_input_var.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| node_name = var.master_node, | |
| network_host = var.node_ips[0], | |
| elastic_host_1 = var.node_ips[0], | |
| elastic_host_2 = var.node_ips[1], | |
| elastic_host_3 = var.node_ips[2], | |
| master_node = var.master_node, | |
| ca_bucket = var.ca_bucket_location, | |
| backup_bucket = var.backup_bucket, | |
| gcp_sa = google_service_account_key.mykey.private_key, | |
| elastic_pw = var.elastic_pw, |
Simonx123
/ jvm_ram.sh
Created
September 7, 2020 01:04
— forked from Callonski/jvm_ram.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############# APPEND TO JVM CONFIGURATION FILE #################### | |
| echo "-Xms4g" >> /etc/elasticsearch/jvm.options | |
| echo "-Xmx4g" >> /etc/elasticsearch/jvm.options |
Simonx123
/ gcs_plugin_sa.sh
Created
September 7, 2020 01:04
— forked from Callonski/gcs_plugin_sa.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ####### PLUGIN, SERVICE-ACCOUNT AND RESTART ELASTICSEARCH ######## | |
| systemctl enable elasticsearch.service | |
| cd /usr/share/elasticsearch | |
| sudo ./bin/elasticsearch-plugin install repository-gcs -b | |
| echo ${gcp_sa} | base64 -d > credentials.json | |
| sudo ./bin/elasticsearch-keystore add-file gcs.client.default.credentials_file credentials.json -s | |
| systemctl restart elasticsearch.service |
Simonx123
/ xpac_monitoring.sh
Last active
September 7, 2020 01:04
— forked from Callonski/xpac_monitoring.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################### ENABLE X-PAC MONITORING #################### | |
| curl -X PUT "0.0.0.0:9200/_cluster/settings?pretty" -H 'Content-Type: application/json' -d' {"persistent": {"xpack.monitoring.collection.enabled": true}}' |
Simonx123
/ xpac_elasticsearch.sh
Created
September 7, 2020 01:04
— forked from Callonski/xpac_elasticsearch.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################### X-PAC SECURITY FEATURES ####################### | |
| gsutil cp "my-gcs-bucket-with-elastic-certificates" /etc/elasticsearch | |
| gsutil cp "${ca_bucket}http.p12" /etc/elasticsearch | |
| chmod 777 /etc/elasticsearch | |
| cat <<EOT >> /etc/elasticsearch/elasticsearch.yml | |
| xpack.security.http.ssl.enabled: true | |
| xpack.security.http.ssl.keystore.path: /etc/elasticsearch/http.p12 | |
| xpack.security.http.ssl.keystore.secure_password: '' | |
| xpack.security.enabled: true | |
| xpack.security.transport.ssl.enabled: true |
Simonx123
/ xpac_elasticsearch.sh
Created
September 7, 2020 01:04
— forked from Callonski/xpac_elasticsearch.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################### X-PAC SECURITY FEATURES ####################### | |
| gsutil cp "my-gcs-bucket-with-elastic-certificates" /etc/elasticsearch | |
| gsutil cp "${ca_bucket}http.p12" /etc/elasticsearch | |
| chmod 777 /etc/elasticsearch | |
| cat <<EOT >> /etc/elasticsearch/elasticsearch.yml | |
| xpack.security.http.ssl.enabled: true | |
| xpack.security.http.ssl.keystore.path: /etc/elasticsearch/http.p12 | |
| xpack.security.http.ssl.keystore.secure_password: '' | |
| xpack.security.enabled: true | |
| xpack.security.transport.ssl.enabled: true |
Simonx123
/ terraform_deploy.tf
Created
September 7, 2020 01:04
— forked from Callonski/terraform_deploy.tf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform apply -var 'elastic_pw={pw_elastic}' -var-file=env/test.tfvars -auto-approve |
Simonx123
/ terraform_deploy.tf
Created
September 7, 2020 01:04
— forked from Callonski/terraform_deploy.tf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform apply -var 'elastic_pw={pw_elastic}' -var-file=env/prod.tfvars -auto-approve |
Simonx123
/ backup_snapshot_roles_etc.sh
Created
September 7, 2020 01:04
— forked from Callonski/backup_snapshot_roles_etc.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################### REGISTER BACKUP REPOSITORY ################### | |
| curl -X PUT "https://elastic:${elastic_pw}@0.0.0.0:9200/_snapshot/backup?pretty" -k -H 'Content-Type: application/json' -d '{"type": "gcs","settings": {"bucket": "${backup_bucket}","service_account": "/usr/share/credentials.json"}}' | |
| ############ CREATE BACKUP POLICY FOR DAILY SNAPSHOTS ############## | |
| curl -X PUT -k "https://elastic:${elastic_pw}@0.0.0.0:9200/_slm/policy/nightly-snapshots?pretty" -H 'Content-Type: application/json' -d'{ "schedule": "0 30 1 * * ?", "name": "elastic-snapshot", "repository": "backup", "config": {"indices": ["*"]}, "retention": {"expire_after": "30d", "min_count": 5, "max_count": 30 }}' | |
| ################### CREATE CUSTOM ROLES ########################## | |
| curl -X PUT -k "https://elastic:${elastic_pw}@0.0.0.0:9200/_security/role/API" -H 'Content-Type: application/json' -d '{ "indices": [{ "names": [ "*-read-alias", "*-write-alias"], "privileges": ["read"] } ]}' | |
| curl -X PUT -k "https://elastic:${elastic_pw}@0.0.0.0:9200 |
Simonx123
/ kibana_prerequisites.sh
Created
September 7, 2020 01:04
— forked from Callonski/kibana_prerequisites.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############## INSTALL PREREQUISITIES ######################### | |
| sudo apt-get install openjdk-8-jre -y | |
| sudo apt update | |
| sudo apt install -y -qq apt-transport-https | |
| sudo apt install -y fonts-liberation | |
| sudo apt install -y libfontconfig1 | |
| sudo apt install -y logstash | |
| sudo apt install -y snapd | |
| sudo snap install micro - classic | |
| cat <<EOT >> ~/.bashrc |