diff options
-rw-r--r-- | config/pe/elk.conf | 3 | ||||
-rw-r--r-- | config/pe/push-policies.sh | 18 | ||||
-rw-r--r-- | policy-pe/do-start.sh | 2 | ||||
-rw-r--r-- | policy-pe/docker-install.sh | 82 |
4 files changed, 87 insertions, 18 deletions
diff --git a/config/pe/elk.conf b/config/pe/elk.conf new file mode 100644 index 00000000..938954ce --- /dev/null +++ b/config/pe/elk.conf @@ -0,0 +1,3 @@ +# elasticsearch + +ELK_JMX_PORT=9995
\ No newline at end of file diff --git a/config/pe/push-policies.sh b/config/pe/push-policies.sh index 414e2e5b..a8ec6689 100644 --- a/config/pe/push-policies.sh +++ b/config/pe/push-policies.sh @@ -9,8 +9,7 @@ echo "Pushing default policies" curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "vFirewall", - "policyScope": "com", + "policyName": "com.vFirewall", "policyType": "MicroService" }' 'http://pdp:8081/pdp/api/pushPolicy' @@ -18,16 +17,14 @@ sleep 2 curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "vLoadBalancer", - "policyScope": "com", + "policyName": "com.vLoadBalancer", "policyType": "MicroService" }' 'http://pdp:8081/pdp/api/pushPolicy' sleep 2 curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "BRMSParamvLBDemoPolicy", - "policyScope": "com", + "policyName": "com.BRMSParamvLBDemoPolicy", "policyType": "BRMS_Param" }' 'http://pdp:8081/pdp/api/pushPolicy' @@ -35,8 +32,7 @@ sleep 2 curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "BRMSParamvFWDemoPolicy", - "policyScope": "com", + "policyName": "com.BRMSParamvFWDemoPolicy", "policyType": "BRMS_Param" }' 'http://pdp:8081/pdp/api/pushPolicy' @@ -59,8 +55,7 @@ curl -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/ sleep 2 curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "BRMSParamvLBDemoPolicy", - "policyScope": "com", + "policyName": "com.BRMSParamvLBDemoPolicy", "policyType": "BRMS_Param" }' 'http://pdp:8081/pdp/api/pushPolicy' @@ -68,8 +63,7 @@ sleep 2 curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "BRMSParamvFWDemoPolicy", - "policyScope": "com", + "policyName": "com.BRMSParamvFWDemoPolicy", "policyType": "BRMS_Param" }' 'http://pdp:8081/pdp/api/pushPolicy' diff --git a/policy-pe/do-start.sh b/policy-pe/do-start.sh index fc02b860..34041c7a 100644 --- a/policy-pe/do-start.sh +++ b/policy-pe/do-start.sh @@ -9,7 +9,7 @@ container=$1 case $container in pap) - comps="base pap paplp console mysql" + comps="base pap paplp console mysql elk" ;; pdp) comps="base pdp pdplp" diff --git a/policy-pe/docker-install.sh b/policy-pe/docker-install.sh index 57c26bf5..fa9472f1 100644 --- a/policy-pe/docker-install.sh +++ b/policy-pe/docker-install.sh @@ -9,8 +9,8 @@ function usage() { echo -n "syntax: $(basename $0) " echo -n "--debug (" - echo -n "[--install base|pap|pdp|console|mysql|brmsgw|paplp|pdplp] | " - echo -n "[--configure base|pap|pdp|console|mysql|brmsgw|paplp|pdplp] | " + echo -n "[--install base|pap|pdp|console|mysql|elk|brmsgw|paplp|pdplp] | " + echo -n "[--configure base|pap|pdp|console|mysql|elk|brmsgw|paplp|pdplp] | " } function check_java() { @@ -432,6 +432,71 @@ function configure_mysql() { # nothing to do } +# This function installs elk related shell scripts and sql files in the proper locations +# under $POLICY_HOME. It also adds the Elk to the PATH based on configuration. +# +function configure_elk() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + # nothing to do +} + +function install_elk() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + if [[ -f "${HOME}/.bash_profile" ]]; then + source "${HOME}/.bash_profile" + fi + + if [[ -f "${HOME}/.profile" ]]; then + source "${HOME}/.profile" + fi + + ELK_TARGET_INSTALL_DIR=${POLICY_HOME}/elk + + if [[ -d ${ELK_TARGET_INSTALL_DIR} ]]; then + echo "WARNING: ${ELK_TARGET_INSTALL_DIR} exists." + return 1 + fi + + /bin/mkdir -p "${ELK_TARGET_INSTALL_DIR}" > /dev/null 2>&1 + + if [[ ! -d ${ELK_TARGET_INSTALL_DIR} ]]; then + echo "WARNING: ${ELK_TARGET_INSTALL_DIR} doesn't exist." + return 1 + fi + + cd ${ELK_TARGET_INSTALL_DIR} + curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.4.0.tar.gz + + tar xvzf elasticsearch-5.4.0.tar.gz -C . + /bin/rm -fr elasticsearch-5.4.0.tar.gz + /bin/mv ${ELK_TARGET_INSTALL_DIR}/elasticsearch-5.4.0/* . + /bin/rm -fr ${ELK_TARGET_INSTALL_DIR}/elasticsearch-5.4.0 + + /bin/cp "${POLICY_HOME}"/install/elk/bin/* "${POLICY_HOME}/bin" + /bin/cp -f "${POLICY_HOME}"/install/elk/config/* "${ELK_TARGET_INSTALL_DIR}/config" + /bin/cp -f "${POLICY_HOME}/install/elk/init.d/elkd" "${POLICY_HOME}/etc/init.d/elk" + + install_prereqs "${COMPONENT_TYPE}.conf" + + /bin/sed -i -e "s!\${{POLICY_HOME}}!${POLICY_HOME}!g" \ + -e "s!\${{FQDN}}!${FQDN}!g" \ + -e "s!\${{ELK_JMX_PORT}}!${ELK_JMX_PORT}!g" \ + "${ELK_TARGET_INSTALL_DIR}"/config/* "${POLICY_HOME}/etc/init.d/elk" > /dev/null 2>&1 + + + list_unexpanded_files ${POLICY_HOME} + + return $? +} + # This function installs brmsgw related shell scripts and config files in the proper # locations under $POLICY_HOME. # @@ -546,11 +611,12 @@ case $COMPONENT_TYPE in pap) ;; console) ;; mysql) ;; + elk) ;; brmsgw) ;; paplp) ;; pdplp) ;; skip) ;; - *) echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|brmsgw|paplp|pdplp}"; + *) echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|elk|brmsgw|paplp|pdplp}"; usage exit 1 ;; @@ -615,6 +681,9 @@ if [[ ${OPERATION} == install ]]; then mysql) install_mysql ;; + elk) + install_elk + ;; brmsgw) install_brmsgw ;; @@ -622,7 +691,7 @@ if [[ ${OPERATION} == install ]]; then install_logparser ;; *) - echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|brmsgw|paplp|pdplp}"; + echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|elk|brmsgw|paplp|pdplp}"; usage exit 1 ;; @@ -649,6 +718,9 @@ if [[ ${OPERATION} == configure ]]; then mysql) configure_mysql ;; + elk) + configure_elk + ;; brmsgw) configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" ;; @@ -656,7 +728,7 @@ if [[ ${OPERATION} == configure ]]; then configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" ;; *) - echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|brmsgw|paplp|pdplp}"; + echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|elk|brmsgw|paplp|pdplp}"; usage exit 1 ;; |