diff options
author | Ravindra Bakkamanthala <rb7147@att.com> | 2017-05-23 14:56:12 -0400 |
---|---|---|
committer | Ravindra Bakkamanthala <rb7147@att.com> | 2017-05-23 16:49:56 -0400 |
commit | 87c95be02a8a4d77e165dede90777e811b59dcae (patch) | |
tree | 4712199fc3520b530dda0c4d3b074c327df547f2 /packages/base/src/files/install/elk | |
parent | 7e547eaa55920dfbc9691eab33bb728395b50cf2 (diff) |
Commit includes ControlLoopPolicy API and bugfixes
Change-Id: I3e18bb8b4c31a0d908bb0cff4c85e2a3fb450a63
Signed-off-by: Ravindra Bakkamanthala <rb7147@att.com>
Diffstat (limited to 'packages/base/src/files/install/elk')
-rw-r--r-- | packages/base/src/files/install/elk/bin/elk.sh | 166 | ||||
-rw-r--r-- | packages/base/src/files/install/elk/config/elasticsearch.yml | 392 | ||||
-rw-r--r-- | packages/base/src/files/install/elk/init.d/elkd | 76 |
3 files changed, 634 insertions, 0 deletions
diff --git a/packages/base/src/files/install/elk/bin/elk.sh b/packages/base/src/files/install/elk/bin/elk.sh new file mode 100644 index 000000000..5011aa61e --- /dev/null +++ b/packages/base/src/files/install/elk/bin/elk.sh @@ -0,0 +1,166 @@ +#!/bin/bash + +ELK_MAP_SUCCESS_RE="\"acknowledged\": *true" + +function usage() { + echo -n "syntax: $(basename $0) " + echo -n "[--debug] " + echo -n "([--audit] |" +} + +function log() { + echo "$(date +"%Y-%m-%d_%H-%M-%S") $1" >> ${POLICY_HOME}/logs/elk.log + echo "$1" +} + +function delete_index() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + COMMAND="curl --silent -X DELETE http://localhost:9200/policy" + OUTPUT="$(${COMMAND} 2>&1)" + RC=$? + + log "${RC}: ${COMMAND}" + log "${OUTPUT}" + + if [[ ${RC} != 0 ]] || [[ ! ${OUTPUT} =~ ${ELK_MAP_SUCCESS_RE} ]]; then + log "WARNING: curl: delete /policy: ${RC}" + return 1 + fi + + log "OK: curl: delete /policy: ${OUTPUT}" + return 0 +} + +function create_index() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + COMMAND="curl --silent -X PUT http://localhost:9200/policy" + OUTPUT="$(${COMMAND} 2>&1)" + RC=$? + + log "${RC}: ${COMMAND}" + log "${OUTPUT}" + + if [[ ${RC} != 0 ]] || [[ ! ${OUTPUT} =~ ${ELK_MAP_SUCCESS_RE} ]]; then + log "ERROR: curl: put /policy: ${RC}" + return 1 + fi + + log "OK: curl: put /policy." + return 0 +} + +function check_elk_status() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + ${POLICY_HOME}/etc/init.d/elk status + if [[ $? != 0 ]]; then + log "ERROR: elk is down. Aborting .." + exit 1 + fi +} + +function check_elk_policy_index() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + COMMAND="curl --silent -X GET http://localhost:9200/policy" + OUTPUT="$(${COMMAND} 2>&1)" + RC=$? + + log "${RC}: ${COMMAND}" + + if [[ ${RC} != 0 ]] || [[ ! ${OUTPUT} =~ policy ]]; then + log "ERROR: curl: get /policy: ${RC}" + return 1 + fi + + log "OK: curl: get /policy." + return 0 +} + +#The Script will update the policy data on querying from database as a bulk to Elastic Database +function audit() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + check_elk_status + + if ! check_elk_policy_index; then + echo "policy index does not exist. So, Policy Index is created." + if ! create_index; then + echo "abort: policy index creation failed." + exit 1 + fi + fi + + $JAVA_HOME/bin/java -cp $POLICY_HOME/servers/pap/webapps/pap/WEB-INF/lib/ECOMP-PAP-REST-*.jar:$POLICY_HOME/servers/pap/webapps/pap/WEB-INF/lib/*: -DPROPERTY_FILE=$POLICY_HOME/servers/pap/bin/policyelk.properties org.openecomp.policy.pap.xacml.rest.elk.client.ElasticSearchPolicyUpdate +} + +######################################################################### +## +## script execution body +## +######################################################################### + +DEBUG=n +OPERATION=none + +until [[ -z "$1" ]]; do + case $1 in + -d|--debug|debug) DEBUG=y + set -x + ;; + -a|--audit|audit) OPERATION=audit + ;; + *) usage + exit 1 + ;; + esac + shift +done + +# operation validation +case $OPERATION in + audit) ;; + *) echo "invalid operation (${OPERATION})."; + usage + exit 1 + ;; +esac + +if [[ -z ${POLICY_HOME} ]]; then + echo "error: POLICY_HOME is unset." + exit 1 +fi + +log "**** $OPERATION ****" + +if pidof -o %PPID -x $(basename $0) > /dev/null 2>&1; then + echo "WARNING: an $(basename $0) process is already running. Exiting." + exit 1 +fi + +case $OPERATION in + audit) + audit + ;; + *) echo "invalid operation (${OPERATION})."; + usage + exit 1 + ;; +esac
\ No newline at end of file diff --git a/packages/base/src/files/install/elk/config/elasticsearch.yml b/packages/base/src/files/install/elk/config/elasticsearch.yml new file mode 100644 index 000000000..618f2a241 --- /dev/null +++ b/packages/base/src/files/install/elk/config/elasticsearch.yml @@ -0,0 +1,392 @@ +##################### Elasticsearch Configuration Example ##################### + +# This file contains an overview of various configuration settings, +# targeted at operations staff. Application developers should +# consult the guide at <http://elasticsearch.org/guide>. +# +# The installation procedure is covered at +# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup.html>. +# +# Elasticsearch comes with reasonable defaults for most settings, +# so you can try it out without bothering with configuration. +# +# Most of the time, these defaults are just fine for running a production +# cluster. If you're fine-tuning your cluster, or wondering about the +# effect of certain configuration option, please _do ask_ on the +# mailing list or IRC channel [http://elasticsearch.org/community]. + +# Any element in the configuration can be replaced with environment variables +# by placing them in ${...} notation. For example: +# +#node.rack: ${RACK_ENV_VAR} + +# For information on supported formats and syntax for the config file, see +# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html> + + +################################### Cluster ################################### + +# Cluster name identifies your cluster for auto-discovery. If you're running +# multiple clusters on the same network, make sure you're using unique names. +# +#cluster.name: elasticsearch +cluster.name: ${{FQDN}}-policy-sa + + +#################################### Node ##################################### + +# Node names are generated dynamically on startup, so you're relieved +# from configuring them manually. You can tie this node to a specific name: +# +#node.name: "Franz Kafka" +node.name: "${{FQDN}}" + +# Every node can be configured to allow or deny being eligible as the master, +# and to allow or deny to store the data. +# +# Allow this node to be eligible as a master node (enabled by default): +# +#node.master: true +# +# Allow this node to store data (enabled by default): +# +#node.data: true + +# You can exploit these settings to design advanced cluster topologies. +# +# 1. You want this node to never become a master node, only to hold data. +# This will be the "workhorse" of your cluster. +# +#node.master: false +#node.data: true +# +# 2. You want this node to only serve as a master: to not store any data and +# to have free resources. This will be the "coordinator" of your cluster. +# +#node.master: true +#node.data: false +# +# 3. You want this node to be neither master nor data node, but +# to act as a "search load balancer" (fetching data from nodes, +# aggregating results, etc.) +# +#node.master: false +#node.data: false + +# Use the Cluster Health API [http://localhost:9200/_cluster/health], the +# Node Info API [http://localhost:9200/_nodes] or GUI tools +# such as <http://www.elasticsearch.org/overview/marvel/>, +# <http://github.com/karmi/elasticsearch-paramedic>, +# <http://github.com/lukas-vlcek/bigdesk> and +# <http://mobz.github.com/elasticsearch-head> to inspect the cluster state. + +# A node can have generic attributes associated with it, which can later be used +# for customized shard allocation filtering, or allocation awareness. An attribute +# is a simple key value pair, similar to node.key: value, here is an example: +# +#node.rack: rack314 + +# By default, multiple nodes are allowed to start from the same installation location +# to disable it, set the following: +node.max_local_storage_nodes: 1 + + +#################################### Index #################################### + +# You can set a number of options (such as shard/replica options, mapping +# or analyzer definitions, translog settings, ...) for indices globally, +# in this file. +# +# Note, that it makes more sense to configure index settings specifically for +# a certain index, either when creating it or by using the index templates API. +# +# See <http://elasticsearch.org/guide/en/elasticsearch/reference/current/index-modules.html> and +# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/indices-create-index.html> +# for more information. + +# Set the number of shards (splits) of an index (5 by default): +# +#index.number_of_shards: 5 + +# Set the number of replicas (additional copies) of an index (1 by default): +# +#index.number_of_replicas: 1 + +# Note, that for development on a local machine, with small indices, it usually +# makes sense to "disable" the distributed features: +# +index.number_of_shards: 1 +index.number_of_replicas: 0 + +# These settings directly affect the performance of index and search operations +# in your cluster. Assuming you have enough machines to hold shards and +# replicas, the rule of thumb is: +# +# 1. Having more *shards* enhances the _indexing_ performance and allows to +# _distribute_ a big index across machines. +# 2. Having more *replicas* enhances the _search_ performance and improves the +# cluster _availability_. +# +# The "number_of_shards" is a one-time setting for an index. +# +# The "number_of_replicas" can be increased or decreased anytime, +# by using the Index Update Settings API. +# +# Elasticsearch takes care about load balancing, relocating, gathering the +# results from nodes, etc. Experiment with different settings to fine-tune +# your setup. + +# Use the Index Status API (<http://localhost:9200/A/_status>) to inspect +# the index status. + + +#################################### Paths #################################### + +# Path to directory containing configuration (this file and logging.yml): +# +#path.conf: /path/to/conf + +# Path to directory where to store index data allocated for this node. +# +#path.data: /path/to/data +# +# Can optionally include more than one location, causing data to be striped across +# the locations (a la RAID 0) on a file level, favouring locations with most free +# space on creation. For example: +# +#path.data: /path/to/data1,/path/to/data2 + +# Path to temporary files: +# +#path.work: /path/to/work + +# Path to log files: +# +#path.logs: /path/to/logs +path.logs: ${{POLICY_HOME}}/logs + +# Path to where plugins are installed: +# +#path.plugins: /path/to/plugins + + +#################################### Plugin ################################### + +# If a plugin listed here is not installed for current node, the node will not start. +# +#plugin.mandatory: mapper-attachments,lang-groovy + + +################################### Memory #################################### + +# Elasticsearch performs poorly when JVM starts swapping: you should ensure that +# it _never_ swaps. +# +# Set this property to true to lock the memory: +# +#bootstrap.mlockall: true + +# Make sure that the ES_MIN_MEM and ES_MAX_MEM environment variables are set +# to the same value, and that the machine has enough memory to allocate +# for Elasticsearch, leaving enough memory for the operating system itself. +# +# You should also make sure that the Elasticsearch process is allowed to lock +# the memory, eg. by using `ulimit -l unlimited`. + + +############################## Network And HTTP ############################### + +# Elasticsearch, by default, binds itself to the 0.0.0.0 address, and listens +# on port [9200-9300] for HTTP traffic and on port [9300-9400] for node-to-node +# communication. (the range means that if the port is busy, it will automatically +# try the next port). + +# Set the bind address specifically (IPv4 or IPv6): +# +#network.bind_host: 10.00.10.00 + +# Set the address other nodes will use to communicate with this node. If not +# set, it is automatically derived. It must point to an actual IP address. +# +#network.publish_host: 10.00.10.00 + +# Set both 'bind_host' and 'publish_host': +# +#network.host: 10.00.10.00 + +# Set a custom port for the node to node communication (9300 by default): +# +#transport.tcp.port: 9300 + +# Enable compression for all communication between nodes (disabled by default): +# +#transport.tcp.compress: true + +# Set a custom port to listen for HTTP traffic: +# +#http.port: 9200 + +# Set a custom allowed content length: +# +#http.max_content_length: 100mb + +# Disable HTTP completely: +# +#http.enabled: false + + +################################### Gateway ################################### + +# The gateway allows for persisting the cluster state between full cluster +# restarts. Every change to the state (such as adding an index) will be stored +# in the gateway, and when the cluster starts up for the first time, +# it will read its state from the gateway. + +# There are several types of gateway implementations. For more information, see +# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-gateway.html>. + +# The default gateway type is the "local" gateway (recommended): +# +#gateway.type: local + +# Settings below control how and when to start the initial recovery process on +# a full cluster restart (to reuse as much local data as possible when using shared +# gateway). + +# Allow recovery process after N nodes in a cluster are up: +# +#gateway.recover_after_nodes: 1 + +# Set the timeout to initiate the recovery process, once the N nodes +# from previous setting are up (accepts time value): +# +#gateway.recover_after_time: 5m + +# Set how many nodes are expected in this cluster. Once these N nodes +# are up (and recover_after_nodes is met), begin recovery process immediately +# (without waiting for recover_after_time to expire): +# +#gateway.expected_nodes: 2 + + +############################# Recovery Throttling ############################# + +# These settings allow to control the process of shards allocation between +# nodes during initial recovery, replica allocation, rebalancing, +# or when adding and removing nodes. + +# Set the number of concurrent recoveries happening on a node: +# +# 1. During the initial recovery +# +#cluster.routing.allocation.node_initial_primaries_recoveries: 4 +# +# 2. During adding/removing nodes, rebalancing, etc +# +#cluster.routing.allocation.node_concurrent_recoveries: 2 + +# Set to throttle throughput when recovering (eg. 100mb, by default 20mb): +# +#indices.recovery.max_bytes_per_sec: 20mb + +# Set to limit the number of open concurrent streams when +# recovering a shard from a peer: +# +#indices.recovery.concurrent_streams: 5 + + +################################## Discovery ################################## + +# Discovery infrastructure ensures nodes can be found within a cluster +# and master node is elected. Multicast discovery is the default. + +# Set to ensure a node sees N other master eligible nodes to be considered +# operational within the cluster. This should be set to a quorum/majority of +# the master-eligible nodes in the cluster. +# +#discovery.zen.minimum_master_nodes: 1 + +# Set the time to wait for ping responses from other nodes when discovering. +# Set this option to a higher value on a slow or congested network +# to minimize discovery failures: +# +#discovery.zen.ping.timeout: 3s + +# For more information, see +# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-zen.html> + +# Unicast discovery allows to explicitly control which nodes will be used +# to discover the cluster. It can be used when multicast is not present, +# or to restrict the cluster communication-wise. +# +# 1. Disable multicast discovery (enabled by default): +# +#discovery.zen.ping.multicast.enabled: false +# +# 2. Configure an initial list of master nodes in the cluster +# to perform discovery when new nodes (master or data) are started: +# +#discovery.zen.ping.unicast.hosts: ["host1", "host2:port"] + +# EC2 discovery allows to use AWS EC2 API in order to perform discovery. +# +# You have to install the cloud-aws plugin for enabling the EC2 discovery. +# +# For more information, see +# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-ec2.html> +# +# See <http://elasticsearch.org/tutorials/elasticsearch-on-ec2/> +# for a step-by-step tutorial. + +# GCE discovery allows to use Google Compute Engine API in order to perform discovery. +# +# You have to install the cloud-gce plugin for enabling the GCE discovery. +# +# For more information, see <https://github.com/elasticsearch/elasticsearch-cloud-gce>. + +# Azure discovery allows to use Azure API in order to perform discovery. +# +# You have to install the cloud-azure plugin for enabling the Azure discovery. +# +# For more information, see <https://github.com/elasticsearch/elasticsearch-cloud-azure>. + +################################## Slow Log ################################## + +# Shard level query and fetch threshold logging. + +#index.search.slowlog.threshold.query.warn: 10s +#index.search.slowlog.threshold.query.info: 5s +#index.search.slowlog.threshold.query.debug: 2s +#index.search.slowlog.threshold.query.trace: 500ms + +#index.search.slowlog.threshold.fetch.warn: 1s +#index.search.slowlog.threshold.fetch.info: 800ms +#index.search.slowlog.threshold.fetch.debug: 500ms +#index.search.slowlog.threshold.fetch.trace: 200ms + +#index.indexing.slowlog.threshold.index.warn: 10s +#index.indexing.slowlog.threshold.index.info: 5s +#index.indexing.slowlog.threshold.index.debug: 2s +#index.indexing.slowlog.threshold.index.trace: 500ms + +################################## GC Logging ################################ + +#monitor.jvm.gc.young.warn: 1000ms +#monitor.jvm.gc.young.info: 700ms +#monitor.jvm.gc.young.debug: 400ms + +#monitor.jvm.gc.old.warn: 10s +#monitor.jvm.gc.old.info: 5s +#monitor.jvm.gc.old.debug: 2s + +################################## Security ################################ + +# Uncomment if you want to enable JSONP as a valid return transport on the +# http server. With this enabled, it may pose a security risk, so disabling +# it unless you need it is recommended (it is disabled by default). +# +#http.jsonp.enable: true + +discovery.zen.ping.multicast.enabled: false +node.local: true +action.auto_create_index: false diff --git a/packages/base/src/files/install/elk/init.d/elkd b/packages/base/src/files/install/elk/init.d/elkd new file mode 100644 index 000000000..539b4be3e --- /dev/null +++ b/packages/base/src/files/install/elk/init.d/elkd @@ -0,0 +1,76 @@ +#!/bin/bash + +ELK_BASE=${POLICY_HOME}/elk/ +ELK_RUNNING="^$JAVA_HOME/bin/java .* -cp.* org.elasticsearch.bootstrap.Elasticsearch$" +COMPONENT=elk + +JMX_JAVA_OPTS="${JMX_JAVA_OPTS} -Dcom.sun.management.jmxremote" +JMX_JAVA_OPTS="${JMX_JAVA_OPTS} -Dcom.sun.management.jmxremote.port=${{ELK_JMX_PORT}}" +JMX_JAVA_OPTS="${JMX_JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=false" +JMX_JAVA_OPTS="${JMX_JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=false" + +RETVAL=0 + +function update_monitor() { + COMPONENT=$1 + STATUS=$2 + if [[ -f ${POLICY_HOME}/etc/monitor/monitor.cfg ]]; then + /bin/sed -i.bak \ + -e "s/^${COMPONENT}=.*/${COMPONENT}=${STATUS}/g" \ + ${POLICY_HOME}/etc/monitor/monitor.cfg + fi +} + +function stop() { + pkill -u ${POLICY_USER} -f "${ELK_RUNNING}" -TERM + RETVAL=$? + if [[ ${RETVAL} != 0 ]]; then + sleep 2 + pkill -u ${POLICY_USER} -f "${ELK_RUNNING}" -KILL + RETVAL=$? + fi + update_monitor ${COMPONENT} off + sleep 1 +} + +function start() { + export JAVA_OPTS="${JAVA_OPTS} ${JMX_JAVA_OPTS}" + $POLICY_HOME/elk/bin/elasticsearch -d + RETVAL=$? + if [[ ${RETVAL} != 0 ]]; then + update_monitor ${COMPONENT} off + else + update_monitor ${COMPONENT} on + fi +} + +# main + +case "$1" in + status) + pid=$(pgrep -f -u ${POLICY_USER} "${ELK_RUNNING}" 2> /dev/null) + RETVAL=$? + if [ $RETVAL -eq 0 ]; then + echo "running with pid ${pid}" + else + echo "stopped" + fi + ;; + restart) + stop + sleep 2 + start + ;; + start) + start + ;; + stop) + stop + ;; + *) + echo "error: invalid option $@" + RETVAL=1 + ;; +esac + +exit ${RETVAL}
\ No newline at end of file |