virt start

salt/setup/virt/searchnode.yaml

@@ -0,0 +1,18 @@
+MAINIP:
+MNIC: eth0
+NODE_DESCRIPTION: 'virt search'
+ES_HEAP_SIZE:
+PATCHSCHEDULENAME:
+INTERFACE: bond0
+NODETYPE: SEARCHNODE
+CORECOUNT: 16
+LSHOSTNAME:
+LSHEAP:
+CPUCORES: 16
+IDH_MGTRESTRICT:
+IDH_SERVICES:
+CPU: 16
+MEMORY: 32
+DISKS: 1
+COPPER: 0
+SFP: 0

salt/setup/virt/sensor.yaml

@@ -0,0 +1,19 @@
+MAINIP:
+MNIC: eth0
+NODE_DESCRIPTION: 'virt sensor'
+ES_HEAP_SIZE:
+PATCHSCHEDULENAME:
+INTERFACE: bond0
+NODETYPE: SENSOR
+CORECOUNT: 4
+LSHOSTNAME:
+LSHEAP:
+CPUCORES: 4
+IDH_MGTRESTRICT:
+IDH_SERVICES:
+CPU: 16
+MEMORY: 16
+DISKS: 1
+COPPER:
+  - 1
+SFP: 2

salt/setup/virt/setHostname.sls

@@ -0,0 +1,61 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+{% from 'soinstall.map.jinja' import DATA %}
+
+setHostname_{{grains.id.split("_") | first}}:
+  network.system:
+    - name: {{grains.id.split("_") | first}}
+    - enabled: True
+    - hostname: {{grains.id.split("_") | first}}
+    - apply_hostname: True
+
+create_pillar:
+  event.send:
+    - name: setup/so-minion
+    - data:
+        MAINIP: {{ DATA.MAINIP }}
+        MNIC: {{ DATA.MNIC }}
+        NODE_DESCRIPTION: '{{ DATA.NODE_DESCRIPTION }}'
+        ES_HEAP_SIZE: {{ DATA.ES_HEAP_SIZE }}
+        PATCHSCHEDULENAME: {{ DATA.PATCHSCHEDULENAME }}
+        INTERFACE: {{ DATA.INTERFACE }}
+        NODETYPE: {{ DATA.NODETYPE }}
+        CORECOUNT: {{ DATA.CORECOUNT }}
+        LSHOSTNAME: {{ DATA.LSHOSTNAME }}
+        LSHEAP: {{ DATA.LSHEAP }}
+        CPUCORES: {{ DATA.CPUCORES }}
+        IDH_MGTRESTRICT: {{ DATA.IDH_MGTRESTRICT }}
+        IDH_SERVICES: {{ DATA.IDH_SERVICES }}
+        CPU: {{ DATA.CPU }}
+        MEMORY: {{ DATA.MEMORY }}
+        DISKS: {{ DATA.DISKS }}
+        COPPER: {{ DATA.COPPER }}
+        SFP: {{ DATA.SFP }}
+
+
+# set event for firewall rules - so-firewall-minion
+
+clean_sls_list:
+  file.line:
+    - name: /etc/salt/minion
+    - match: 'sls_list:'
+    - mode: delete
+
+clean_setHostname:
+  file.line:
+    - name: /etc/salt/minion
+    - match: '- setHostname'
+    - mode: delete
+    - onchanges:
+      - file: clean_sls_list
+
+set_highstate:
+  file.replace:
+    - name: /etc/salt/minion
+    - pattern: 'startup_states: sls'
+    - repl: 'startup_states: highstate'
+    - onchanges:
+      - file: clean_setHostname

salt/setup/virt/soinstall.map.jinja

@@ -0,0 +1,34 @@
+{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+   or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+   https://securityonion.net/license; you may not use this file except in compliance with the
+   Elastic License 2.0. #}
+
+{% set nodetype = grains.id.split("_") | last %}
+{% import_yaml nodetype ~ '.yaml' as DATA %}
+{% set total_mem  = grains.mem_total %}
+
+{% do DATA.update({'MAINIP': grains.ip_interfaces.get(DATA.MNIC)[0]}) %}
+{% do DATA.update({'CORECOUNT': grains.num_cpus}) %}
+{% do DATA.update({'CPUCORES': grains.num_cpus}) %}
+
+
+{% if nodetype = "searchnode" %}
+
+{%   do DATA.update({'LSHOSTNAME': grains.host}) %}
+
+{#   this replicates the function es_heapsize in so-functions #}
+{%   if total_mem < 8000 %}
+{%     set ES_HEAP_SIZE = "600m" %}
+{%   elif total_mem >= 100000 %}
+{%     set ES_HEAP_SIZE = "25000m" %}
+{%   else %}
+{%    set ES_HEAP_SIZE = total_mem / 3 %}
+{%    if ES_HEAP_SIZE > 25000 %}
+{%      set ES_HEAP_SIZE = "25000m" %}
+{%    else %}
+{%      set ES_HEAP_SIZE = ES_HEAP_SIZE ~ "m" %}
+{%    endif %}
+{%   endif %}
+{%   do DATA.update({'ES_HEAP_SIZE': ES_HEAP_SIZE}) %}
+
+{% endif %}