[fix] Add Elasticsearch to containers running on Helix sensor

2025-12-06 17:22:49 +01:00 · 2020-12-16 09:07:38 -05:00
parent 805e25f495
commit a4897d2063
5 changed files with 9 additions and 8 deletions
--- a/salt/common/tools/sbin/so-image-common
+++ b/salt/common/tools/sbin/so-image-common
@@ -84,6 +84,7 @@ container_list() {
    TRUSTED_CONTAINERS=(
      "so-filebeat"
      "so-idstools"
      "so-elasticsearch"
      "so-logstash"
      "so-nginx"
      "so-redis"
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -504,11 +504,12 @@ else
  update_docker_containers "soup"
  FEATURESCHECK=$(lookup_pillar features elastic)
  if [[ "$FEATURESCHECK" == "True" ]]; then 
-    TRUSTED_CONTAINERS=( \
+    TRUSTED_CONTAINERS=(
-      "so-elasticsearch" \
+      "so-elasticsearch"
-      "so-filebeat" \
+      "so-filebeat"
-      "so-kibana" \
+      "so-kibana"
-      "so-logstash" )
+      "so-logstash" 
    )
    update_docker_containers "features" "-features"
  fi
 fi
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -45,10 +45,8 @@
 {% set DOCKER_OPTIONS = salt['pillar.get']('logstash:docker_options', {}) %}
 {% set TEMPLATES = salt['pillar.get']('elasticsearch:templates', {}) %}
 {% if grains['role'] != 'so-helix' %}
 include:
  - elasticsearch
 {% endif %}
 # Create the logstash group
 logstashgroup:
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -61,6 +61,7 @@ base:
    - suricata
    - zeek
    - redis
    - elasticsearch
    - logstash
    {%- if FILEBEAT %}
    - filebeat
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -692,7 +692,7 @@ set_redirect >> $setup_log 2>&1
 		salt-call state.apply -l info nginx >> $setup_log 2>&1
 	fi
-	if [[ $is_manager || $is_node || $is_import ]]; then
+	if [[ $is_manager || $is_node || $is_import || $is_helix ]]; then
 		set_progress_str 64 "$(print_salt_state_apply 'elasticsearch')"
 		salt-call state.apply -l info elasticsearch >> $setup_log 2>&1
 	fi