From c2d4e870c8f0c31528a204a44442ed638e973f33 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Mon, 3 Apr 2023 16:50:34 -0400 Subject: [PATCH] Fixup Elastic Fleet --- salt/allowed_states.map.jinja | 2 +- salt/common/tools/sbin/so-elastic-fleet-setup | 7 +++---- salt/elasticfleet/init.sls | 3 --- salt/top.sls | 2 +- 4 files changed, 5 insertions(+), 9 deletions(-) diff --git a/salt/allowed_states.map.jinja b/salt/allowed_states.map.jinja index f0dcdd7b1..9f652e389 100644 --- a/salt/allowed_states.map.jinja +++ b/salt/allowed_states.map.jinja @@ -198,7 +198,7 @@ 'logstash', 'healthcheck', 'schedule', - 'elastic-fleet', + 'elasticfleet', 'docker_clean' ], 'so-receiver': [ diff --git a/salt/common/tools/sbin/so-elastic-fleet-setup b/salt/common/tools/sbin/so-elastic-fleet-setup index 6848aa432..c9c9ecf5c 100755 --- a/salt/common/tools/sbin/so-elastic-fleet-setup +++ b/salt/common/tools/sbin/so-elastic-fleet-setup @@ -24,7 +24,6 @@ mkdir -p /opt/so/conf/elastic-fleet/certs cp /etc/ssl/certs/intca.crt /opt/so/conf/elastic-fleet/certs cp /etc/pki/elasticfleet* /opt/so/conf/elastic-fleet/certs -{% if grains.role in ['so-import', 'so-eval'] %} # Add SO-Manager Elasticsearch Ouput ESCACRT=$(openssl x509 -in /opt/so/conf/elastic-fleet/certs/intca.crt) JSON_STRING=$( jq -n \ @@ -33,7 +32,7 @@ JSON_STRING=$( jq -n \ curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/outputs" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" printf "\n\n" -{% else %} +{% if grains.role not in ['so-import', 'so-eval'] %} # Create Logstash Output payload LOGSTASHCRT=$(openssl x509 -in /opt/so/conf/elastic-fleet/certs/elasticfleet.crt) LOGSTASHKEY=$(openssl rsa -in /opt/so/conf/elastic-fleet/certs/elasticfleet.key) @@ -42,13 +41,13 @@ JSON_STRING=$( jq -n \ --arg LOGSTASHCRT "$LOGSTASHCRT" \ --arg LOGSTASHKEY "$LOGSTASHKEY" \ --arg LOGSTASHCA "$LOGSTASHCA" \ - '{"name":"so-manager_logstash","id":"so-manager_logstash","type":"logstash","hosts":["{{ GLOBALS.manager_ip }}:5055"],"config_yaml":"","ssl":{"certificate": $LOGSTASHCRT,"key": $LOGSTASHKEY,"certificate_authorities":[ $LOGSTASHCA ]}}' + '{"name":"so-manager_logstash","is_default":true,"is_default_monitoring":true,"id":"so-manager_logstash","type":"logstash","hosts":["{{ GLOBALS.manager_ip }}:5055"],"config_yaml":"","ssl":{"certificate": $LOGSTASHCRT,"key": $LOGSTASHKEY,"certificate_authorities":[ $LOGSTASHCA ]},"proxy_id":null}' ) -{%- endif %} # Add SO-Manager Logstash Ouput curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/outputs" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" printf "\n\n" +{%- endif %} # Add Elastic Fleet Integrations diff --git a/salt/elasticfleet/init.sls b/salt/elasticfleet/init.sls index 4218eca67..0d393761c 100644 --- a/salt/elasticfleet/init.sls +++ b/salt/elasticfleet/init.sls @@ -52,11 +52,8 @@ so-elastic-fleet: - sobridge: - ipv4_address: {{ DOCKER.containers['so-elastic-fleet'].ip }} - extra_hosts: - {% if GLOBALS.is_manager %} - {{ GLOBALS.manager }}:{{ GLOBALS.manager_ip }} - {% else %} - {{ GLOBALS.hostname }}:{{ GLOBALS.node_ip }} - {% endif %} - port_bindings: {% for BINDING in DOCKER.containers['so-elastic-fleet'].port_bindings %} - {{ BINDING }} diff --git a/salt/top.sls b/salt/top.sls index 305fee9dc..8cad2816c 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -346,7 +346,7 @@ base: - telegraf - firewall - logstash - - elastic-fleet + - elasticfleet - schedule - docker_clean