From f06ab8b77d3659e99bd9cd25470b58f99c3a0262 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Thu, 9 Sep 2021 08:55:36 -0400 Subject: [PATCH] testing defaults.yaml --- salt/elasticsearch/defaults.yaml | 426 +++++++++++++++---------------- salt/elasticsearch/init.sls | 3 +- 2 files changed, 213 insertions(+), 216 deletions(-) diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml index 7c506a9d2..b3db5aa0c 100644 --- a/salt/elasticsearch/defaults.yaml +++ b/salt/elasticsearch/defaults.yaml @@ -56,17 +56,7 @@ elasticsearch: close: 45 delete: 365 - - - persistent: - cluster: - remote: - default-cluster-name: - seeds: - - 127.0.0.1:9300 - transient: - {} - defaults: + cluster_settings: cluster: max_voting_config_exclusions: 10 auto_shrink_voting_configuration: true @@ -86,9 +76,9 @@ elasticsearch: read_only: false remote: node: - attr: + attr: "" initial_connect_timeout: 30s - connect: true + #connect: true #DEPRECATION connections_per_cluster: 3 follower_lag: timeout: 90000ms @@ -99,16 +89,16 @@ elasticsearch: allocation: node_concurrent_incoming_recoveries: 2 include: - _tier: + _tier: "" node_initial_primaries_recoveries: 4 same_shard: host: false - total_shards_per_node: -1 + total_shards_per_node: "-1" require: - _tier: - shard_state: - reroute: - priority: NORMAL + _tier: "" + #shard_state: #DEPRECATION + #reroute: #DEPRECATION + #priority: NORMAL #DEPRECATION type: balanced disk: threshold_enabled: true @@ -119,7 +109,7 @@ elasticsearch: low: 95% enable_for_single_data_node: false flood_stage.frozen: 95% - include_relocations: true + #include_relocations: true #DEPRECATION reroute_interval: 60s awareness: attributes: [] @@ -133,7 +123,7 @@ elasticsearch: cluster_concurrent_rebalance: 2 node_concurrent_recoveries: 2 exclude: - _tier: + _tier: "" indices: tombstones: size: 500 @@ -148,7 +138,7 @@ elasticsearch: publish: timeout: 30000ms info_timeout: 10000ms - name: default-cluster-name + name: {{ grains.host }} # Will change if true cluster fault_detection: leader_check: interval: 1000ms @@ -158,10 +148,10 @@ elasticsearch: interval: 1000ms timeout: 10000ms retry_count: 3 - join: - timeout: 60000ms + #join: #DEPRECATION + #timeout: 60000ms #DEPRECATION max_shards_per_node: 1000 - initial_master_nodes: [] + #initial_master_nodes: [] # ERROR setting [cluster.initial_master_nodes] is not allowed when [discovery.type] is set to [single-node] snapshot: info: max_concurrent_fetches: 5 @@ -176,9 +166,9 @@ elasticsearch: level: INFO bootstrap: memory_lock: false - system_call_filter: true + #system_call_filter: true #DEPRECATION ctrlhandler: true - processors: 8 + #processors: 8 #DEPRECATION ingest: user_agent: cache_size: 1000 @@ -198,14 +188,14 @@ elasticsearch: - 0.0.0.0 tcp: reuse_address: true - keep_count: -1 - connect_timeout: 30s - keep_interval: -1 + keep_count: "-1" + #connect_timeout: 30s #DEPRECATION + keep_interval: "-1" no_delay: true keep_alive: true - receive_buffer_size: -1b - keep_idle: -1 - send_buffer_size: -1b + receive_buffer_size: "-1b" + keep_idle: "-1" + send_buffer_size: "-1b" bind_host: - 0.0.0.0 server: true @@ -215,15 +205,15 @@ elasticsearch: overhead: 2.0 publish_host: - 0.0.0.0 - pidfile: + pidfile: "" path: data: [] logs: /var/log/elasticsearch - shared_data: + shared_data: "" home: /usr/share/elasticsearch repo: [] search: - default_search_timeout: -1 + default_search_timeout: "-1" highlight: term_vector_multi_value: true default_allow_partial_results: true @@ -234,10 +224,10 @@ elasticsearch: keep_alive_interval: 1m remote: node: - attr: - initial_connect_timeout: 30s - connect: true - connections_per_cluster: 3 + attr: "" + #initial_connect_timeout: 30s #DEPRECATION + #connect: true #DEPRECATION + #connections_per_cluster: 3 #DEPRECATION default_keep_alive: 5m max_keep_alive: 24h aggs: @@ -262,9 +252,9 @@ elasticsearch: wait_for_metadata_timeout: 60s repositories: fs: - compress: false + #compress: false #DEPRECATION chunk_size: 9223372036854775807b - location: + location: "" url: supported_protocols: - http @@ -297,32 +287,32 @@ elasticsearch: queue_capacity: 1024 max_concurrent_policy_executions: 50 xpack: - flattened: - enabled: true + #flattened: #DEPRECATION + #enabled: true #DEPRECATION watcher: execution: scroll: size: 0 - timeout: + timeout: "" default_throttle_period: 5s internal: ops: bulk: - default_timeout: + default_timeout: "" index: - default_timeout: + default_timeout: "" search: - default_timeout: + default_timeout: "" thread_pool: queue_size: 1000 size: 40 index: rest: - direct_access: + direct_access: "" use_ilm_index_management: true - history: - cleaner_service: - enabled: true + #history: #DEPRECATION + #cleaner_service: #DEPRECATION + #enabled: true #DEPRECATION trigger: schedule: ticker: @@ -330,11 +320,11 @@ elasticsearch: enabled: true input: search: - default_timeout: + default_timeout: "" encrypt_sensitive_data: false transform: search: - default_timeout: + default_timeout: "" stop: timeout: 30s watch: @@ -347,15 +337,15 @@ elasticsearch: actions: 1 actions: bulk: - default_timeout: + default_timeout: "" index: - default_timeout: - eql: - enabled: true - data_frame: - enabled: true - ilm: - enabled: true + default_timeout: "" + #eql: #DEPRECATION + #enabled: true #DEPRECATION + #data_frame: #DEPRECATION + #enabled: true #DEPRECATION + #ilm: #DEPRECATION + #enabled: true #DEPRECATION monitoring: migration: decommission_alerts: false @@ -390,7 +380,7 @@ elasticsearch: elasticsearch: collection: enabled: true - enabled: true + #enabled: true #DEPRECATION graph: enabled: true searchable: @@ -410,16 +400,16 @@ elasticsearch: min_time_delta: 60s decay: interval: 60s - size.max_headroom: -1 + size.max_headroom: "-1" range_size: 16mb max_freq: 100 rollup: - enabled: true + #enabled: true #DEPRECATION task_thread_pool: - queue_size: -1 + queue_size: "-1" size: 1 - sql: - enabled: true + #sql: #DEPRECATION + #enabled: true #DEPRECATION searchable_snapshots: cache_fetch_async_thread_pool: core: 0 @@ -439,13 +429,13 @@ elasticsearch: - trial self_generated: type: basic - logstash: - enabled: true + #logstash: #DEPRECATION + #enabled: true #DEPRECATION notification: pagerduty: - default_account: + default_account: "" email: - default_account: + default_account: "" html: sanitization: allow: @@ -464,9 +454,9 @@ elasticsearch: enabled: true interval: 15s jira: - default_account: + default_account: "" slack: - default_account: + default_account: "" security: operator_privileges: enabled: false @@ -484,6 +474,10 @@ elasticsearch: enabled: true ssl: enabled: true + verification_mode: none + certificate_authorities: /usr/share/elasticsearch/config/ca.crt + key: /usr/share/elasticsearch/config/elasticsearch.key + certificate: /usr/share/elasticsearch/config/elasticsearch.crt ssl: diagnose: trust: true @@ -532,13 +526,13 @@ elasticsearch: ttl: 24h delete: interval: 24h - timeout: -1 + timeout: "-1" enabled: false hashing: algorithm: pbkdf2 anonymous: authz_exception: true - roles: + roles: - superuser username: anonymous_user run_as: @@ -553,7 +547,7 @@ elasticsearch: token: delete: interval: 30m - timeout: -1 + timeout: "-1" enabled: false thread_pool: queue_size: 1000 @@ -571,13 +565,17 @@ elasticsearch: enabled: true ssl: enabled: true + client_authentication: none + key: /usr/share/elasticsearch/config/elasticsearch.key + certificate: /usr/share/elasticsearch/config/elasticsearch.crt + certificate_authorities: /usr/share/elasticsearch/config/ca.crt automata: max_determinized_states: 100000 cache: size: 10000 ttl: 48h enabled: true - user: null + user: "" authz: store: privileges: @@ -585,10 +583,10 @@ elasticsearch: ttl: 24h max_size: 10000 roles: - index: - cache: - ttl: 20m - max_size: 10000 + #index: #DEPRECATION + #cache: #DEPRECATION + #ttl: 20m #DEPRECATION + #max_size: 10000 #DEPRECATION cache: max_size: 10000 negative_lookup_cache: @@ -598,9 +596,9 @@ elasticsearch: max_size_in_bytes: 104857600 transform: num_transform_failure_retries: 10 - enabled: true - vectors: - enabled: true + #enabled: true #DEPRECATION + #vectors: #DEPRECATION + #enabled: true #DEPRECATION ccr: enabled: true ccr_thread_pool: @@ -608,14 +606,14 @@ elasticsearch: size: 32 idp: privileges: - application: + application: "" cache: size: 100 ttl: 90m metadata: signing: keystore: - alias: + alias: "" slo_endpoint: post: "https:" redirect: "https:" @@ -625,20 +623,20 @@ elasticsearch: allowed_nameid_formats: - urn:oasis:names:tc:SAML:2.0:nameid-format:transient contact: - given_name: - email: - surname: + given_name: "" + email: "" + surname: "" organization: - display_name: - name: + display_name: "" + name: "" url: "http:" sso_endpoint: post: "https:" redirect: "https:" - entity_id: + entity_id: "" signing: keystore: - alias: + alias: "" sp: cache: size: 1000 @@ -646,15 +644,15 @@ elasticsearch: wildcard: path: wildcard_services.json enabled: false - slm: - enabled: true - enrich: - enabled: true + #slm: + #enabled: true #DEPRECATION + #enrich: #DEPRECATION + #enabled: true #DEPRECATION http: default_connection_timeout: 10s proxy: - host: - scheme: + host: "" + scheme: "" port: 0 whitelist: - "*" @@ -673,7 +671,7 @@ elasticsearch: inference_model: cache_size: 40% time_to_live: 5m - nightly_maintenance_requests_per_second: -1.0 + nightly_maintenance_requests_per_second: "-1.0" node_concurrent_job_allocations: 2 max_model_memory_limit: 0b enabled: false @@ -713,15 +711,15 @@ elasticsearch: medium: 30s thread_pool: force_merge: - queue_size: -1 + queue_size: "-1" size: 1 fetch_shard_started: core: 1 max: 16 keep_alive: 5m - listener: - queue_size: -1 - size: 4 + #listener: #DEPRECATION + #queue_size: "-1" #DEPRECATION + #size: 4 #DEPRECATION refresh: core: 1 max: 4 @@ -738,12 +736,12 @@ elasticsearch: max: 4 keep_alive: 5m search: - max_queue_size: 1000 + #max_queue_size: 1000 #DEPRECATION queue_size: 1000 size: 13 - auto_queue_frame_size: 2000 - target_response_time: 1s - min_queue_size: 1000 + #auto_queue_frame_size: 2000 #DEPRECATION + #target_response_time: 1s #DEPRECATION + #min_queue_size: 1000 #DEPRECATION fetch_shard_store: core: 1 max: 16 @@ -774,23 +772,23 @@ elasticsearch: max: 4 keep_alive: 5m search_throttled: - max_queue_size: 100 + #max_queue_size: 100 #DEPRECATION queue_size: 100 size: 1 - auto_queue_frame_size: 200 - target_response_time: 1s - min_queue_size: 100 + #auto_queue_frame_size: 200 #DEPRECATION + #target_response_time: 1s #DEPRECATION + #min_queue_size: 100 #DEPRECATION index: codec: default recovery: - type: + type: "" store: - type: + type: "" fs: fs_lock: native preload: [] snapshot: - uncached_chunk_size: -1b + uncached_chunk_size: "-1b" cache: excluded_file_types: [] monitor: @@ -821,21 +819,21 @@ elasticsearch: transport: tcp: reuse_address: true - keep_count: -1 - connect_timeout: 30s - keep_interval: -1 - compress: false - port: 9300-9400 + keep_count: "-1" + #connect_timeout: 30s #DEPRECATION + keep_interval: "-1" + #compress: false #DEPRECATION + #port: 9300-9400 #DEPRECATION no_delay: true keep_alive: true - receive_buffer_size: -1b - keep_idle: -1 - send_buffer_size: -1b + receive_buffer_size: "-1b" + keep_idle: "-1" + send_buffer_size: "-1b" bind_host: - 0.0.0.0 connect_timeout: 30s compress: false - ping_schedule: -1 + ping_schedule: "-1" connections_per_node: recovery: 2 state: 1 @@ -856,7 +854,7 @@ elasticsearch: port: 9300-9400 host: [] publish_port: 9300 - tcp_no_delay: true + #tcp_no_delay: true #DEPRECATION publish_host: {{ grains.host }} netty: receive_predictor_size: 64kb @@ -865,57 +863,57 @@ elasticsearch: receive_predictor_min: 64kb boss_count: 1 script: - allowed_contexts: [] - max_compilations_rate: 20000/1m - cache: - max_size: 100 - expire: 0ms + allowed_contexts: none # ERROR have to set to none - should be list + #max_compilations_rate: 20000/1m #DEPRECATION + #cache: #DEPRECATION + #max_size: 100 #DEPRECATION + #expire: 0ms #DEPRECATION painless: regex: enabled: limited limit-factor: 6 max_size_in_bytes: 65535 - allowed_types: [] + allowed_types: none # ERROR have to set to none - should be list disable_max_compilations_rate: false indexing_pressure: memory: limit: 10% node: - data: true - roles: - - data_frozen - - data_warm - - transform - - data - - remote_cluster_client - - data_cold - - data_content - - data_hot - - ingest - - master - max_local_storage_nodes: 1 + #data: true #DEPRECATION + # roles: + # - data_frozen + # - data_warm + # - transform ERROR + # - data + # - remote_cluster_client + # - data_cold + # - data_content + # - data_hot + # - ingest + # - master + #max_local_storage_nodes: 1 #DEPRECATION processors: 8 store: allow_mmap: true - ingest: true - master: true - pidfile: - transform: true - remote_cluster_client: true + #ingest: true #DEPRECATION + #master: true #DEPRECATION + pidfile: "" + #transform: true #DEPRECATION + #remote_cluster_client: true #DEPRECATION enable_lucene_segment_infos_trace: false - local_storage: true + #local_storage: true #DEPRECATION name: {{ grains.host }} id: seed: 0 - voting_only: false + #voting_only: false #DEPRECATION attr: - transform: - node: true + #transform: ERROR + # node: true ERROR xpack: - installed: true + installed: "" box_type: hot portsfile: false - ml: true + #ml: true #DEPRECATION indices: replication: retry_timeout: 60s @@ -927,7 +925,7 @@ elasticsearch: max_in_flight_updates: 10 memory: interval: 5s - max_index_buffer_size: -1 + max_index_buffer_size: "-1" shard_inactive_time: 5m index_buffer_size: 10% min_index_buffer_size: 48mb @@ -968,7 +966,7 @@ elasticsearch: requests: cache: size: 1% - expire: 0ms + expire: 1ms #0ms - ERROR when set to 0ms, set to 1ms and ERROR gone store: delete: shard: @@ -990,7 +988,7 @@ elasticsearch: master_timeout: 30s fielddata: cache: - size: -1b + size: "-1b" plugin: mandatory: [] slm: @@ -999,48 +997,48 @@ elasticsearch: retention_duration: 1h history_index_enabled: true discovery: - seed_hosts: [] + #seed_hosts: [] # ERROR - it is forbidden to set both [discovery.seed_hosts] and [discovery.zen.ping.unicast.hosts] unconfigured_bootstrap_timeout: 3s request_peers_timeout: 3000ms zen: - commit_timeout: 30s - no_master_block: write - join_retry_delay: 100ms - join_retry_attempts: 3 - ping: - unicast: - concurrent_connects: 10 - hosts: [] - hosts.resolve_timeout: 5s - master_election: - ignore_non_master_pings: false - wait_for_joins_timeout: 30000ms - send_leave_request: true + #commit_timeout: 30s #DEPRECATION + #no_master_block: write #DEPRECATION + #join_retry_delay: 100ms #DEPRECATION + #join_retry_attempts: 3 #DEPRECATION + #ping: + #unicast: + #concurrent_connects: 10 # ERROR forbidden to set both [discovery.seed_resolver.max_concurrent_resolvers] and [discovery.zen.ping.unicast.concurrent_connects] + #hosts: [] # ERROR - it is forbidden to set both [discovery.seed_hosts] and [discovery.zen.ping.unicast.hosts] + #hosts.resolve_timeout: 5s # ERROR forbidden to set both [discovery.seed_resolver.timeout] and [discovery.zen.ping.unicast.hosts.resolve_timeout] + #master_election: #DEPRECATION + #ignore_non_master_pings: false #DEPRECATION + #wait_for_joins_timeout: 30000ms #DEPRECATION + #send_leave_request: true #DEPRECATION ping_timeout: 3s - bwc_ping_timeout: 3s - join_timeout: 60000ms - publish_diff: - enable: true - publish: - max_pending_cluster_states: 25 - minimum_master_nodes: -1 - unsafe_rolling_upgrades_enabled: true - hosts_provider: [] - publish_timeout: 30s - fd: - connect_on_network_disconnect: false - ping_interval: 1s - ping_retries: 3 - register_connection_listener: true - ping_timeout: 30s - max_pings_from_another_master: 3 + #bwc_ping_timeout: 3s #DEPRECATION + #join_timeout: 60000ms #DEPRECATION + #publish_diff: + #enable: true #DEPRECATION + #publish: #DEPRECATION + #max_pending_cluster_states: 25 #DEPRECATION + #minimum_master_nodes: "-1" #DEPRECATION + #unsafe_rolling_upgrades_enabled: true #DEPRECATION + #hosts_provider: # ERROR forbidden to set both [discovery.seed_providers] and [discovery.zen.hosts_provider] has to be commented out + #publish_timeout: 30s #DEPRECATION + #fd: #DEPRECATION + #connect_on_network_disconnect: false #DEPRECATION + #ping_interval: 1s #DEPRECATION + #ping_retries: 3 #DEPRECATION + #register_connection_listener: true #DEPRECATION + #ping_timeout: 30s #DEPRECATION + #max_pings_from_another_master: 3 #DEPRECATION initial_state_timeout: 30s cluster_formation_warning_timeout: 10000ms - seed_providers: [] - type: single-node - seed_resolver: - max_concurrent_resolvers: 10 - timeout: 5s + #seed_providers: # ERROR forbidden to set both [discovery.seed_providers] and [discovery.zen.hosts_provider] has to be commented out + type: zen # ERROR java.lang.IllegalArgumentException: node with [discovery.type] set to [single-node] must be master-eligible # test turning off + #seed_resolver: + #max_concurrent_resolvers: 10 # ERROR forbidden to set both [discovery.seed_resolver.max_concurrent_resolvers] and [discovery.zen.ping.unicast.concurrent_connects] + #timeout: 5s # forbidden to set both [discovery.seed_resolver.timeout] and [discovery.zen.ping.unicast.hosts.resolve_timeout] find_peers_interval: 1000ms probe: connect_timeout: 30s @@ -1048,7 +1046,7 @@ elasticsearch: http: cors: max-age: 1728000 - allow-origin: + allow-origin: "" allow-headers: X-Requested-With,Content-Type,Content-Length allow-credentials: false allow-methods: OPTIONS,HEAD,GET,POST,PUT,DELETE @@ -1060,10 +1058,10 @@ elasticsearch: pipelining: max_events: 10000 type.default: netty4 - content_type: - required: true + #content_type: #DEPRECATION + #required: true #DEPRECATION host: [] - publish_port: -1 + publish_port: "-1" read_timeout: 0ms max_content_length: 100mb netty: @@ -1072,40 +1070,40 @@ elasticsearch: worker_count: 0 tcp: reuse_address: true - keep_count: -1 - keep_interval: -1 + keep_count: "-1" + keep_interval: "-1" no_delay: true keep_alive: true - receive_buffer_size: -1b - keep_idle: -1 - send_buffer_size: -1b + receive_buffer_size: "-1b" + keep_idle: "-1" + send_buffer_size: "-1b" bind_host: [] client_stats: enabled: true reset_cookies: false - max_warning_header_count: -1 + max_warning_header_count: "-1" tracer: include: [] exclude: [] - max_warning_header_size: -1b + max_warning_header_size: "-1b" detailed_errors: enabled: true port: 9200-9300 max_header_size: 8kb - tcp_no_delay: true + #tcp_no_delay: true #DEPRECATION compression: false publish_host: [] gateway: - recover_after_master_nodes: 0 - expected_nodes: -1 - recover_after_data_nodes: -1 - expected_data_nodes: -1 + #recover_after_master_nodes: 0 #DEPRECATION + #expected_nodes: "-1" #DEPRECATION + recover_after_data_nodes: "-1" + expected_data_nodes: "-1" write_dangling_indices_info: true slow_write_logging_threshold: 10s recover_after_time: 0ms - expected_master_nodes: -1 - recover_after_nodes: -1 - auto_import_dangling_indices: false + #expected_master_nodes: "-1" #DEPRECATION + #recover_after_nodes: "-1" #DEPRECATION + #auto_import_dangling_indices: false #DEPRECATION snapshot: refresh_repo_uuid_on_restore: true max_concurrent_operations: 1000 diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls index 49f9fc04c..2deeef55c 100644 --- a/salt/elasticsearch/init.sls +++ b/salt/elasticsearch/init.sls @@ -140,10 +140,9 @@ eslog4jfile: esyml: file.managed: - name: /opt/so/conf/elasticsearch/elasticsearch.yml - - source: salt://elasticsearch/files/elasticsearch.yml + - contents: {{ ESCONFIG.elasticsearch.cluster_settings | yaml }} - user: 930 - group: 939 - - template: jinja esyml_test: file.managed: