{"id":82,"date":"2013-04-24T23:54:24","date_gmt":"2013-04-24T23:54:24","guid":{"rendered":"http:\/\/bytesandbullets.com\/?p=82"},"modified":"2013-04-24T23:55:38","modified_gmt":"2013-04-24T23:55:38","slug":"centralized-logging-and-puppet","status":"publish","type":"post","link":"http:\/\/bytesandbullets.com\/?p=82","title":{"rendered":"Centralized Logging and Puppet"},"content":{"rendered":"

At $WORK I have been tasked with building a centralized logging infrastructure. After researching the\u00a0available\u00a0options I came across the following blog: edgeofsanity.net<\/a>. The author is implementing centralized logging with Kibana<\/a> and Logstash<\/a>.<\/p>\n

So I am following along, but since we only have 200 servers I am only building 2 servers, one to host Kibana<\/a> and one running elasticsearch<\/a>.<\/p>\n

<\/p>\n

I spent most of today configuring puppet to install, configure, and start elasticsearch. I started with this module<\/a>, but heavily modified it. I added directives for es_mem_size, cluster_name, and cluster_nodes as well as an init script. Since the new module is in my work repository I will need to clean it up before it is released. Below is the puppet node definition:<\/p>\n

node es01 inherits default {\r\n  include rootkey, iptables\r\n\r\n  ipt_fragment { \"ssh\" : ensure => present }\r\n  ipt_fragment { \"http_es\" : ensure => present }\r\n  ipt_fragment { \"snmp\" : ensure => present }\r\n\r\n  class { \"snmp\":\r\n    syslocation  => 'VM Tier2',\r\n    syscontact   => 'email@example.com',\r\n    rocommunity  => \"not_public\",\r\n  }\r\n\r\n  class { \"elasticsearch\" :\r\n    version => \"0.20.6\",\r\n    install_root => \"\/opt\",\r\n    es_mem_size => \"2g\",\r\n    cluster_name => \"logging\",\r\n    #cluster_nodes => ['node1.fqdn', 'node2.fqdn'], # module always adds current node to this list\r\n  }\r\n}<\/pre>\n","protected":false},"excerpt":{"rendered":"
At $WORK I have been tasked with building a centralized logging infrastructure. After researching the\u00a0available\u00a0options I came across the following blog: edgeofsanity.net. The author is implementing centralized logging with Kibana and Logstash. So I am following along, but since we … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18,7,17,16,9],"tags":[],"class_list":["post-82","post","type-post","status-publish","format-standard","hentry","category-elasticsearch","category-linux","category-logstash","category-puppet","category-server"],"_links":{"self":[{"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=\/wp\/v2\/posts\/82","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=82"}],"version-history":[{"count":5,"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=\/wp\/v2\/posts\/82\/revisions"}],"predecessor-version":[{"id":87,"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=\/wp\/v2\/posts\/82\/revisions\/87"}],"wp:attachment":[{"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=82"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=82"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bytesandbullets.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=82"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}