Disable the security plugin by default.
This commit is contained in:
parent
19c5dd7f47
commit
ac47ada043
48
README.md
48
README.md
|
@ -10,6 +10,54 @@ Role Variables
|
|||
The most important variables are listed below:
|
||||
|
||||
``` yaml
|
||||
opensearch_install: true
|
||||
opensearch_enabled: true
|
||||
opensearch_major_version: 1
|
||||
opensearch_minor_version: 3
|
||||
opensearch_patch_version: 2
|
||||
opensearch_version: '{{ opensearch_major_version }}.{{ opensearch_minor_version }}.{{ opensearch_patch_version }}'
|
||||
opensearch_versioned: 'opensearch-{{ opensearch_version }}'
|
||||
opensearch_filename: '{{ opensearch_versioned }}-linux-x64.tar.gz'
|
||||
opensearch_download_url: 'https://artifacts.opensearch.org/releases/bundle/opensearch/{{ opensearch_version }}/{{ opensearch_filename }}'
|
||||
opensearch_cli_tools_file: 'opensearch-cli-1.1.0-linux-x64.zip'
|
||||
opensearch_cli_tools_url: 'https://artifacts.opensearch.org/opensearch-clients/opensearch-cli/{{ opensearch_cli_tools_file }}'
|
||||
opensearch_user: opensearch
|
||||
opensearch_base_install_dir: /opt/opensearch
|
||||
opensearch_config_dir: '{{ opensearch_base_install_dir }}/config'
|
||||
opensearch_bin_dir: '{{ opensearch_base_install_dir }}/bin'
|
||||
opensearch_cluster_name: 'Opensearch Cluster'
|
||||
opensearch_http_port: 9200
|
||||
opensearch_transport_min_port: 9300
|
||||
opensearch_transport_max_port: 9400
|
||||
opensearch_data_dirs:
|
||||
- /var/lib/opensearch
|
||||
opensearch_log_dir: /var/log/opensearch
|
||||
opensearch_bind_ip: 0.0.0.0
|
||||
opensearch_single_node: true
|
||||
opensearch_discovery_host_list: '["127.0.0.1", "[::1]"]'
|
||||
opensearch_define_majority_of_nodes: true
|
||||
opensearch_majority_of_nodes: 1
|
||||
opensearch_bootstrap_known_masters:
|
||||
- '{{ ansible_fqdn }}'
|
||||
opensearch_real_cluster: false
|
||||
opensearch_recover_after_nodes: 3
|
||||
opensearch_max_local_storage_nodes: 1
|
||||
opensearch_destructive_requires_name: true
|
||||
opensearch_define_heap_size: false
|
||||
opensearch_heap_size: 2g
|
||||
opensearch_additional_java_opts: '-server -Djava.awt.headless=true -Dfile.encoding=UTF-8'
|
||||
opensearch_java_io_tmpdir: '/var/tmp'
|
||||
opensearch_additional_conf:
|
||||
- {name: 'search.max_buckets', value: '65535'}
|
||||
opensearch_max_open_files: 65535
|
||||
opensearch_max_processes: 8192
|
||||
opensearch_cluster_routing_allocation_disk_threshold_enabled: 'true'
|
||||
opensearch_cluster_routing_allocation_disk_watermark_low: '85%'
|
||||
opensearch_cluster_routing_allocation_disk_watermark_high: '90%'
|
||||
# Compatibility with kernels <= 3.5. Set to False if you are using a newer kernel
|
||||
opensearch_disable_bootstrap_syscall_filter: true
|
||||
opensearch_security_enabled: false
|
||||
|
||||
```
|
||||
|
||||
Dependencies
|
||||
|
|
|
@ -13,6 +13,8 @@ opensearch_cli_tools_url: 'https://artifacts.opensearch.org/opensearch-clients/o
|
|||
opensearch_user: opensearch
|
||||
opensearch_base_install_dir: /opt/opensearch
|
||||
opensearch_config_dir: '{{ opensearch_base_install_dir }}/config'
|
||||
opensearch_plugins_dir: '{{ opensearch_base_install_dir }}/plugins'
|
||||
opensearch_disabled_plugins_dir: '{{ opensearch_base_install_dir }}/disabled-plugins'
|
||||
opensearch_bin_dir: '{{ opensearch_base_install_dir }}/bin'
|
||||
|
||||
opensearch_cluster_name: 'Opensearch Cluster'
|
||||
|
@ -47,6 +49,21 @@ opensearch_cluster_routing_allocation_disk_watermark_low: '85%'
|
|||
opensearch_cluster_routing_allocation_disk_watermark_high: '90%'
|
||||
# Compatibility with kernels <= 3.5. Set to False if you are using a newer kernel
|
||||
opensearch_disable_bootstrap_syscall_filter: true
|
||||
opensearch_security_enabled: false
|
||||
opensearch_default_plugins:
|
||||
- opensearch-alerting
|
||||
- opensearch-anomaly-detection
|
||||
- opensearch-asynchronous-search
|
||||
- opensearch-cross-cluster-replication
|
||||
- opensearch-index-management
|
||||
- opensearch-job-scheduler
|
||||
- opensearch-knn
|
||||
- opensearch-ml
|
||||
- opensearch-observability
|
||||
- opensearch-performance-analyzer
|
||||
- opensearch-reports-scheduler
|
||||
- opensearch-security
|
||||
- opensearch-sql
|
||||
|
||||
# Only name and value are mandatory. The others have defaults
|
||||
# systemctl_custom_options:
|
||||
|
|
|
@ -64,6 +64,24 @@
|
|||
|
||||
tags: ['opensearch']
|
||||
|
||||
- name: Opensearch plugins
|
||||
block:
|
||||
- name: Create the opensearch 'disabled_plugins' directory
|
||||
file:
|
||||
dest: '{{ opensearch_disabled_plugins_dir }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Manage the security plugin
|
||||
command: mv {{ opensearch_plugins_dir }}/opensearch-security {{ opensearch_disabled_plugins_dir }}/opensearch-security
|
||||
args:
|
||||
creates: '{{ opensearch_disabled_plugins_dir }}/opensearch-security'
|
||||
when: not opensearch_security_enabled
|
||||
|
||||
tags: ['opensearch', 'opensearch_plugins']
|
||||
|
||||
- name: Opensearch configuration
|
||||
block:
|
||||
- name: Install the opensearch JVM options
|
||||
|
|
|
@ -20,21 +20,25 @@ cluster.name: {{ opensearch_cluster_name }}
|
|||
# Use a descriptive name for the node:
|
||||
#
|
||||
node.name: {{ ansible_fqdn }}
|
||||
|
||||
#
|
||||
{% if not opensearch_single_node %}
|
||||
cluster.initial_master_nodes:
|
||||
{% for n in opensearch_bootstrap_known_masters %}
|
||||
- {{ n }}
|
||||
{% endfor %}
|
||||
|
||||
#
|
||||
# Add custom attributes to the node:
|
||||
#
|
||||
# node.rack: r1
|
||||
{% endif %}
|
||||
#
|
||||
# ----------------------------------- Paths ------------------------------------
|
||||
#
|
||||
# Path to directory where to store the data (separate multiple locations by comma):
|
||||
#
|
||||
path.data: {% for data_dir in opensearch_data_dirs %}{{ data_dir }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||
|
||||
#
|
||||
# Path to log files:
|
||||
#
|
||||
|
|
Loading…
Reference in New Issue