Disable the security plugin by default.
This commit is contained in:
parent
19c5dd7f47
commit
ac47ada043
48
README.md
48
README.md
|
@ -10,6 +10,54 @@ Role Variables
|
||||||
The most important variables are listed below:
|
The most important variables are listed below:
|
||||||
|
|
||||||
``` yaml
|
``` yaml
|
||||||
|
opensearch_install: true
|
||||||
|
opensearch_enabled: true
|
||||||
|
opensearch_major_version: 1
|
||||||
|
opensearch_minor_version: 3
|
||||||
|
opensearch_patch_version: 2
|
||||||
|
opensearch_version: '{{ opensearch_major_version }}.{{ opensearch_minor_version }}.{{ opensearch_patch_version }}'
|
||||||
|
opensearch_versioned: 'opensearch-{{ opensearch_version }}'
|
||||||
|
opensearch_filename: '{{ opensearch_versioned }}-linux-x64.tar.gz'
|
||||||
|
opensearch_download_url: 'https://artifacts.opensearch.org/releases/bundle/opensearch/{{ opensearch_version }}/{{ opensearch_filename }}'
|
||||||
|
opensearch_cli_tools_file: 'opensearch-cli-1.1.0-linux-x64.zip'
|
||||||
|
opensearch_cli_tools_url: 'https://artifacts.opensearch.org/opensearch-clients/opensearch-cli/{{ opensearch_cli_tools_file }}'
|
||||||
|
opensearch_user: opensearch
|
||||||
|
opensearch_base_install_dir: /opt/opensearch
|
||||||
|
opensearch_config_dir: '{{ opensearch_base_install_dir }}/config'
|
||||||
|
opensearch_bin_dir: '{{ opensearch_base_install_dir }}/bin'
|
||||||
|
opensearch_cluster_name: 'Opensearch Cluster'
|
||||||
|
opensearch_http_port: 9200
|
||||||
|
opensearch_transport_min_port: 9300
|
||||||
|
opensearch_transport_max_port: 9400
|
||||||
|
opensearch_data_dirs:
|
||||||
|
- /var/lib/opensearch
|
||||||
|
opensearch_log_dir: /var/log/opensearch
|
||||||
|
opensearch_bind_ip: 0.0.0.0
|
||||||
|
opensearch_single_node: true
|
||||||
|
opensearch_discovery_host_list: '["127.0.0.1", "[::1]"]'
|
||||||
|
opensearch_define_majority_of_nodes: true
|
||||||
|
opensearch_majority_of_nodes: 1
|
||||||
|
opensearch_bootstrap_known_masters:
|
||||||
|
- '{{ ansible_fqdn }}'
|
||||||
|
opensearch_real_cluster: false
|
||||||
|
opensearch_recover_after_nodes: 3
|
||||||
|
opensearch_max_local_storage_nodes: 1
|
||||||
|
opensearch_destructive_requires_name: true
|
||||||
|
opensearch_define_heap_size: false
|
||||||
|
opensearch_heap_size: 2g
|
||||||
|
opensearch_additional_java_opts: '-server -Djava.awt.headless=true -Dfile.encoding=UTF-8'
|
||||||
|
opensearch_java_io_tmpdir: '/var/tmp'
|
||||||
|
opensearch_additional_conf:
|
||||||
|
- {name: 'search.max_buckets', value: '65535'}
|
||||||
|
opensearch_max_open_files: 65535
|
||||||
|
opensearch_max_processes: 8192
|
||||||
|
opensearch_cluster_routing_allocation_disk_threshold_enabled: 'true'
|
||||||
|
opensearch_cluster_routing_allocation_disk_watermark_low: '85%'
|
||||||
|
opensearch_cluster_routing_allocation_disk_watermark_high: '90%'
|
||||||
|
# Compatibility with kernels <= 3.5. Set to False if you are using a newer kernel
|
||||||
|
opensearch_disable_bootstrap_syscall_filter: true
|
||||||
|
opensearch_security_enabled: false
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Dependencies
|
Dependencies
|
||||||
|
|
|
@ -13,6 +13,8 @@ opensearch_cli_tools_url: 'https://artifacts.opensearch.org/opensearch-clients/o
|
||||||
opensearch_user: opensearch
|
opensearch_user: opensearch
|
||||||
opensearch_base_install_dir: /opt/opensearch
|
opensearch_base_install_dir: /opt/opensearch
|
||||||
opensearch_config_dir: '{{ opensearch_base_install_dir }}/config'
|
opensearch_config_dir: '{{ opensearch_base_install_dir }}/config'
|
||||||
|
opensearch_plugins_dir: '{{ opensearch_base_install_dir }}/plugins'
|
||||||
|
opensearch_disabled_plugins_dir: '{{ opensearch_base_install_dir }}/disabled-plugins'
|
||||||
opensearch_bin_dir: '{{ opensearch_base_install_dir }}/bin'
|
opensearch_bin_dir: '{{ opensearch_base_install_dir }}/bin'
|
||||||
|
|
||||||
opensearch_cluster_name: 'Opensearch Cluster'
|
opensearch_cluster_name: 'Opensearch Cluster'
|
||||||
|
@ -47,6 +49,21 @@ opensearch_cluster_routing_allocation_disk_watermark_low: '85%'
|
||||||
opensearch_cluster_routing_allocation_disk_watermark_high: '90%'
|
opensearch_cluster_routing_allocation_disk_watermark_high: '90%'
|
||||||
# Compatibility with kernels <= 3.5. Set to False if you are using a newer kernel
|
# Compatibility with kernels <= 3.5. Set to False if you are using a newer kernel
|
||||||
opensearch_disable_bootstrap_syscall_filter: true
|
opensearch_disable_bootstrap_syscall_filter: true
|
||||||
|
opensearch_security_enabled: false
|
||||||
|
opensearch_default_plugins:
|
||||||
|
- opensearch-alerting
|
||||||
|
- opensearch-anomaly-detection
|
||||||
|
- opensearch-asynchronous-search
|
||||||
|
- opensearch-cross-cluster-replication
|
||||||
|
- opensearch-index-management
|
||||||
|
- opensearch-job-scheduler
|
||||||
|
- opensearch-knn
|
||||||
|
- opensearch-ml
|
||||||
|
- opensearch-observability
|
||||||
|
- opensearch-performance-analyzer
|
||||||
|
- opensearch-reports-scheduler
|
||||||
|
- opensearch-security
|
||||||
|
- opensearch-sql
|
||||||
|
|
||||||
# Only name and value are mandatory. The others have defaults
|
# Only name and value are mandatory. The others have defaults
|
||||||
# systemctl_custom_options:
|
# systemctl_custom_options:
|
||||||
|
|
|
@ -64,6 +64,24 @@
|
||||||
|
|
||||||
tags: ['opensearch']
|
tags: ['opensearch']
|
||||||
|
|
||||||
|
- name: Opensearch plugins
|
||||||
|
block:
|
||||||
|
- name: Create the opensearch 'disabled_plugins' directory
|
||||||
|
file:
|
||||||
|
dest: '{{ opensearch_disabled_plugins_dir }}'
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
- name: Manage the security plugin
|
||||||
|
command: mv {{ opensearch_plugins_dir }}/opensearch-security {{ opensearch_disabled_plugins_dir }}/opensearch-security
|
||||||
|
args:
|
||||||
|
creates: '{{ opensearch_disabled_plugins_dir }}/opensearch-security'
|
||||||
|
when: not opensearch_security_enabled
|
||||||
|
|
||||||
|
tags: ['opensearch', 'opensearch_plugins']
|
||||||
|
|
||||||
- name: Opensearch configuration
|
- name: Opensearch configuration
|
||||||
block:
|
block:
|
||||||
- name: Install the opensearch JVM options
|
- name: Install the opensearch JVM options
|
||||||
|
|
|
@ -20,21 +20,25 @@ cluster.name: {{ opensearch_cluster_name }}
|
||||||
# Use a descriptive name for the node:
|
# Use a descriptive name for the node:
|
||||||
#
|
#
|
||||||
node.name: {{ ansible_fqdn }}
|
node.name: {{ ansible_fqdn }}
|
||||||
|
#
|
||||||
|
{% if not opensearch_single_node %}
|
||||||
cluster.initial_master_nodes:
|
cluster.initial_master_nodes:
|
||||||
{% for n in opensearch_bootstrap_known_masters %}
|
{% for n in opensearch_bootstrap_known_masters %}
|
||||||
- {{ n }}
|
- {{ n }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Add custom attributes to the node:
|
# Add custom attributes to the node:
|
||||||
#
|
#
|
||||||
# node.rack: r1
|
# node.rack: r1
|
||||||
|
{% endif %}
|
||||||
#
|
#
|
||||||
# ----------------------------------- Paths ------------------------------------
|
# ----------------------------------- Paths ------------------------------------
|
||||||
#
|
#
|
||||||
# Path to directory where to store the data (separate multiple locations by comma):
|
# Path to directory where to store the data (separate multiple locations by comma):
|
||||||
#
|
#
|
||||||
path.data: {% for data_dir in opensearch_data_dirs %}{{ data_dir }}{% if not loop.last %},{% endif %}{% endfor %}
|
path.data: {% for data_dir in opensearch_data_dirs %}{{ data_dir }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Path to log files:
|
# Path to log files:
|
||||||
#
|
#
|
||||||
|
|
Loading…
Reference in New Issue