diff --git a/README.md b/README.md index 95f2f10..ccba494 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,10 @@ concise area of concern. - [`roles/authelia`](roles/authelia/README.md): Deploys an [authelia.com](https://www.authelia.com) instance, an authentication provider with beta OIDC provider support. +- [`roles/elasticsearch`](roles/elasticsearch/README.md): Deploy [elasticsearch](https://www.docker.elastic.co/r/elasticsearch/elasticsearch-oss), + a popular (distributed) search and analytics engine, mostly known by it's + letter "E" in the ELK-stack. + - [`roles/gitea`](roles/gitea/README.md): Deploy [gitea.io](https://gitea.io), a lightweight, self-hosted git service. diff --git a/roles/elasticsearch/README.md b/roles/elasticsearch/README.md new file mode 100644 index 0000000..83290ec --- /dev/null +++ b/roles/elasticsearch/README.md @@ -0,0 +1,22 @@ +# `finallycoffee.services.elastiscsearch` + +A simple ansible role which deploys a single-node elastic container to provide +an easy way to do some indexing. + +## Usage + +Per default, `/opt/elasticsearch/data` is used to persist data, it is +customizable by using either `elasticsearch_base_path` or `elasticsearch_data_path`. + +As elasticsearch be can be quite memory heavy, the maximum amount of allowed RAM +can be configured using `elasticsearch_allocated_ram_mb`, defaulting to 512 (mb). + +The cluster name and discovery type can be overridden using +`elasticsearch_config_cluster_name` (default: elastic) and +`elasticsearch_config_discovery_type` (default: single-node), should one +need a multi-node elasticsearch deployment. + +Per default, no ports or networks are mapped, and explizit mapping using +either ports (`elasticsearch_container_ports`) or networks +(`elasticsearch_container_networks`) is required in order for other services +to use elastic. diff --git a/roles/elasticsearch/defaults/main.yml b/roles/elasticsearch/defaults/main.yml new file mode 100644 index 0000000..2cd112c --- /dev/null +++ b/roles/elasticsearch/defaults/main.yml @@ -0,0 +1,35 @@ +--- + +elasticsearch_version: 7.10.2 + +elasticsearch_base_path: /opt/elasticsearch +elasticsearch_data_path: "{{ elasticsearch_base_path }}/data" + +elasticsearch_config_cluster_name: elastic +elasticsearch_config_discovery_type: single-node +elasticsearch_config_boostrap_memory_lock: true +elasticsearch_allocated_ram_mb: 512 + +elasticsearch_container_image_name: docker.elastic.co/elasticsearch/elasticsearch-oss +elasticsearch_container_image_tag: ~ +elasticsearch_container_image: >- + {{ elasticsearch_container_image_name }}:{{ elasticsearch_container_image_tag | default(elasticsearch_version, true) }} + +elasticsearch_container_name: elasticsearch +elasticsearch_container_env: + "ES_JAVA_OPTS": "-Xms{{ elasticsearch_allocated_ram_mb }}m -Xmx{{ elasticsearch_allocated_ram_mb }}m" + "cluster.name": "{{ elasticsearch_config_cluster_name }}" + "discovery.type": "{{ elasticsearch_config_discovery_type }}" + "bootstrap.memory_lock": "{{ 'true' if elasticsearch_config_boostrap_memory_lock else 'false' }}" +elasticsearch_container_user: ~ +elasticsearch_container_ports: ~ +elasticsearch_container_labels: + version: "{{ elasticsearch_version }}" +elasticsearch_container_ulimits: +# - "memlock:{{ (1.5 * 1024 * elasticsearch_allocated_ram_mb) | int }}:{{ (1.5 * 1024 * elasticsearch_allocated_ram_mb) | int }}" + - "memlock:-1:-1" +elasticsearch_container_volumes: + - "{{ elasticsearch_data_path }}:/usr/share/elasticsearch/data:z" +elasticsearch_container_networks: ~ +elasticsearch_container_purge_networks: ~ +elasticsearch_container_restart_policy: unless-stopped diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml new file mode 100644 index 0000000..76595bf --- /dev/null +++ b/roles/elasticsearch/tasks/main.yml @@ -0,0 +1,32 @@ +--- + +- name: Ensure host directories are present + file: + path: "{{ item }}" + state: directory + mode: "0777" + loop: + - "{{ elasticsearch_base_path }}" + - "{{ elasticsearch_data_path }}" + +- name: Ensure elastic container image is present + docker_image: + name: "{{ elasticsearch_container_image }}" + state: present + source: pull + force_source: "{{ elasticsearch_container_image_tag|default(false, true)|bool }}" + +- name: Ensure elastic container is running + docker_container: + name: "{{ elasticsearch_container_name }}" + image: "{{ elasticsearch_container_image }}" + env: "{{ elasticsearch_container_env | default(omit, True) }}" + user: "{{ elasticsearch_container_user | default(omit, True) }}" + ports: "{{ elasticsearch_container_ports | default(omit, True) }}" + labels: "{{ elasticsearch_container_labels | default(omit, True) }}" + volumes: "{{ elasticsearch_container_volumes }}" + ulimits: "{{ elasticsearch_container_ulimits }}" + networks: "{{ elasticsearch_container_networks | default(omit, True) }}" + purge_networks: "{{ elasticsearch_container_purge_networks | default(omit, True) }}" + restart_policy: "{{ elasticsearch_container_restart_policy }}" + state: started