基于ansible的生产环境部署构建(十一) 角色logstash

角色功能说明：

• 该角色实现对客户端主机的logstash部署启动
• 该角色可以反复执行以达到logstash软件升级或配置升级的功能

角色部署：

• 创建目录结构，创建软连接，关联默认变量文件

WorkDir=~/devops/ansible/os_init && cd ${WorkDir}
RoleName=logstash
mkdir -pv roles/${RoleName}/{defaults,files,handlers,meta,tasks,templates,vars}
ln -s ${WorkDir}/defaults_var.yml roles/${RoleName}/defaults/main.yml

• 配置logstash模版文件，如果环境中包含多个机房，每个机房的logstash配置不同时，为每个机房配置各自的logstash模版文件

cat >roles/${RoleName}/templates/logstash_192.168.sh.j2<<\EOF
#!/bin/bash
source /etc/profile
IP='{{ ansible_ssh_host }}'
Elasticsearch='http://192.168.1.183:9200'
IPWD=/web
LOG_CONF=/etc/logstash/conf.d/web_catalina_access.conf
LOG_INPUT_FILE_TMP=/tmp/logstash_input_file.tmp
LOG_OUTPUT_FILE_TMP=/tmp/logstash_output_file.tmp
echo ''>${LOG_INPUT_FILE_TMP}
echo ''>${LOG_OUTPUT_FILE_TMP}
# 查找出/web目录下所有已存在的项目
for FULLPATH in $(find ${IPWD} -maxdepth 1 -type d -name "tomcat*_808*_*")
do
  TOMCAT_NAME=$(basename ${FULLPATH})
  TOMCAT_SUBPRO=$(echo ${TOMCAT_NAME#*_})
  TOMCAT_SUBPRO=$(echo ${TOMCAT_SUBPRO#*_})
  TOMCAT_CATALINA=/web/${TOMCAT_NAME}/logs/catalina.out
  TOMCAT_ACCESS=/web/logs/access/${TOMCAT_NAME}/localhost_access_log
  # 生成配置文件的input部分
  cat >>${LOG_INPUT_FILE_TMP}<<eof
  file {
    path => "${TOMCAT_CATALINA}"
    type => "${TOMCAT_SUBPRO}-catalina-${IP}"
    start_position => "beginning"
    discover_interval => 3
  }
  file {
    path => "${TOMCAT_ACCESS}.*.txt"
    type => "${TOMCAT_SUBPRO}-access-${IP}"
    start_position => "beginning"
    discover_interval => 3
    codec => "json"
  }
eof
  # 生成配置文件的output部分
  cat >>${LOG_OUTPUT_FILE_TMP}<<eof
  if [type] == "${TOMCAT_SUBPRO}-catalina-${IP}" {
    elasticsearch{
      index => "${TOMCAT_SUBPRO}-catalina-${IP}-%{+YYYY.MM.dd}"
      hosts => ["${Elasticsearch}"]
    }
  }
  if [type] == "${TOMCAT_SUBPRO}-access-${IP}" {
    elasticsearch{
      index => "${TOMCAT_SUBPRO}-access-${IP}-%{+YYYY.MM.dd}"
      hosts => ["${Elasticsearch}"]
    }
  }
eof
done
# 拼出整个配置文件
cat >${LOG_CONF}<<eof
input {
# input_info
$(cat ${LOG_INPUT_FILE_TMP})
}
filter{
# filter_info
  if "catalina" in [type] {
    grok{
    pattern_definitions => {"TIMESTAMPV2" => "%{MONTHDAY}-%{MONTH}-20%{YEAR} %{HOUR}:?%{MINUTE}(?::?%{SECOND})"}
      match => [
        "message" , "^\[%{JAVALOGMESSAGE:DataTime}\]\s\[%{JAVALOGMESSAGE:TraceId}\]\s\[%{JAVALOGMESSAGE:TraceName}\]\s\[%{JAVALOGMESSAGE:LogLevel}\]\s\[%{JAVALOGMESSAGE:JavaMethod}\]\s\[%{JAVALOGMESSAGE:LogInfo}",
        "message", "^%{TIMESTAMPV2:DataTime2}%{JAVALOGMESSAGE:LogInfo}",
        "message", "^%{JAVALOGMESSAGE:OtherInfo}"
        ]
    }
    if [OtherInfo] {drop {}}
    if ![LogInfo]  {drop {}}
    date{
      timezone => "Asia/Shanghai"
      match => ["DataTime", "yyyy-MM-dd HH:mm:ss SSS"]
      target => "@timestamp"
    }
    date{
      timezone => "Asia/Shanghai"
      match => ["DataTime2", "dd-MMM-yyyy HH:mm:ss.SSS"]
      target => "@timestamp"
    }
    mutate {
      remove_field => [ "message", "@version", "path", "DataTime", "DataTime2"]
    }
  }
  if "access" in [type] {
    mutate {
      gsub => [ "SendBytes", "-", "0" ]
      convert => { "SendBytes" => "integer" }
    }
    date{
      timezone => "Asia/Shanghai"
      match => ["AccessTime", "dd/MMM/yyyy:HH:mm:ss Z"]
      target => "@timestamp"
    }
  }
}
output {
# output_info
$(cat ${LOG_OUTPUT_FILE_TMP})
}
eof
EOF

• 创建logstash自动拉起脚本

cat >roles/${RoleName}/files/logstashStart.sh<<\EOF
#!/bin/bash
source /etc/profile
BIN=/usr/share/logstash/bin/logstash
CONF=/etc/logstash/conf.d/web_catalina_access.conf
# main()
ProcessNum=$(ps -ef|grep '/usr/share/logstash'|grep -v grep|wc -l)
if [ ${ProcessNum} != 1 ]
then
  for pid in $(ps -ef|grep '/usr/share/logstash'|grep -v grep|awk '{print $2}')
  do
    kill -9 ${pid}
  done
  ${BIN} -f ${CONF} &
fi
EOF

• 创建角色任务

cat >roles/${RoleName}/tasks/main.yml<<EOF
---
- name: "分发 logstash rpm"
  copy:
    src: ${WorkDir}/software/{{ logstash_name }}
    dest: /tmp
    owner: root
    group: root
    mode: 0644
- name: "安装 logstash rpm"
  yum:
    name: /tmp/{{ logstash_name }}
    state: present
- name: "配置环境变量"
  lineinfile:
    path: /etc/profile
    line: "export LS_HOME=/usr/share/logstash\nexport PATH=\$LS_HOME/bin:\$PATH\n"
- name: "优化jvm内存1"
  lineinfile:
    path: /etc/logstash/jvm.options
    regexp: "^-Xms1g"
    line: "-Xms512m"
- name: "优化jvm内存2"
  lineinfile:
    path: /etc/logstash/jvm.options
    regexp: "^-Xmx1g"
    line: "-Xmx512m"
- name: "定位网段"
  shell:
    "echo {{ ansible_ssh_host }}|awk -F'.' '{print \$1\".\"\$2}'"
  register: local
- name: "根据网段匹配分发logstash脚本模版"
  template:
    src: logstash_{{ local.stdout }}.sh.j2
    dest: /tmp/logstash.sh
    force: yes
    owner: root
    group: root
    mode: 0644
- name: "执行脚本，生成配置文件"
  shell:
    bash /tmp/logstash.sh
- name: "同步拉起脚本"
  copy:
    src: logstashStart.sh
    dest: /root/checkOS
    owner: root
    group: root
    mode: 0644
- name: "配置拉起任务"
  cron:
    name: "logstashStart"
    job: "/bin/bash /root/checkOS/logstashStart.sh"
    minute: "*/5"
EOF

• 创建任务playbook并执行

cat >os-init-10-${RoleName}.yml<<EOF
---
- hosts: all
  remote_user: sudoler
  gather_facts: true
  become: yes
  become_user: root
  become_method: su
  roles:
    - ${RoleName}
EOF
ansible-playbook -i inventory/hosts os-init-10-${RoleName}.yml

注意事项：

• 该角色可以反复执行以实现修改升级logstash的配置或升级logstash软件
• logstash rpm包较大，通过网络分发耗时较长，建议在模版机上将相应的包直接下载到对应目录

[TOC]