Dzahn has submitted this change and it was merged. Change subject: logstash: Break logstash.pp up into individual classes ......................................................................
logstash: Break logstash.pp up into individual classes Break the legacy all-in-one logstash.pp file up into proper one class per file organization. The class formerly known as ::role::logstash is now named ::role::logstash::collector. The site.pp config has been modified for this but an associated manual change will be needed for the deployment-logstash2.deployment-prep instance in Labs. Bug: T93645 Change-Id: Ifc02cb52cc6a49611fbc6c1158f6fd87b74abb16 --- M hieradata/labs/deployment-prep/common.yaml R hieradata/role/common/logstash/collector.yaml M manifests/site.pp D modules/role/manifests/logstash.pp A modules/role/manifests/logstash/apifeatureusage.pp A modules/role/manifests/logstash/collector.pp A modules/role/manifests/logstash/elasticsearch.pp A modules/role/manifests/logstash/eventlogging.pp A modules/role/manifests/logstash/puppetreports.pp 9 files changed, 337 insertions(+), 336 deletions(-) Approvals: Dzahn: Looks good to me, approved jenkins-bot: Verified diff --git a/hieradata/labs/deployment-prep/common.yaml b/hieradata/labs/deployment-prep/common.yaml index 1bafd71..40c7717 100644 --- a/hieradata/labs/deployment-prep/common.yaml +++ b/hieradata/labs/deployment-prep/common.yaml @@ -197,7 +197,7 @@ "elasticsearch::cluster_name": beta-search "elasticsearch::graylog_hosts": - deployment-logstash2.deployment-prep.eqiad.wmflabs -role::logstash::statsd_host: labmon1001.eqiad.wmnet +role::logstash::collector::statsd_host: labmon1001.eqiad.wmnet "mediawiki::redis_servers::eqiad": shard01: host: 10.68.16.177 # deployment-redis01 diff --git a/hieradata/role/common/logstash.yaml b/hieradata/role/common/logstash/collector.yaml similarity index 96% rename from hieradata/role/common/logstash.yaml rename to hieradata/role/common/logstash/collector.yaml index 51ace6a..c4ab218 100644 --- a/hieradata/role/common/logstash.yaml +++ b/hieradata/role/common/logstash/collector.yaml @@ -38,7 +38,7 @@ - logstash1005.eqiad.wmnet - logstash1006.eqiad.wmnet -role::logstash::statsd_host: statsd.eqiad.wmnet +role::logstash::collector::statsd_host: statsd.eqiad.wmnet # Kibana role::kibana::vhost: logstash.wikimedia.org diff --git a/manifests/site.pp b/manifests/site.pp index 19a2ccc..d5a3f47 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -1514,12 +1514,12 @@ } node /^logstash100[1-2]\.eqiad\.wmnet$/ { - role(logstash, kibana, logstash::apifeatureusage) + role(logstash::collector, kibana, logstash::apifeatureusage) include ::lvs::realserver } node /^logstash1003\.eqiad\.wmnet$/ { - role(logstash, kibana, logstash::apifeatureusage, logstash::eventlogging) + role(logstash::collector, kibana, logstash::apifeatureusage, logstash::eventlogging) include ::lvs::realserver } node /^logstash100[4-6]\.eqiad\.wmnet$/ { diff --git a/modules/role/manifests/logstash.pp b/modules/role/manifests/logstash.pp deleted file mode 100644 index 745ac6a..0000000 --- a/modules/role/manifests/logstash.pp +++ /dev/null @@ -1,332 +0,0 @@ -# vim:sw=4 ts=4 sts=4 et: -# == Class: role::logstash -# -# Provisions Logstash and ElasticSearch. -# -# == Parameters: -# - $statsd_host: Host to send statsd data to. -# -class role::logstash ( - $statsd_host, -) { - include ::role::logstash::elasticsearch - include ::logstash - include base::firewall - - nrpe::monitor_service { 'logstash': - description => 'logstash process', - nrpe_command => '/usr/lib/nagios/plugins/check_procs -c 1:1 -u logstash -C java -a logstash', - } - - ## Inputs (10) - - logstash::input::udp2log { 'mediawiki': - port => 8324, - } - - ferm::service { 'logstash_udp2log': - proto => 'udp', - port => '8324', - notrack => true, - srange => '$DOMAIN_NETWORKS', - } - - logstash::input::syslog { 'syslog': - port => 10514, - } - - ferm::service { 'logstash_syslog': - proto => 'udp', - port => '10514', - notrack => true, - srange => '$DOMAIN_NETWORKS', - } - - ferm::service { 'grafana_dashboard_definition_storage': - proto => 'tcp', - port => '9200', - srange => '@resolve(krypton.eqiad.wmnet)', - } - - ferm::service { 'logstash_canary_checker_reporting': - proto => 'tcp', - port => '9200', - srange => '($DEPLOYMENT_HOSTS $MAINTENANCE_HOSTS)', - } - - logstash::input::gelf { 'gelf': - port => 12201, - } - - ferm::service { 'logstash_gelf': - proto => 'udp', - port => '12201', - notrack => true, - srange => '$DOMAIN_NETWORKS', - } - - logstash::input::log4j { 'log4j': } - - ferm::service { 'logstash_log4j': - proto => 'tcp', - port => '4560', - notrack => true, - srange => '$DOMAIN_NETWORKS', - } - - # Also used for UDP JSON logging from python-logstash lib (e.g. Striker) - logstash::input::udp { 'logback': - port => 11514, - codec => 'json', - } - - ferm::service { 'logstash_udp': - proto => 'udp', - port => '11514', - notrack => true, - srange => '$DOMAIN_NETWORKS', - } - - ## Global pre-processing (15) - - # move files into module? - # lint:ignore:puppet_url_without_modules - logstash::conf { 'filter_strip_ansi_color': - source => 'puppet:///modules/role/logstash/filter-strip-ansi-color.conf', - priority => 15, - } - - ## Input specific processing (20) - - logstash::conf { 'filter_syslog': - source => 'puppet:///modules/role/logstash/filter-syslog.conf', - priority => 20, - } - - logstash::conf { 'filter_udp2log': - source => 'puppet:///modules/role/logstash/filter-udp2log.conf', - priority => 20, - } - - logstash::conf { 'filter_gelf': - source => 'puppet:///modules/role/logstash/filter-gelf.conf', - priority => 20, - } - - logstash::conf { 'filter_logback': - source => 'puppet:///modules/role/logstash/filter-logback.conf', - priority => 20, - } - - ## Application specific processing (50) - - logstash::conf { 'filter_mediawiki': - source => 'puppet:///modules/role/logstash/filter-mediawiki.conf', - priority => 50, - } - - logstash::conf { 'filter_striker': - source => 'puppet:///modules/role/logstash/filter-striker.conf', - priority => 50, - } - - ## Global post-processing (70) - - logstash::conf { 'filter_add_normalized_message': - source => 'puppet:///modules/role/logstash/filter-add-normalized-message.conf', - priority => 70, - } - - logstash::conf { 'filter_normalize_log_levels': - source => 'puppet:///modules/role/logstash/filter-normalize-log-levels.conf', - priority => 70, - } - - logstash::conf { 'filter_de_dot': - source => 'puppet:///modules/role/logstash/filter-de_dot.conf', - priority => 70, - } - - ## Outputs (90) - # Template for Elasticsearch index creation - file { '/etc/logstash/elasticsearch-template.json': - ensure => present, - source => 'puppet:///modules/role/logstash/elasticsearch-template.json', - owner => 'root', - group => 'root', - mode => '0444', - } - # lint:endignore - - logstash::output::elasticsearch { 'logstash': - host => '127.0.0.1', - guard_condition => '"es" in [tags]', - manage_indices => true, - priority => 90, - template => '/etc/logstash/elasticsearch-template.json', - require => File['/etc/logstash/elasticsearch-template.json'], - } - - logstash::output::statsd { 'MW_channel_rate': - host => $statsd_host, - guard_condition => '[type] == "mediawiki" and "es" in [tags]', - namespace => 'logstash.rate', - sender => 'mediawiki', - increment => [ '%{channel}.%{level}' ], - } - - logstash::output::statsd { 'OOM_channel_rate': - host => $statsd_host, - guard_condition => '[type] == "hhvm" and [message] =~ "request has exceeded memory limit"', - namespace => 'logstash.rate', - sender => 'oom', - increment => [ '%{level}' ], - } - - logstash::output::statsd { 'HHVM_channel_rate': - host => $statsd_host, - guard_condition => '[type] == "hhvm" and [message] !~ "request has exceeded memory limit"', - namespace => 'logstash.rate', - sender => 'hhvm', - increment => [ '%{level}' ], - } - - logstash::output::statsd { 'Apache2_channel_rate': - host => $statsd_host, - guard_condition => '[type] == "apache2" and "syslog" in [tags]', - namespace => 'logstash.rate', - sender => 'apache2', - increment => [ '%{level}' ], - } -} - -# == Class: role::logstash::elasticsearch -# -# Provisions Elasticsearch backend node for a Logstash cluster. -# -class role::logstash::elasticsearch { - include standard - include ::elasticsearch::nagios::check - include ::elasticsearch::monitor::diamond - include base::firewall - - if $::standard::has_ganglia { - include ::elasticsearch::ganglia - } - - package { 'elasticsearch/plugins': - provider => 'trebuchet', - } - - class { '::elasticsearch': - require => Package['elasticsearch/plugins'], - java_package => 'openjdk-8-jdk', - } - - $logstash_nodes = hiera('logstash::cluster_hosts') - $logstash_nodes_ferm = join($logstash_nodes, ' ') - - ferm::service { 'logstash_elastic_internode': - proto => 'tcp', - port => 9300, - notrack => true, - srange => "@resolve((${logstash_nodes_ferm}))", - } -} - -# == Class: role::logstash::puppetreports -# -# Set up a TCP listener to listen for puppet failure reports. -class role::logstash::puppetreports { - require ::role::logstash - - if $::realm != 'labs' { - # Constrain to only labs, security issues in prod have not been worked out yet - fail('role::logstash::puppetreports may only be deployed to Labs.') - } - - logstash::input::tcp { 'tcp_json': - port => 5229, - codec => 'json_lines', - } - - ferm::service { 'logstash_tcp_json': - proto => 'tcp', - port => '5229', - srange => '$DOMAIN_NETWORKS', - } - - # lint:ignore:puppet_url_without_modules - logstash::conf { 'filter_puppet': - source => 'puppet:///modules/role/logstash/filter-puppet.conf', - priority => 50, - } - # lint:endignore -} - - -# == Class: role::logstash::apifeatureusage -# -# Builds on role::logstash to insert sanitized data for -# Extension:ApiFeatureUsage into Elasticsearch. -# -class role::logstash::apifeatureusage { - include ::role::logstash - - # FIXME: make this a param and use hiera to vary by realm - $host = $::realm ? { - 'production' => '10.2.2.30', # search.svc.eqiad.wmnet - 'labs' => 'deployment-elastic05', # Pick one at random - } - - # Template for Elasticsearch index creation - # lint:ignore:puppet_url_without_modules - file { '/etc/logstash/apifeatureusage-template.json': - ensure => present, - source => 'puppet:///modules/role/logstash/apifeatureusage-template.json', - owner => 'root', - group => 'root', - mode => '0444', - } - - # Add configuration to logstash - # Needs to come after 'filter_mediawiki' (priority 50) - logstash::conf { 'filter_apifeatureusage': - source => 'puppet:///modules/role/logstash/filter-apifeatureusage.conf', - priority => 55, - } - # lint:endignore - - # Output destined for separate Elasticsearch cluster from Logstash cluster - logstash::output::elasticsearch { 'apifeatureusage': - host => $host, - guard_condition => '[type] == "api-feature-usage-sanitized"', - manage_indices => true, - priority => 95, - template => '/etc/logstash/apifeatureusage-template.json', - require => File['/etc/logstash/apifeatureusage-template.json'], - } -} - -# == Class: role::logstash::eventlogging -# -# Configure Logstash to consume validation logs from EventLogging. -# -class role::logstash::eventlogging { - include ::role::logstash - - $topic = 'eventlogging_EventError' - $kafka_config = kafka_config('analytics') - - logstash::input::kafka { $topic: - tags => [$topic, 'kafka'], - type => 'eventlogging', - zk_connect => $kafka_config['zookeeper']['url'], - } - # lint:ignore:puppet_url_without_modules - logstash::conf { 'filter_eventlogging': - source => 'puppet:///modules/role/logstash/filter-eventlogging.conf', - priority => 50, - } - # lint:endignore -} diff --git a/modules/role/manifests/logstash/apifeatureusage.pp b/modules/role/manifests/logstash/apifeatureusage.pp new file mode 100644 index 0000000..50f176d --- /dev/null +++ b/modules/role/manifests/logstash/apifeatureusage.pp @@ -0,0 +1,43 @@ +# vim:sw=4 ts=4 sts=4 et: +# == Class: role::logstash::apifeatureusage +# +# Builds on role::logstash to insert sanitized data for +# Extension:ApiFeatureUsage into Elasticsearch. +# +class role::logstash::apifeatureusage { + include ::role::logstash::collector + + # FIXME: make this a param and use hiera to vary by realm + $host = $::realm ? { + 'production' => '10.2.2.30', # search.svc.eqiad.wmnet + 'labs' => 'deployment-elastic05', # Pick one at random + } + + # Template for Elasticsearch index creation + # lint:ignore:puppet_url_without_modules + file { '/etc/logstash/apifeatureusage-template.json': + ensure => present, + source => 'puppet:///modules/role/logstash/apifeatureusage-template.json', + owner => 'root', + group => 'root', + mode => '0444', + } + + # Add configuration to logstash + # Needs to come after 'filter_mediawiki' (priority 50) + logstash::conf { 'filter_apifeatureusage': + source => 'puppet:///modules/role/logstash/filter-apifeatureusage.conf', + priority => 55, + } + # lint:endignore + + # Output destined for separate Elasticsearch cluster from Logstash cluster + logstash::output::elasticsearch { 'apifeatureusage': + host => $host, + guard_condition => '[type] == "api-feature-usage-sanitized"', + manage_indices => true, + priority => 95, + template => '/etc/logstash/apifeatureusage-template.json', + require => File['/etc/logstash/apifeatureusage-template.json'], + } +} diff --git a/modules/role/manifests/logstash/collector.pp b/modules/role/manifests/logstash/collector.pp new file mode 100644 index 0000000..7497634 --- /dev/null +++ b/modules/role/manifests/logstash/collector.pp @@ -0,0 +1,203 @@ +# vim:sw=4 ts=4 sts=4 et: +# == Class: role::logstash::collector +# +# Provisions Logstash and an Elasticsearch node to proxy requests to ELK stack +# Elasticsearch cluster. +# +# == Parameters: +# - $statsd_host: Host to send statsd data to. +# +class role::logstash::collector ( + $statsd_host, +) { + include ::role::logstash::elasticsearch + include ::logstash + include base::firewall + + nrpe::monitor_service { 'logstash': + description => 'logstash process', + nrpe_command => '/usr/lib/nagios/plugins/check_procs -c 1:1 -u logstash -C java -a logstash', + } + + ## Inputs (10) + + logstash::input::udp2log { 'mediawiki': + port => 8324, + } + + ferm::service { 'logstash_udp2log': + proto => 'udp', + port => '8324', + notrack => true, + srange => '$DOMAIN_NETWORKS', + } + + logstash::input::syslog { 'syslog': + port => 10514, + } + + ferm::service { 'logstash_syslog': + proto => 'udp', + port => '10514', + notrack => true, + srange => '$DOMAIN_NETWORKS', + } + + ferm::service { 'grafana_dashboard_definition_storage': + proto => 'tcp', + port => '9200', + srange => '@resolve(krypton.eqiad.wmnet)', + } + + ferm::service { 'logstash_canary_checker_reporting': + proto => 'tcp', + port => '9200', + srange => '($DEPLOYMENT_HOSTS $MAINTENANCE_HOSTS)', + } + + logstash::input::gelf { 'gelf': + port => 12201, + } + + ferm::service { 'logstash_gelf': + proto => 'udp', + port => '12201', + notrack => true, + srange => '$DOMAIN_NETWORKS', + } + + logstash::input::log4j { 'log4j': } + + ferm::service { 'logstash_log4j': + proto => 'tcp', + port => '4560', + notrack => true, + srange => '$DOMAIN_NETWORKS', + } + + # Also used for UDP JSON logging from python-logstash lib (e.g. Striker) + logstash::input::udp { 'logback': + port => 11514, + codec => 'json', + } + + ferm::service { 'logstash_udp': + proto => 'udp', + port => '11514', + notrack => true, + srange => '$DOMAIN_NETWORKS', + } + + ## Global pre-processing (15) + + # move files into module? + # lint:ignore:puppet_url_without_modules + logstash::conf { 'filter_strip_ansi_color': + source => 'puppet:///modules/role/logstash/filter-strip-ansi-color.conf', + priority => 15, + } + + ## Input specific processing (20) + + logstash::conf { 'filter_syslog': + source => 'puppet:///modules/role/logstash/filter-syslog.conf', + priority => 20, + } + + logstash::conf { 'filter_udp2log': + source => 'puppet:///modules/role/logstash/filter-udp2log.conf', + priority => 20, + } + + logstash::conf { 'filter_gelf': + source => 'puppet:///modules/role/logstash/filter-gelf.conf', + priority => 20, + } + + logstash::conf { 'filter_logback': + source => 'puppet:///modules/role/logstash/filter-logback.conf', + priority => 20, + } + + ## Application specific processing (50) + + logstash::conf { 'filter_mediawiki': + source => 'puppet:///modules/role/logstash/filter-mediawiki.conf', + priority => 50, + } + + logstash::conf { 'filter_striker': + source => 'puppet:///modules/role/logstash/filter-striker.conf', + priority => 50, + } + + ## Global post-processing (70) + + logstash::conf { 'filter_add_normalized_message': + source => 'puppet:///modules/role/logstash/filter-add-normalized-message.conf', + priority => 70, + } + + logstash::conf { 'filter_normalize_log_levels': + source => 'puppet:///modules/role/logstash/filter-normalize-log-levels.conf', + priority => 70, + } + + logstash::conf { 'filter_de_dot': + source => 'puppet:///modules/role/logstash/filter-de_dot.conf', + priority => 70, + } + + ## Outputs (90) + # Template for Elasticsearch index creation + file { '/etc/logstash/elasticsearch-template.json': + ensure => present, + source => 'puppet:///modules/role/logstash/elasticsearch-template.json', + owner => 'root', + group => 'root', + mode => '0444', + } + # lint:endignore + + logstash::output::elasticsearch { 'logstash': + host => '127.0.0.1', + guard_condition => '"es" in [tags]', + manage_indices => true, + priority => 90, + template => '/etc/logstash/elasticsearch-template.json', + require => File['/etc/logstash/elasticsearch-template.json'], + } + + logstash::output::statsd { 'MW_channel_rate': + host => $statsd_host, + guard_condition => '[type] == "mediawiki" and "es" in [tags]', + namespace => 'logstash.rate', + sender => 'mediawiki', + increment => [ '%{channel}.%{level}' ], + } + + logstash::output::statsd { 'OOM_channel_rate': + host => $statsd_host, + guard_condition => '[type] == "hhvm" and [message] =~ "request has exceeded memory limit"', + namespace => 'logstash.rate', + sender => 'oom', + increment => [ '%{level}' ], + } + + logstash::output::statsd { 'HHVM_channel_rate': + host => $statsd_host, + guard_condition => '[type] == "hhvm" and [message] !~ "request has exceeded memory limit"', + namespace => 'logstash.rate', + sender => 'hhvm', + increment => [ '%{level}' ], + } + + logstash::output::statsd { 'Apache2_channel_rate': + host => $statsd_host, + guard_condition => '[type] == "apache2" and "syslog" in [tags]', + namespace => 'logstash.rate', + sender => 'apache2', + increment => [ '%{level}' ], + } +} + diff --git a/modules/role/manifests/logstash/elasticsearch.pp b/modules/role/manifests/logstash/elasticsearch.pp new file mode 100644 index 0000000..e1add0d --- /dev/null +++ b/modules/role/manifests/logstash/elasticsearch.pp @@ -0,0 +1,34 @@ +# vim:sw=4 ts=4 sts=4 et: +# == Class: role::logstash::elasticsearch +# +# Provisions Elasticsearch backend node for a Logstash cluster. +# +class role::logstash::elasticsearch { + include standard + include ::elasticsearch::nagios::check + include ::elasticsearch::monitor::diamond + include base::firewall + + if $::standard::has_ganglia { + include ::elasticsearch::ganglia + } + + package { 'elasticsearch/plugins': + provider => 'trebuchet', + } + + class { '::elasticsearch': + require => Package['elasticsearch/plugins'], + java_package => 'openjdk-8-jdk', + } + + $logstash_nodes = hiera('logstash::cluster_hosts') + $logstash_nodes_ferm = join($logstash_nodes, ' ') + + ferm::service { 'logstash_elastic_internode': + proto => 'tcp', + port => 9300, + notrack => true, + srange => "@resolve((${logstash_nodes_ferm}))", + } +} diff --git a/modules/role/manifests/logstash/eventlogging.pp b/modules/role/manifests/logstash/eventlogging.pp new file mode 100644 index 0000000..f7191cf --- /dev/null +++ b/modules/role/manifests/logstash/eventlogging.pp @@ -0,0 +1,23 @@ +# vim:sw=4 ts=4 sts=4 et: +# == Class: role::logstash::eventlogging +# +# Configure Logstash to consume validation logs from EventLogging. +# +class role::logstash::eventlogging { + include ::role::logstash::collector + + $topic = 'eventlogging_EventError' + $kafka_config = kafka_config('analytics') + + logstash::input::kafka { $topic: + tags => [$topic, 'kafka'], + type => 'eventlogging', + zk_connect => $kafka_config['zookeeper']['url'], + } + # lint:ignore:puppet_url_without_modules + logstash::conf { 'filter_eventlogging': + source => 'puppet:///modules/role/logstash/filter-eventlogging.conf', + priority => 50, + } + # lint:endignore +} diff --git a/modules/role/manifests/logstash/puppetreports.pp b/modules/role/manifests/logstash/puppetreports.pp new file mode 100644 index 0000000..3fee2b2 --- /dev/null +++ b/modules/role/manifests/logstash/puppetreports.pp @@ -0,0 +1,30 @@ +# vim:sw=4 ts=4 sts=4 et: +# == Class: role::logstash::puppetreports +# +# Set up a TCP listener to listen for puppet failure reports. +class role::logstash::puppetreports { + require ::role::logstash::collector + + if $::realm != 'labs' { + # Constrain to only labs, security issues in prod have not been worked out yet + fail('role::logstash::puppetreports may only be deployed to Labs.') + } + + logstash::input::tcp { 'tcp_json': + port => 5229, + codec => 'json_lines', + } + + ferm::service { 'logstash_tcp_json': + proto => 'tcp', + port => '5229', + srange => '$DOMAIN_NETWORKS', + } + + # lint:ignore:puppet_url_without_modules + logstash::conf { 'filter_puppet': + source => 'puppet:///modules/role/logstash/filter-puppet.conf', + priority => 50, + } + # lint:endignore +} -- To view, visit https://gerrit.wikimedia.org/r/323333 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ifc02cb52cc6a49611fbc6c1158f6fd87b74abb16 Gerrit-PatchSet: 10 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: BryanDavis <bda...@wikimedia.org> Gerrit-Reviewer: Dzahn <dz...@wikimedia.org> Gerrit-Reviewer: Gehel <gleder...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits