Fixes #196: ELK example needs updating for modern usage.

Author: geerlingguy

elk/README.md

@@ -2,9 +2,9 @@
 
 This project builds a two-server ELK stack using Elasticsearch, Logstash, Kibana, and Filebeat to ship, store, and expose logs.
 
-The first server (`logs`) has the entire ELK stack running, and pushes local auth.log entries into Elasticsearch via Filebeat and Logstash. The second server (`webs`) runs an Nginx webserver and pushes the webserver access.log file and the server's auth.log entries into Elasticsearch via the `logs` server's Logstash instance.
+The first server (`logs`) has the entire ELK stack running, and pushes local auth.log entries into Elasticsearch via Filebeat and Logstash. The second server (`web`) runs an Nginx webserver and pushes the webserver access.log file and the server's auth.log entries into Elasticsearch via the `logs` server's Logstash instance.
 
-Logs are transmitted securely using a self-signed certificate (see the `elk-vagrant-example` certificate).
+Logs are transmitted securely using a self-signed certificate (see the `elk-example` certificate).
 
 ## Building the VMs
 
@@ -14,18 +14,18 @@ Logs are transmitted securely using a self-signed certificate (see the `elk-vagr
   4. Run `ansible-galaxy install -r requirements.yml` in this directory to get the required Ansible roles.
   5. Run `vagrant up` to build the VMs.
 
-Once the VMs are up and running (after `vagrant up` is complete and you're back at the command prompt), you can log into either one via SSH if you'd like by typing in `vagrant ssh [name]` (either `logs` for the ELK server, or `webs` for the Nginx web server). Otherwise, the next steps are below.
+Once the VMs are up and running (after `vagrant up` is complete and you're back at the command prompt), you can log into either one via SSH if you'd like by typing in `vagrant ssh [name]` (either `logs` for the ELK server, or `web` for the Nginx web server). Otherwise, the next steps are below.
 
 ### Setting up your hosts file
 
 You need to modify your host machine's hosts file (Mac/Linux: `/etc/hosts`; Windows: `%systemroot%\system32\drivers\etc\hosts`), adding the lines below:
 
     192.168.9.90  logs.test
-    192.168.9.91  webs.test
+    192.168.9.91  web.test
 
-(Where `logs.test`/`webs.test` is the hostname you have configured in the `Vagrantfile`).
+(Where `logs.test`/`web.test` is the hostname you have configured in the `Vagrantfile`).
 
-After that is configured, you could visit http://logs.test/ in a browser, and you'll see the Kibana dashboard, and you can visit http://webs.test/, and you'll see Nginx's default index page.
+After that is configured, you could visit http://logs.test/ in a browser, and you'll see the Kibana dashboard, and you can visit http://web.test/, and you'll see Nginx's default index page.
 
 If you'd like additional assistance editing your hosts file, please read [How do I modify my hosts file?](http://www.rackspace.com/knowledge_center/article/how-do-i-modify-my-hosts-file) from Rackspace.
 

elk/Vagrantfile

@@ -20,20 +20,21 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
     logs.vm.network :private_network, ip: "192.168.9.90"
 
     logs.vm.provision :ansible do |ansible|
-      ansible.playbook = "provisioning/elk/playbook.yml"
+      ansible.compatibility_mode = "2.0"
+      ansible.playbook = "provisioning/elk/main.yml"
       ansible.inventory_path = "provisioning/elk/inventory"
       ansible.become = true
     end
   end
 
   # Web server.
-  config.vm.define "webs" do |webs|
-    webs.vm.hostname = "webs.test"
-    webs.vm.network :private_network, ip: "192.168.9.91"
+  config.vm.define "web" do |web|
+    web.vm.hostname = "web.test"
+    web.vm.network :private_network, ip: "192.168.9.91"
 
-    webs.vm.provision :ansible do |ansible|
+    web.vm.provision :ansible do |ansible|
       ansible.compatibility_mode = "2.0"
-      ansible.playbook = "provisioning/web/playbook.yml"
+      ansible.playbook = "provisioning/web/main.yml"
       ansible.inventory_path = "provisioning/web/inventory"
       ansible.become = true
     end

elk/provisioning/elk/elk-vagrant-example.crt renamed to elk/provisioning/elk/elk-example.crt

@@ -1,8 +1,4 @@
 ---
-# Ansible playbook for an ELK (Elasticsearch, Logstash, Kibana) logging server.
-#
-# @author Jeff Geerling (2014).
-
 - hosts: logs
   gather_facts: yes
 

elk/provisioning/elk/elk-vagrant-example.key renamed to elk/provisioning/elk/elk-example.p8

@@ -2,12 +2,7 @@
 java_packages:
   - openjdk-8-jdk
 
-kibana_server_name: logs.test
-kibana_username: kibana
-kibana_password: password
-
 nginx_user: www-data
-nginx_worker_connections: 1024
 nginx_remove_default_vhost: true
 nginx_vhosts:
   # Kibana proxy.
@@ -22,15 +17,17 @@ nginx_vhosts:
           proxy_read_timeout  90s;
       }
 
-logstash_ssl_key_file: elk-vagrant-example.p8
-logstash_ssl_certificate_file: elk-vagrant-example.crt
+elasticsearch_curator_pip_package: python3-pip
+
+logstash_ssl_key_file: elk-example.p8
+logstash_ssl_certificate_file: elk-example.crt
 
 filebeat_output_logstash_enabled: true
 filebeat_output_logstash_hosts:
   - "logs.test:5044"
 
-filebeat_ssl_key_file: elk-vagrant-example.p8
-filebeat_ssl_certificate_file: elk-vagrant-example.crt
+filebeat_ssl_key_file: elk-example.p8
+filebeat_ssl_certificate_file: elk-example.crt
 filebeat_ssl_insecure: "true"
 
 filebeat_inputs: