08:31 $ chef exec kitchen converge centos-----> Starting Kitchen (v1.5.0)---

1. 08:31 $ chef exec kitchen converge centos
2. -----> Starting Kitchen (v1.5.0)
3. -----> Converging <default-centos-67>...
4. Preparing files for transfer
5. Preparing dna.json
6. Resolving cookbook dependencies with Berkshelf 4.3.2...
7. Removing non-cookbook files before transfer
8. Preparing data
9. Preparing data_bags
10. Preparing nodes
11. Preparing secret
12. Preparing validation.pem
13. Preparing client.rb
14. -----> Installing Chef Omnibus (12.4.1)
15. Downloading https://www.chef.io/chef/install.sh to file /tmp/install.sh
16. Trying wget...
17. Download complete.
18. el 6 x86_64
19. Getting information for chef stable 12.4.1 for el...
20. downloading https://www.chef.io/stable/chef/metadata?v=12.4.1&p=el&pv=6&m=x86_64
21. to file /tmp/install.sh.6173/metadata.txt
22. trying wget...
23. sha1 272c792e51a533384122e30351813c5370558c14
24. sha256 95150a4b3c3b2313bd206876e09e2fcf742f2fa4611951d52c79225becb32928
25. url https://packages.chef.io/stable/el/6/chef-12.4.1-1.el6.x86_64.rpm
26. version 12.4.1
27. downloaded metadata file looks valid...
28. downloading https://packages.chef.io/stable/el/6/chef-12.4.1-1.el6.x86_64.rpm
29. to file /tmp/install.sh.6173/chef-12.4.1-1.el6.x86_64.rpm
30. trying wget...
31. Comparing checksum with sha256sum...
32. Installing chef 12.4.1
33. installing with rpm...
34. warning: /tmp/install.sh.6173/chef-12.4.1-1.el6.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
35. Preparing... ########################################### [100%]
36. 1:chef ########################################### [100%]
37. Thank you for installing Chef!
38. Transferring files to <default-centos-67>
39. Starting Chef Client, version 12.4.1
40. Creating a new client identity for default-centos-67 using the validator key.
41. [2016-04-19T13:32:59+00:00] WARN: Child with name 'dna.json' found in multiple directories: /tmp/kitchen/dna.json and /tmp/kitchen/dna.json
42. [2016-04-19T13:32:59+00:00] WARN: Child with name 'dna.json' found in multiple directories: /tmp/kitchen/dna.json and /tmp/kitchen/dna.json
43. resolving cookbooks for run list: ["fqdn", "mongodb", "java", "elasticsearch", "graylog2", "graylog2::server", "graylog2::web", "graylog2::api_access", "graylog2::radio", "graylog2::collector", "graylog2::authbind"]
44. Synchronizing Cookbooks:
45. - fqdn
46. - mongodb
47. - java
48. - elasticsearch
49. - graylog2
50. - line
51. - hostsfile
52. - now
53. - apt
54. - yum
55. - python
56. - runit
57. - ark
58. - authbind
59. - build-essential
60. - yum-epel
61. - packagecloud
62. - windows
63. - 7-zip
64. - chef_handler
65. Compiling Cookbooks...
66. [2016-04-19T13:33:13+00:00] WARN: CentOS doesn't provide mongodb, forcing use of mongodb-org repo
67. Recipe: fqdn::_rhel
68. * hostsfile_entry[127.0.0.1] action create
69. Recipe: <Dynamically Defined Resource>
70. * file[/etc/hosts] action create
71. - update content in file /etc/hosts from d97f51 to 7e8ef6
72. --- /etc/hosts 2016-04-19 13:28:59.687841554 +0000
73. +++ /etc/.hosts20160419-6294-1crvhrx 2016-04-19 13:33:14.087978060 +0000
74. @@ -1,3 +1,12 @@
75. -127.0.0.1 default-centos-67 localhost localhost.localdomain localhost4 localhost4.localdomain4
76. -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
77. +#
78. +# This file is managed by Chef, using the hostsfile cookbook.
79. +# Editing this file by hand is highly discouraged!
80. +#
81. +# Comments containing an @ sign should not be modified or else
82. +# hostsfile will be unable to guarantee relative priority in
83. +# future Chef runs!
84. +#
85. +
86. +127.0.0.1 graylog.local graylog.local localhost localhost.localdomain localhost4 localhost4.localdomain4
87. +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
88. - restore selinux security context
89. - Create hostsfile_entry[127.0.0.1]
90. Recipe: fqdn::_rhel
91. * hostsfile_entry[::1] action create
92. Recipe: <Dynamically Defined Resource>
93. * file[/etc/hosts] action create
94. - update content in file /etc/hosts from 7e8ef6 to 5373be
95. --- /etc/hosts 2016-04-19 13:33:14.087978060 +0000
96. +++ /etc/.hosts20160419-6294-hvmjjq 2016-04-19 13:33:14.231049554 +0000
97. @@ -8,5 +8,5 @@
98. #
99.  
100. 127.0.0.1 graylog.local graylog.local localhost localhost.localdomain localhost4 localhost4.localdomain4
101. -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
102. +::1 graylog.local graylog.local localhost localhost.localdomain localhost6 localhost6.localdomain6
103. - restore selinux security context
104. - Create hostsfile_entry[::1]
105. Recipe: fqdn::_rhel
106. * replace_or_add[redhat sysconfig network hostname] action edit[2016-04-19T13:33:14+00:00] WARN: Class Chef::Provider::ReplaceOrAdd does not declare 'resource_name :replace_or_add'.
107. [2016-04-19T13:33:14+00:00] WARN: This will no longer work in Chef 13: you must use 'resource_name' to provide DSL.
108.  
109.  
110. * execute[hostname ] action run
111. - execute /bin/hostname graylog.local
112. * ohai[reload_hostname] action nothing (skipped due to action :nothing)
113. * ohai[reload_fqdn] action nothing (skipped due to action :nothing)
114. * ohai[reload_hostname] action reload/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/ohai-8.5.0/lib/ohai/plugins/solaris2/network.rb:57: warning: already initialized constant ETHERNET_ENCAPS
115. /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/ohai-8.5.0/lib/ohai/plugins/solaris2/network.rb:57: warning: previous definition of ETHERNET_ENCAPS was here
116.  
117. - re-run ohai and merge results into node attributes
118. * ohai[reload_fqdn] action reload/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/ohai-8.5.0/lib/ohai/plugins/solaris2/network.rb:57: warning: already initialized constant ETHERNET_ENCAPS
119. /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/ohai-8.5.0/lib/ohai/plugins/solaris2/network.rb:57: warning: previous definition of ETHERNET_ENCAPS was here
120.  
121. - re-run ohai and merge results into node attributes
122. [2016-04-19T13:33:14+00:00] WARN: 10gen_repo is deprecated, use mongodb_org_repo
123. [2016-04-19T13:33:14+00:00] WARN: Cloning resource attributes for template[/etc/mongodb.conf] from prior resource (CHEF-3694)
124. [2016-04-19T13:33:14+00:00] WARN: Previous template[/etc/mongodb.conf]: /tmp/kitchen/cache/cookbooks/mongodb/recipes/install.rb:14:in `from_file'
125. [2016-04-19T13:33:14+00:00] WARN: Current template[/etc/mongodb.conf]: /tmp/kitchen/cache/cookbooks/mongodb/definitions/mongodb.rb:139:in `block in from_file'
126. [2016-04-19T13:33:14+00:00] WARN: Cloning resource attributes for execute[mongodb-systemctl-daemon-reload] from prior resource (CHEF-3694)
127. [2016-04-19T13:33:14+00:00] WARN: Previous execute[mongodb-systemctl-daemon-reload]: /tmp/kitchen/cache/cookbooks/mongodb/recipes/install.rb:37:in `from_file'
128. [2016-04-19T13:33:14+00:00] WARN: Current execute[mongodb-systemctl-daemon-reload]: /tmp/kitchen/cache/cookbooks/mongodb/definitions/mongodb.rb:174:in `block in from_file'
129. [2016-04-19T13:33:14+00:00] WARN: Cloning resource attributes for template[/etc/init.d/mongod] from prior resource (CHEF-3694)
130. [2016-04-19T13:33:14+00:00] WARN: Previous template[/etc/init.d/mongod]: /tmp/kitchen/cache/cookbooks/mongodb/recipes/install.rb:42:in `from_file'
131. [2016-04-19T13:33:14+00:00] WARN: Current template[/etc/init.d/mongod]: /tmp/kitchen/cache/cookbooks/mongodb/definitions/mongodb.rb:180:in `block in from_file'
132. [2016-04-19T13:33:14+00:00] WARN: Using an LWRP provider by its name (Ark) directly is no longer supported in Chef 12 and will be removed. Use Chef::ProviderResolver.new(node, resource, action) instead.
133. [2016-04-19T13:33:14+00:00] WARN: Using an LWRP provider by its name (Ark) directly is no longer supported in Chef 12 and will be removed. Use Chef::ProviderResolver.new(node, resource, action) instead.
134. [2016-04-19T13:33:14+00:00] WARN: Cloning resource attributes for template[/etc/graylog/collector/collector.conf] from prior resource (CHEF-3694)
135. [2016-04-19T13:33:14+00:00] WARN: Previous template[/etc/graylog/collector/collector.conf]: /tmp/kitchen/cache/cookbooks/graylog2/recipes/collector.rb:83:in `from_file'
136. [2016-04-19T13:33:14+00:00] WARN: Current template[/etc/graylog/collector/collector.conf]: /tmp/kitchen/cache/cookbooks/graylog2/recipes/collector.rb:152:in `from_file'
137. [2016-04-19T13:33:14+00:00] ERROR: Authbind is only available on Ubuntu/Debian systems.
138. Converging 90 resources
139. * hostsfile_entry[127.0.0.1] action nothing (skipped due to action :nothing)
140. * hostsfile_entry[::1] action nothing (skipped due to action :nothing)
141. * replace_or_add[redhat sysconfig network hostname] action nothing (skipped due to action :nothing)
142. * execute[hostname ] action nothing (skipped due to action :nothing)
143. * ohai[reload_hostname] action nothing (skipped due to action :nothing)
144. * ohai[reload_fqdn] action nothing (skipped due to action :nothing)
145. Recipe: mongodb::mongodb_org_repo
146. * yum_repository[mongodb] action create
147. * template[/etc/yum.repos.d/mongodb.repo] action create
148. - create new file /etc/yum.repos.d/mongodb.repo
149. - update content in file /etc/yum.repos.d/mongodb.repo from none to bf24c8
150. --- /etc/yum.repos.d/mongodb.repo 2016-04-19 13:33:14.758313056 +0000
151. +++ /tmp/chef-rendered-template20160419-6294-1bo02sa 2016-04-19 13:33:14.758313056 +0000
152. @@ -1 +1,9 @@
153. +# This file was generated by Chef
154. +# Do NOT modify this file by hand.
155. +
156. +[mongodb]
157. +name=mongodb RPM Repository
158. +baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64
159. +enabled=1
160. +gpgcheck=0
161. - change mode from '' to '0644'
162. - restore selinux security context
163. * execute[yum clean mongodb] action run
164. - execute yum clean all --disablerepo=* --enablerepo=mongodb
165. * execute[yum-makecache-mongodb] action run
166. - execute yum -q -y makecache --disablerepo=* --enablerepo=mongodb
167. * ruby_block[yum-cache-reload-mongodb] action create
168. - execute the ruby block yum-cache-reload-mongodb
169. * execute[yum clean mongodb] action nothing (skipped due to action :nothing)
170. * execute[yum-makecache-mongodb] action nothing (skipped due to action :nothing)
171. * ruby_block[yum-cache-reload-mongodb] action nothing (skipped due to action :nothing)
172.  
173. Recipe: mongodb::install
174. * file[/etc/sysconfig/mongodb] action create_if_missing
175. - create new file /etc/sysconfig/mongodb
176. - update content in file /etc/sysconfig/mongodb from none to a35762
177. --- /etc/sysconfig/mongodb 2016-04-19 13:33:16.782324549 +0000
178. +++ /etc/sysconfig/.mongodb20160419-6294-1vx09ts 2016-04-19 13:33:16.782324549 +0000
179. @@ -1 +1,2 @@
180. +ENABLE_MONGODB=no
181. - change mode from '' to '0644'
182. - change owner from '' to 'root'
183. - change group from '' to 'root'
184. - restore selinux security context
185. * template[/etc/mongodb.conf] action create_if_missing
186. - create new file /etc/mongodb.conf
187. - update content in file /etc/mongodb.conf from none to cc38f1
188. --- /etc/mongodb.conf 2016-04-19 13:33:16.899383052 +0000
189. +++ /tmp/chef-rendered-template20160419-6294-j3t8g0 2016-04-19 13:33:16.899383052 +0000
190. @@ -1 +1,15 @@
191. +#
192. +# Automatically Generated by Chef, do not edit directly!
193. +#
194. +
195. +bind_ip = 0.0.0.0
196. +dbpath = /var/lib/mongodb
197. +fork = true
198. +logappend = true
199. +logpath = /var/log/mongodb/mongodb.log
200. +nojournal = false
201. +pidfilepath = /var/run/mongodb/mongodb.pid
202. +port = 27017
203. +rest = false
204. +smallfiles = false
205. - change mode from '' to '0644'
206. - change owner from '' to 'root'
207. - change group from '' to 'root'
208. - restore selinux security context
209. * execute[mongodb-systemctl-daemon-reload] action nothing (skipped due to action :nothing)
210. * template[/etc/init.d/mongod] action create_if_missing
211. - create new file /etc/init.d/mongod
212. - update content in file /etc/init.d/mongod from none to dc5d48
213. --- /etc/init.d/mongod 2016-04-19 13:33:17.022444563 +0000
214. +++ /tmp/chef-rendered-template20160419-6294-nj7ho4 2016-04-19 13:33:17.022444563 +0000
215. @@ -1 +1,107 @@
216. +#!/bin/bash
217. +
218. +# mongod - Startup script for mongod
219. +
220. +# chkconfig: 35 85 15
221. +# description: Mongo is a scalable, document-oriented database.
222. +# processname: mongod
223. +# config: /etc/mongodb.conf
224. +
225. +. /etc/rc.d/init.d/functions
226. +
227. +NAME=mongod
228. +SYSCONFIG=/etc/sysconfig/mongodb
229. +DAEMON_USER=mongod
230. +ENABLE_MONGODB=yes
231. +
232. +SUBSYS_LOCK_FILE=/var/lock/subsys/mongod
233. +
234. +if [ -f "$SYSCONFIG" ]; then
235. + . "$SYSCONFIG"
236. +fi
237. +
238. +# FIXME: 1.9.x has a --shutdown flag that parses the config file and
239. +# shuts down the correct running pid, but that's unavailable in 1.8
240. +# for now. This can go away when this script stops supporting 1.8.
241. +DBPATH=`awk -F= '/^dbpath[[:blank:]]*=[[:blank:]]*/{print $2}' "$CONFIGFILE"`
242. +PIDFILE=`awk -F= '/^pidfilepath[[:blank:]]*=[[:blank:]]*/{print $2}' "$CONFIGFILE"`
243. +
244. +# Handle NUMA access to CPUs (SERVER-3574)
245. +# This verifies the existence of numactl as well as testing that the command works
246. +NUMACTL_ARGS="--interleave=all"
247. +if which numactl >/dev/null 2>/dev/null && numactl $NUMACTL_ARGS ls / >/dev/null 2>/dev/null
248. +then
249. + NUMACTL="numactl $NUMACTL_ARGS"
250. +else
251. + NUMACTL=""
252. +fi
253. +
254. +start()
255. +{
256. + echo -n $"Starting mongod: "
257. + daemon --user "$DAEMON_USER" $NUMACTL $DAEMON $DAEMON_OPTS
258. + RETVAL=$?
259. + echo
260. + [ $RETVAL -eq 0 ] && touch $SUBSYS_LOCK_FILE
261. +}
262. +
263. +stop()
264. +{
265. + echo -n $"Stopping mongod: "
266. + if test "x$PIDFILE" != "x"; then
267. + killproc -p $PIDFILE -d 300 $DAEMON
268. + else
269. + killproc -d 300 $DAEMON
270. + fi
271. + RETVAL=$?
272. + echo
273. + [ $RETVAL -eq 0 ] && rm -f $SUBSYS_LOCK_FILE
274. +}
275. +
276. +restart () {
277. + stop
278. + start
279. +}
280. +
281. +ulimit -f unlimited
282. +ulimit -t unlimited
283. +ulimit -v unlimited
284. +ulimit -n 64000
285. +ulimit -m unlimited
286. +ulimit -u 32000
287. +
288. +RETVAL=0
289. +
290. +if test "x$ENABLE_MONGODB" != "xyes"; then
291. + exit $RETVAL
292. +fi
293. +
294. +case "$1" in
295. + start)
296. + start
297. + ;;
298. + stop)
299. + stop
300. + ;;
301. + restart|reload|force-reload)
302. + restart
303. + ;;
304. + condrestart)
305. + [ -f $SUBSYS_LOCK_FILE ] && restart || :
306. + ;;
307. + status)
308. + if test "x$PIDFILE" != "x"; then
309. + status -p $PIDFILE $DAEMON
310. + else
311. + status $DAEMON
312. + fi
313. + RETVAL=$?
314. + ;;
315. + *)
316. + echo "Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}"
317. + RETVAL=1
318. +esac
319. +
320. +exit $RETVAL
321. +
322. - change mode from '' to '0755'
323. - change owner from '' to 'root'
324. - change group from '' to 'root'
325. - restore selinux security context
326. * yum_package[mongodb-org] action install
327. - install version 2.6.12-1 of package mongodb-org
328. Recipe: mongodb::default
329. * template[/etc/sysconfig/mongodb] action create
330. - update content in file /etc/sysconfig/mongodb from a35762 to 75458b
331. --- /etc/sysconfig/mongodb 2016-04-19 13:33:16.782324549 +0000
332. +++ /tmp/chef-rendered-template20160419-6294-ytockh 2016-04-19 13:35:36.601199059 +0000
333. @@ -1,2 +1,13 @@
334. -ENABLE_MONGODB=no
335. +#
336. +# Automatically Generated by Chef, do not edit directly!
337. +#
338. +
339. +CONFIGFILE="/etc/mongodb.conf"
340. +DAEMON="/usr/bin/$NAME"
341. +DAEMONUSER="mongod"
342. +DAEMON_OPTS="--config /etc/mongodb.conf"
343. +DAEMON_USER="mongod"
344. +ENABLE_MONGO="yes"
345. +ENABLE_MONGOD="yes"
346. +ENABLE_MONGODB="yes"
347. - restore selinux security context
348. * template[/etc/mongodb.conf] action create (up to date)
349. * directory[/var/log/mongodb] action create (up to date)
350. * directory[/var/lib/mongodb] action create
351. - create new directory /var/lib/mongodb
352. - change mode from '' to '0755'
353. - change owner from '' to 'mongod'
354. - change group from '' to 'mongod'
355. - restore selinux security context
356. * execute[mongodb-systemctl-daemon-reload] action nothing (skipped due to action :nothing)
357. * template[/etc/init.d/mongod] action create
358. - update content in file /etc/init.d/mongod from 97bdb4 to dc5d48
359. --- /etc/init.d/mongod 2016-03-23 18:03:39.000000000 +0000
360. +++ /tmp/chef-rendered-template20160419-6294-1t6n0ie 2016-04-19 13:35:36.854325564 +0000
361. @@ -5,36 +5,27 @@
362. # chkconfig: 35 85 15
363. # description: Mongo is a scalable, document-oriented database.
364. # processname: mongod
365. -# config: /etc/mongod.conf
366. -# pidfile: /var/run/mongodb/mongod.pid
367. +# config: /etc/mongodb.conf
368.  
369. . /etc/rc.d/init.d/functions
370.  
371. -# things from mongod.conf get there by mongod reading it
372. +NAME=mongod
373. +SYSCONFIG=/etc/sysconfig/mongodb
374. +DAEMON_USER=mongod
375. +ENABLE_MONGODB=yes
376.  
377. +SUBSYS_LOCK_FILE=/var/lock/subsys/mongod
378.  
379. -# NOTE: if you change any OPTIONS here, you get what you pay for:
380. -# this script assumes all options are in the config file.
381. -CONFIGFILE="/etc/mongod.conf"
382. -OPTIONS=" -f $CONFIGFILE"
383. -SYSCONFIG="/etc/sysconfig/mongod"
384. +if [ -f "$SYSCONFIG" ]; then
385. + . "$SYSCONFIG"
386. +fi
387.  
388. # FIXME: 1.9.x has a --shutdown flag that parses the config file and
389. # shuts down the correct running pid, but that's unavailable in 1.8
390. # for now. This can go away when this script stops supporting 1.8.
391. -DBPATH=`awk -F'[:=]' -v IGNORECASE=1 '/^[[:blank:]]*dbpath[[:blank:]]*[:=][[:blank:]]*/{print $2}' "$CONFIGFILE" | tr -d '[:blank:]'`
392. -PIDFILE=`awk -F'[:=]' -v IGNORECASE=1 '/^[[:blank:]]*pidfilepath[[:blank:]]*[:=][[:blank:]]*/{print $2}' "$CONFIGFILE" | tr -d '[:blank:]'`
393. -PIDDIR=`dirname $PIDFILE`
394. +DBPATH=`awk -F= '/^dbpath[[:blank:]]*=[[:blank:]]*/{print $2}' "$CONFIGFILE"`
395. +PIDFILE=`awk -F= '/^pidfilepath[[:blank:]]*=[[:blank:]]*/{print $2}' "$CONFIGFILE"`
396.  
397. -mongod=${MONGOD-/usr/bin/mongod}
398. -
399. -MONGO_USER=mongod
400. -MONGO_GROUP=mongod
401. -
402. -if [ -f "$SYSCONFIG" ]; then
403. - . "$SYSCONFIG"
404. -fi
405. -
406. # Handle NUMA access to CPUs (SERVER-3574)
407. # This verifies the existence of numactl as well as testing that the command works
408. NUMACTL_ARGS="--interleave=all"
409. @@ -47,45 +38,44 @@
410.  
411. start()
412. {
413. - # Make sure the default pidfile directory exists
414. - if [ ! -d $PIDDIR ]; then
415. - install -d -m 0755 -o $MONGO_USER -g $MONGO_GROUP $PIDDIR
416. - fi
417. -
418. - # Recommended ulimit values for mongod or mongos
419. - # See http://docs.mongodb.org/manual/reference/ulimit/#recommended-settings
420. - #
421. - ulimit -f unlimited
422. - ulimit -t unlimited
423. - ulimit -v unlimited
424. - ulimit -n 64000
425. - ulimit -m unlimited
426. - ulimit -u 64000
427. -
428. echo -n $"Starting mongod: "
429. - daemon --user "$MONGO_USER" --check $mongod "$NUMACTL $mongod $OPTIONS >/dev/null 2>&1"
430. + daemon --user "$DAEMON_USER" $NUMACTL $DAEMON $DAEMON_OPTS
431. RETVAL=$?
432. echo
433. - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/mongod
434. + [ $RETVAL -eq 0 ] && touch $SUBSYS_LOCK_FILE
435. }
436.  
437. stop()
438. {
439. echo -n $"Stopping mongod: "
440. - killproc -p "$PIDFILE" -d 300 /usr/bin/mongod
441. + if test "x$PIDFILE" != "x"; then
442. + killproc -p $PIDFILE -d 300 $DAEMON
443. + else
444. + killproc -d 300 $DAEMON
445. + fi
446. RETVAL=$?
447. echo
448. - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/mongod
449. + [ $RETVAL -eq 0 ] && rm -f $SUBSYS_LOCK_FILE
450. }
451.  
452. restart () {
453. - stop
454. - start
455. + stop
456. + start
457. }
458.  
459. +ulimit -f unlimited
460. +ulimit -t unlimited
461. +ulimit -v unlimited
462. +ulimit -n 64000
463. +ulimit -m unlimited
464. +ulimit -u 32000
465.  
466. RETVAL=0
467.  
468. +if test "x$ENABLE_MONGODB" != "xyes"; then
469. + exit $RETVAL
470. +fi
471. +
472. case "$1" in
473. start)
474. start
475. @@ -97,10 +87,14 @@
476. restart
477. ;;
478. condrestart)
479. - [ -f /var/lock/subsys/mongod ] && restart || :
480. + [ -f $SUBSYS_LOCK_FILE ] && restart || :
481. ;;
482. status)
483. - status $mongod
484. + if test "x$PIDFILE" != "x"; then
485. + status -p $PIDFILE $DAEMON
486. + else
487. + status $DAEMON
488. + fi
489. RETVAL=$?
490. ;;
491. *)
492. @@ -109,4 +103,5 @@
493. esac
494.  
495. exit $RETVAL
496. +
497. - restore selinux security context
498. * service[mongod] action enable (up to date)
499. * service[mongod] action start
500. - start service service[mongod]
501. Recipe: java::set_java_home
502. * ruby_block[set-env-java-home] action run
503. - execute the ruby block set-env-java-home
504. * directory[/etc/profile.d] action create (up to date)
505. * file[/etc/profile.d/jdk.sh] action create
506. - create new file /etc/profile.d/jdk.sh
507. - update content in file /etc/profile.d/jdk.sh from none to 26187d
508. --- /etc/profile.d/jdk.sh 2016-04-19 13:36:15.206492056 +0000
509. +++ /etc/profile.d/.jdk.sh20160419-6294-1pz9xeb 2016-04-19 13:36:15.206492056 +0000
510. @@ -1 +1,2 @@
511. +export JAVA_HOME=/usr/lib/jvm/java
512. - change mode from '' to '0755'
513. - restore selinux security context
514. Recipe: java::oracle
515. * yum_package[tar] action install (up to date)
516. * java_ark[jdk] action install
517. - create dir /usr/lib/jvm and change owner to root:root[2016-04-19T13:36:15+00:00] WARN: Cloning resource attributes for yum_package[curl] from prior resource (CHEF-3694)
518. [2016-04-19T13:36:15+00:00] WARN: Previous yum_package[curl]: /tmp/kitchen/cache/cookbooks/elasticsearch/recipes/curl.rb:1:in `from_file'
519. [2016-04-19T13:36:15+00:00] WARN: Current yum_package[curl]: /tmp/kitchen/cache/cookbooks/java/providers/ark.rb:72:in `download_direct_from_oracle'
520.  
521. * yum_package[curl] action install (up to date)
522. - download oracle tarball straight from the server
523. - extract compressed data into Chef file cache path and
524. move extracted data to /usr/lib/jvm/jdk1.8.0_51
525. - Symlink /usr/lib/jvm/jdk1.8.0_51 to /usr/lib/jvm/java
526. * yum_package[curl] action nothing (skipped due to action :nothing)
527. * java_alternatives[set-java-alternatives] action set
528. - Add alternative for appletviewer
529. - Add alternative for ControlPanel
530. - Add alternative for extcheck
531. - Add alternative for idlj
532. - Add alternative for jar
533. - Add alternative for jarsigner
534. - Add alternative for java
535. - Add alternative for javac
536. - Add alternative for javadoc
537. - Add alternative for javafxpackager
538. - Add alternative for javah
539. - Add alternative for javap
540. - Add alternative for javaws
541. - Add alternative for jcmd
542. - Add alternative for jconsole
543. - Add alternative for jcontrol
544. - Add alternative for jdb
545. - Add alternative for jdeps
546. - Add alternative for jhat
547. - Add alternative for jinfo
548. - Add alternative for jjs
549. - Add alternative for jmap
550. - Add alternative for jmc
551. - Add alternative for jps
552. - Add alternative for jrunscript
553. - Add alternative for jsadebugd
554. - Add alternative for jstack
555. - Add alternative for jstat
556. - Add alternative for jstatd
557. - Add alternative for jvisualvm
558. - Add alternative for keytool
559. - Add alternative for native2ascii
560. - Add alternative for orbd
561. - Add alternative for pack200
562. - Add alternative for policytool
563. - Add alternative for rmic
564. - Add alternative for rmid
565. - Add alternative for rmiregistry
566. - Add alternative for schemagen
567. - Add alternative for serialver
568. - Add alternative for servertool
569. - Add alternative for tnameserv
570. - Add alternative for unpack200
571. - Add alternative for wsgen
572. - Add alternative for wsimport
573. - Add alternative for xjc
574. Recipe: elasticsearch::curl
575. * yum_package[curl] action install (up to date)
576. Recipe: ark::default
577. * yum_package[libtool] action install
578. - install version 2.2.6-15.5.el6 of package libtool
579. * yum_package[autoconf] action install (up to date)
580. * yum_package[unzip] action install
581. - install version 6.0-2.el6_6 of package unzip
582. * yum_package[rsync] action install
583. - install version 3.0.6-12.el6 of package rsync
584. * yum_package[make] action install (up to date)
585. * yum_package[gcc] action install (up to date)
586. Recipe: elasticsearch::default
587. * group[elasticsearch] action create
588. - create elasticsearch
589. * user[elasticsearch] action create
590. - create user elasticsearch
591. * bash[remove the elasticsearch user home] action run (skipped due to only_if)
592. * directory[/usr/local/etc/elasticsearch] action create
593. - create new directory /usr/local/etc/elasticsearch
594. - change mode from '' to '0755'
595. - change owner from '' to 'elasticsearch'
596. - change group from '' to 'elasticsearch'
597. - restore selinux security context
598. * directory[/usr/local/var/log/elasticsearch] action create
599. - create new directory /usr/local/var/log/elasticsearch
600. - change mode from '' to '0755'
601. - change owner from '' to 'elasticsearch'
602. - change group from '' to 'elasticsearch'
603. - restore selinux security context
604. * directory[/usr/local/var/run] action create
605. - create new directory /usr/local/var/run
606. - change mode from '' to '0755'
607. - restore selinux security context
608. * directory[/usr/local/var/data/elasticsearch] action create
609. - create new directory /usr/local/var/data/elasticsearch
610. - change mode from '' to '0755'
611. - change owner from '' to 'elasticsearch'
612. - change group from '' to 'elasticsearch'
613. - restore selinux security context
614. * template[/etc/init.d/elasticsearch] action create
615. - create new file /etc/init.d/elasticsearch
616. - update content in file /etc/init.d/elasticsearch from none to 7e27d6
617. --- /etc/init.d/elasticsearch 2016-04-19 13:38:16.049883547 +0000
618. +++ /tmp/chef-rendered-template20160419-6294-xgb1nn 2016-04-19 13:38:16.049883547 +0000
619. @@ -1 +1,196 @@
620. +#!/usr/bin/env bash
621. +#
622. +# elasticsearch
623. +#
624. +# chkconfig: - 57 47
625. +# description: elasticsearch
626. +# processname: elasticsearch
627. +# config: /usr/local/etc/elasticsearch/elasticsearch.yml
628. +
629. +# Source networking configuration
630. +#
631. +if [ -f /etc/sysconfig/network ]; then source /etc/sysconfig/network; fi
632. +
633. +# Set limits for environments ignoring `/etc/security/limits.d`
634. +#
635. +ulimit -n 64000
636. +ulimit -l unlimited
637. +
638. +# Exit if networking is not up
639. +#
640. +[ "$NETWORKING" = "no" ] && exit
641. +
642. +PIDFILE='/usr/local/var/run/default_centos_67.pid'
643. +ES_INCLUDE='/usr/local/etc/elasticsearch/elasticsearch-env.sh'
644. +CHECK_PID_RUNNING=$(ps ax | grep 'java' | grep -e "es.pidfile=$PIDFILE" | sed 's/^\s*\([0-9]*\)\s.*/\1/')
645. +RUBY_BIN=""
646. +
647. +if command -v ruby >/dev/null 2>&1; then
648. + RUBY_BIN=$(command -v ruby)
649. + # ruby < 1.9 needs this, afterwards it doesn't work _at all_
650. + if $RUBY_BIN -rubygems -e "puts Gem::VERSION" >/dev/null 2>&1; then
651. + RUBY_BIN="$RUBY_BIN -rubygems "
652. + fi
653. +fi
654. +
655. +start() {
656. + if [ -f $PIDFILE ]; then
657. + # PIDFILE EXISTS -- ES RUNNING?
658. + echo -e "PID file found in $PIDFILE"
659. + es_pid="$(cat $PIDFILE)"
660. + pid_running="$( ps ax | grep 'java' | grep $es_pid )"
661. +
662. + if [ ! -z "$pid_running" ] ; then
663. + # EXIT IF ES IS ALREADY RUNNING
664. + echo -e "\033[31;1mPID $es_pid still alive, Elasticsearch already running...\033[0m"
665. + return 1
666. + fi
667. + fi
668. +
669. + echo -en "\033[1mStarting Elasticsearch...\033[0m"
670. + touch $PIDFILE && chown elasticsearch $PIDFILE
671. + su elasticsearch -c "ES_INCLUDE=$ES_INCLUDE /usr/local/bin/elasticsearch -d -p $PIDFILE"
672. +
673. + if [ $? ]; then
674. + echo -e " \e[32m[OK]\e[0m"
675. + else
676. + echo -e " \e[31m[FAILURE]\e[0m"
677. + fi
678. +
679. + return $?
680. +}
681. +
682. +stop() {
683. + if [[ -f $PIDFILE ]]; then
684. + echo -n -e "\033[1mStopping elasticsearch...\033[0m"
685. +
686. + # REMOVE PIDFILE AND EXIT IF PROCESS NOT RUNNING
687. + if [ ! $CHECK_PID_RUNNING ]; then
688. + echo -e "\033[1mPID file found, but no matching process running?\033[0m"
689. + echo "Removing PID file..."
690. + rm $PIDFILE
691. + exit 0
692. + fi
693. +
694. + # KILL PROCESS
695. + pid=$(cat $PIDFILE)
696. + su elasticsearch -m -c "kill $(cat $PIDFILE)"
697. + r=$?
698. +
699. + # Check for process
700. + timeout=0
701. + while [ $(ps -p $pid | wc -l ) -gt '1' ]; do
702. + echo -n '.'
703. + (( timeout ++))
704. + if [ $timeout -gt '30' ]; then return; fi
705. + sleep 1
706. + done
707. +
708. + # Check for pidfile
709. + timeout=0
710. + while [ -f $PIDFILE ]; do
711. + echo -n '.'
712. + (( timeout++ ))
713. + if [ $timeout -gt '15' ]; then return; fi
714. + sleep 1
715. + done
716. +
717. + echo;
718. +
719. + return $r
720. + else
721. + echo -e "\033[1mNo PID file found -- elasticsearch not running?\033[0m"
722. + fi
723. +}
724. +
725. +restart() {
726. + stop
727. + timeout=30
728. + while ps aux | grep 'java' | grep -e "es.pidfile"; do
729. + echo -n '.'
730. + (( timeout-- ))
731. + if [ $timeout -lt '1' ]; then return; fi
732. + sleep 1
733. + done;
734. + start
735. +}
736. +
737. +status() {
738. + # GOT PIDFILE?
739. + [ -f $PIDFILE ] && pid=$(cat $PIDFILE)
740. +
741. + # RUNNING
742. + if [[ $pid && -d "/proc/$pid" ]]; then
743. + if [ -z "$RUBY_BIN" ]; then
744. + version=$(curl -s 'http://localhost:9200' | $RUBY_BIN -e 'require "json"; print JSON.parse(STDIN.read)["version"]["number"]')
745. + echo -e "\033[1;37;46melasticsearch $version running with PID $pid\033[0m"
746. + else
747. + echo -e "\033[1;37;46melasticsearch running with PID $pid\033[0m"
748. + fi
749. + # VERBOSE
750. + if [[ $pid && $1 == '-v' || $1 == '--verbose' ]]; then
751. + if [ -z "$RUBY_BIN" ]; then
752. + curl -s 'http://localhost:9200/_cluster/nodes/default-centos-67?os&process&jvm&network&transport&settings&pretty' | \
753. + $RUBY_BIN -e '
754. + begin
755. + require "json"; h = JSON.parse(STDIN.read); id, node = h["nodes"].first;
756. + def e(name, value); puts %Q|\e[1;36m#{(name.to_s+":").ljust(20)}\e[0m #{value || "N/A" rescue "N/A"}|; end
757. + e "HTTP Address", node["http_address"]
758. + e "Node Name", node["name"]
759. + e "Cluster Name", h["cluster_name"]
760. + e "Started", Time.at(node["jvm"]["start_time"].to_i/1000)
761. + e "JVM", "#{node["jvm"]["vm_name"]} (#{node["jvm"]["version"]})"
762. + e "Memory Total", node["os"]["mem"]["total"]
763. + e "Open Files", node["process"]["max_file_descriptors"]
764. + e "Configuration", node["settings"]["config"]
765. + rescue
766. + puts "Metadata cannot be retrieved."
767. + end
768. + '
769. + else
770. + echo >&2 "verbose requires ruby but it is not installed"
771. + exit 1
772. + fi
773. + fi
774. + # INCORRECT PID?
775. + if [ $pid != $CHECK_PID_RUNNING ]; then
776. + echo -e "\033[1;31;40m[!] Incorrect PID found in $PIDFILE: $pid\033[0m"
777. + return 1
778. + fi
779. + return 0
780. + fi
781. +
782. + # NOT RUNNING
783. + if [[ ! $pid || ! -d "/proc/$pid" ]]; then
784. + echo -e "\033[1;33;40melasticsearch not running\033[0m"
785. + return 3
786. + fi
787. +
788. + # STALE PID FOUND
789. + if [[ ! -d "/proc/$pid" && -f $PIDFILE ]]; then
790. + echo -e "\033[1;31;40m[!] Stale PID found in $PIDFILE\033[0m"
791. + return 1
792. + fi
793. +}
794. +
795. +
796. +case "$1" in
797. + start)
798. + start
799. + ;;
800. + stop)
801. + stop
802. + ;;
803. + restart)
804. + restart
805. + ;;
806. + status)
807. + status $2
808. + ;;
809. + *)
810. + echo $"Usage: $0 {start|stop|restart|status [-v]|}"
811. + exit 1
812. +esac
813. +
814. +exit $?
815. - change mode from '' to '0755'
816. - change owner from '' to 'root'
817. - restore selinux security context
818. * service[elasticsearch] action enable
819. - enable service service[elasticsearch]
820. * ark[elasticsearch] action install
821. * directory[/usr/local/elasticsearch-1.7.1] action create
822. - create new directory /usr/local/elasticsearch-1.7.1
823. - restore selinux security context
824. * remote_file[/tmp/kitchen/cache/elasticsearch-1.7.1.tar.gz] action create
825. - create new file /tmp/kitchen/cache/elasticsearch-1.7.1.tar.gz
826. - update content in file /tmp/kitchen/cache/elasticsearch-1.7.1.tar.gz from none to 86a0c2
827. (file sizes exceed 10000000 bytes, diff output suppressed)
828. - restore selinux security context
829. * execute[unpack /tmp/kitchen/cache/elasticsearch-1.7.1.tar.gz] action nothing (skipped due to action :nothing)
830. * execute[set owner on /usr/local/elasticsearch-1.7.1] action nothing (skipped due to action :nothing)
831. * link[/usr/local/bin/elasticsearch] action create
832. - create symlink at /usr/local/bin/elasticsearch to /usr/local/elasticsearch-1.7.1/bin/elasticsearch
833. * link[/usr/local/bin/plugin] action create
834. - create symlink at /usr/local/bin/plugin to /usr/local/elasticsearch-1.7.1/bin/plugin
835. * link[/usr/local/elasticsearch] action create
836. - create symlink at /usr/local/elasticsearch to /usr/local/elasticsearch-1.7.1
837. * template[/etc/profile.d/elasticsearch.sh] action create (skipped due to only_if)
838. * ruby_block[adding '/usr/local/elasticsearch-1.7.1/bin' to chef-client ENV['PATH']] action run (skipped due to only_if)
839. * execute[unpack /tmp/kitchen/cache/elasticsearch-1.7.1.tar.gz] action run
840. - execute /bin/tar xzf /tmp/kitchen/cache/elasticsearch-1.7.1.tar.gz --strip-components=1
841. * execute[set owner on /usr/local/elasticsearch-1.7.1] action run
842. - execute chown -R elasticsearch:elasticsearch /usr/local/elasticsearch-1.7.1
843.  
844. * bash[enable user limits] action run
845. - execute "bash" "/tmp/chef-script20160419-6294-10otm1r"
846. * file[/etc/security/limits.d/10-elasticsearch.conf] action create
847. - create new file /etc/security/limits.d/10-elasticsearch.conf
848. - update content in file /etc/security/limits.d/10-elasticsearch.conf from none to 0a6b42
849. --- /etc/security/limits.d/10-elasticsearch.conf 2016-04-19 13:38:21.791753056 +0000
850. +++ /etc/security/limits.d/.10-elasticsearch.conf20160419-6294-17rsahe 2016-04-19 13:38:21.791753056 +0000
851. @@ -1 +1,3 @@
852. +elasticsearch - nofile 64000
853. +elasticsearch - memlock unlimited
854. - restore selinux security context
855. * log[increase limits] action write
856.  
857. * log[increase limits] action nothing (skipped due to action :nothing)
858. * template[elasticsearch-env.sh] action create
859. - create new file /usr/local/etc/elasticsearch/elasticsearch-env.sh
860. - update content in file /usr/local/etc/elasticsearch/elasticsearch-env.sh from none to a5bcb7
861. --- /usr/local/etc/elasticsearch/elasticsearch-env.sh 2016-04-19 13:38:21.906810558 +0000
862. +++ /tmp/chef-rendered-template20160419-6294-tk4mjc 2016-04-19 13:38:21.906810558 +0000
863. @@ -1 +1,25 @@
864. +# JVM Configuration for ElasticSearch
865. +# ===================================
866. +# See <https://github.com/elasticsearch/elasticsearch/blob/master/bin/elasticsearch.in.sh>
867. +#
868. +
869. +ES_HOME='/usr/local/elasticsearch'
870. +ES_CLASSPATH=$ES_CLASSPATH:$ES_HOME/lib/*:$ES_HOME/lib/sigar/*
871. +ES_HEAP_SIZE=2298m
872. +
873. +ES_JAVA_OPTS="
874. + -server
875. + -Djava.net.preferIPv4Stack=true
876. + -Des.config=/usr/local/etc/elasticsearch/elasticsearch.yml
877. + -Xms2298m
878. + -Xmx2298m
879. + -Xss256k
880. + -XX:+UseParNewGC
881. + -XX:+UseConcMarkSweepGC
882. + -XX:CMSInitiatingOccupancyFraction=75
883. + -XX:+UseCMSInitiatingOccupancyOnly
884. + -XX:+HeapDumpOnOutOfMemoryError
885. +
886. +
887. +"
888. - change mode from '' to '0755'
889. - change owner from '' to 'elasticsearch'
890. - change group from '' to 'elasticsearch'
891. - restore selinux security context
892. * template[elasticsearch.yml] action create
893. - create new file /usr/local/etc/elasticsearch/elasticsearch.yml
894. - update content in file /usr/local/etc/elasticsearch/elasticsearch.yml from none to 28256a
895. --- /usr/local/etc/elasticsearch/elasticsearch.yml 2016-04-19 13:38:22.043879056 +0000
896. +++ /tmp/chef-rendered-template20160419-6294-pb1wko 2016-04-19 13:38:22.043879056 +0000
897. @@ -1 +1,77 @@
898. +######################### ElasticSearch Configuration ########################
899. +
900. +# This file is managed by Chef, do not edit manually, your changes *will* be overwritten!
901. +#
902. +# Please see the source file for context and more information:
903. +#
904. +# https://github.com/elasticsearch/elasticsearch/blob/master/config/elasticsearch.yml
905. +#
906. +# To set configurations not exposed by this template, set the
907. +# `node.elasticsearch[:custom_config]` attribute in your node configuration,
908. +# `elasticsearch/settings` data bag, role/environment definition, etc:
909. +#
910. +# // ...
911. +# 'threadpool.index.type' => 'fixed',
912. +# 'threadpool.index.size' => '2'
913. +# // ...
914. +
915. +################################### Cluster ###################################
916. +
917. +cluster.name: graylog2
918. +
919. +#################################### Node #####################################
920. +
921. +node.name: default-centos-67
922. +node.max_local_storage_nodes: 1
923. +
924. +#################################### Index ####################################
925. +
926. +index.mapper.dynamic: true
927. +action.auto_create_index: true
928. +action.disable_delete_all_indices: true
929. +
930. +#################################### Paths ####################################
931. +
932. +path.conf: /usr/local/etc/elasticsearch
933. +path.data: /usr/local/var/data/elasticsearch
934. +path.logs: /usr/local/var/log/elasticsearch
935. +
936. +#################################### Plugin ###################################
937. +
938. +
939. +################################### Memory ####################################
940. +
941. +bootstrap.mlockall: true
942. +
943. +############################## Network And HTTP ###############################
944. +
945. +http.port: 9200
946. +
947. +################################### Gateway ###################################
948. +
949. +gateway.expected_nodes: 1
950. +
951. +############################# Recovery Throttling #############################
952. +
953. +
954. +################################## Discovery ##################################
955. +
956. +
957. +discovery.zen.minimum_master_nodes: 1
958. +discovery.zen.ping.multicast.enabled: true
959. +
960. +cloud.node.auto_attributes: true
961. +
962. +
963. +################################## Slow Log ###################################
964. +
965. +
966. +################################## GC Logging #################################
967. +
968. +
969. +################################## JMX ########################################
970. +
971. +
972. +################################## Custom #####################################
973. +
974. - change mode from '' to '0755'
975. - change owner from '' to 'elasticsearch'
976. - change group from '' to 'elasticsearch'
977. - restore selinux security context
978. * template[logging.yml] action create
979. - create new file /usr/local/etc/elasticsearch/logging.yml
980. - update content in file /usr/local/etc/elasticsearch/logging.yml from none to c798a9
981. --- /usr/local/etc/elasticsearch/logging.yml 2016-04-19 13:38:22.174944553 +0000
982. +++ /tmp/chef-rendered-template20160419-6294-2b9pc0 2016-04-19 13:38:22.174944553 +0000
983. @@ -1 +1,72 @@
984. +# This file is managed by Chef, do not edit manually, your changes *will* be overwritten!
985. +#
986. +# Please see the source file for context and more information:
987. +#
988. +# https://github.com/elasticsearch/elasticsearch/blob/master/config/logging.yml
989. +#
990. +# Any settings configured under the `node.elasticsearch.logging`
991. +# node attribute will be automatically used.
992. +#
993. +# So, for example when you set these attributes in your node configuration,
994. +# `elasticsearch/settings` data bag, role/environment definition, etc:
995. +#
996. +# // ...
997. +# :logging => {
998. +# :discovery => 'TRACE',
999. +# 'index.indexing.slowlog' => 'INFO, index_indexing_slow_log_file'
1000. +# }
1001. +# // ...
1002. +#
1003. +# the relevant configuration will be printed into the `logging.yml` file:
1004. +#
1005. +# // ...
1006. +# logger.discovery: TRACE
1007. +# logger.index.indexing.slowlog: INFO, index_indexing_slow_log_file
1008. +# // ...
1009. +#
1010. +
1011. +es.logger.level: INFO
1012. +rootLogger: INFO, console, file
1013. +
1014. +# ----- Configuration set by Chef ---------------------------------------------
1015. +logger.action: DEBUG
1016. +logger.com.amazonaws: WARN
1017. +logger.index.indexing.slowlog: TRACE, index_indexing_slow_log_file
1018. +logger.index.search.slowlog: TRACE, index_search_slow_log_file
1019. +# -----------------------------------------------------------------------------
1020. +
1021. +additivity:
1022. + index.search.slowlog: false
1023. + index.indexing.slowlog: false
1024. +
1025. +appender:
1026. + console:
1027. + type: console
1028. + layout:
1029. + type: consolePattern
1030. + conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
1031. +
1032. + file:
1033. + type: dailyRollingFile
1034. + file: ${path.logs}/${cluster.name}.log
1035. + datePattern: "'.'yyyy-MM-dd"
1036. + layout:
1037. + type: pattern
1038. + conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
1039. +
1040. + index_search_slow_log_file:
1041. + type: dailyRollingFile
1042. + file: ${path.logs}/${cluster.name}_index_search_slowlog.log
1043. + datePattern: "'.'yyyy-MM-dd"
1044. + layout:
1045. + type: pattern
1046. + conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
1047. +
1048. + index_indexing_slow_log_file:
1049. + type: dailyRollingFile
1050. + file: ${path.logs}/${cluster.name}_index_indexing_slowlog.log
1051. + datePattern: "'.'yyyy-MM-dd"
1052. + layout:
1053. + type: pattern
1054. + conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"
1055. - change mode from '' to '0755'
1056. - change owner from '' to 'elasticsearch'
1057. - change group from '' to 'elasticsearch'
1058. - restore selinux security context
1059. Recipe: graylog2::default
1060. * remote_file[/tmp/kitchen/cache/graylog-1.3-repository-el6_latest.rpm] action create_if_missing
1061. - create new file /tmp/kitchen/cache/graylog-1.3-repository-el6_latest.rpm
1062. - update content in file /tmp/kitchen/cache/graylog-1.3-repository-el6_latest.rpm from none to f91680
1063. (new content is binary, diff output suppressed)
1064. - restore selinux security context
1065. * execute[apt-update] action nothing (skipped due to action :nothing)
1066. * execute[yum-clean] action nothing (skipped due to action :nothing)
1067. * yum_package[graylog-1.3-repository-el6_latest.rpm] action install
1068. - install version 1.3.0-1 of package graylog-1.3-repository-el6_latest.rpm
1069. * execute[yum-clean] action run
1070. - execute yum clean all
1071. Recipe: graylog2::server
1072. * yum_package[tzdata-java] action install
1073. - install version 2016c-1.el6 of package tzdata-java
1074. * yum_package[graylog-server] action install
1075. - install version 1.3.2-1 of package graylog-server
1076. * directory[/var/run/graylog] action create
1077. - create new directory /var/run/graylog
1078. - change owner from '' to 'graylog'
1079. - change group from '' to 'graylog'
1080. - restore selinux security context
1081. * directory[/var/log/graylog-server] action create (up to date)
1082. * service[graylog-server] action nothing (skipped due to action :nothing)
1083. * template[/etc/graylog/server/server.conf] action create
1084. - update content in file /etc/graylog/server/server.conf from b000d4 to f19119
1085. --- /etc/graylog/server/server.conf 2015-12-18 15:30:32.000000000 +0000
1086. +++ /tmp/chef-rendered-template20160419-6294-1m1w7x4 2016-04-19 13:39:34.210944556 +0000
1087. @@ -1,420 +1,131 @@
1088. -# If you are running more than one instances of graylog2-server you have to select one of these
1089. -# instances as master. The master will perform some periodical tasks that non-masters won't perform.
1090. +# Cluster settings
1091. is_master = true
1092. -
1093. -# The auto-generated node ID will be stored in this file and read after restarts. It is a good idea
1094. -# to use an absolute file path here if you are starting graylog2-server from init scripts or similar.
1095. node_id_file = /etc/graylog/server/node-id
1096.  
1097. -# You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
1098. -# Generate one by using for example: pwgen -N 1 -s 96
1099. -password_secret =
1100. +# General
1101. +dashboard_widget_default_cache_time = 10s
1102.  
1103. -# The default root user is named 'admin'
1104. -#root_username = admin
1105. +# Access secrets
1106. +password_secret = "secretfromdatabag"
1107. +root_username = admin
1108. +root_password_sha2 = 4813494d137e1631bba301d5acab6e7bb7aa74ce1185d456565ef51d737677b2
1109.  
1110. -# You MUST specify a hash password for the root user (which you only need to initially set up the
1111. -# system and in case you lose connectivity to your authentication backend)
1112. -# This password cannot be changed using the API or via the web interface. If you need to change it,
1113. -# modify it in this file.
1114. -# Create one by using for example: echo -n yourpassword | shasum -a 256
1115. -# and put the resulting hash value into the following line
1116. -root_password_sha2 =
1117. -
1118. -# The email address of the root user.
1119. -# Default is empty
1120. -#root_email = ""
1121. -
1122. -# The time zone setting of the root user.
1123. -# The configured time zone must be parseable by http://www.joda.org/joda-time/apidocs/org/joda/time/DateTimeZone.html#forID-java.lang.String-
1124. -# Default is UTC
1125. -#root_timezone = UTC
1126. -
1127. -# Set plugin directory here (relative or absolute)
1128. +# Plugins
1129. plugin_dir = /usr/share/graylog-server/plugin
1130.  
1131. -# REST API listen URI. Must be reachable by other graylog2-server nodes if you run a cluster.
1132. -rest_listen_uri = http://127.0.0.1:12900/
1133. +# REST interface
1134. +rest_listen_uri = http://0.0.0.0:12900
1135. +rest_transport_uri = http://10.0.2.15:12900/
1136. +rest_tls_key_password = tlskeyfromdatabag
1137.  
1138. -# REST API transport address. Defaults to the value of rest_listen_uri. Exception: If rest_listen_uri
1139. -# is set to a wildcard IP address (0.0.0.0) the first non-loopback IPv4 system address is used.
1140. -# If set, his will be promoted in the cluster discovery APIs, so other nodes may try to connect on
1141. -# this address and it is used to generate URLs addressing entities in the REST API. (see rest_listen_uri)
1142. -# You will need to define this, if your Graylog server is running behind a HTTP proxy that is rewriting
1143. -# the scheme, host name or URI.
1144. -#rest_transport_uri = http://192.168.1.1:12900/
1145. +# Search options
1146. +allow_leading_wildcard_searches = false
1147. +allow_highlighting = false
1148.  
1149. -# Enable CORS headers for REST API. This is necessary for JS-clients accessing the server directly.
1150. -# If these are disabled, modern browsers will not be able to retrieve resources from the server.
1151. -# This is disabled by default. Uncomment the next line to enable it.
1152. -#rest_enable_cors = true
1153. -
1154. -# Enable GZIP support for REST API. This compresses API responses and therefore helps to reduce
1155. -# overall round trip times. This is disabled by default. Uncomment the next line to enable it.
1156. -#rest_enable_gzip = true
1157. -
1158. -# Enable HTTPS support for the REST API. This secures the communication with the REST API with
1159. -# TLS to prevent request forgery and eavesdropping. This is disabled by default. Uncomment the
1160. -# next line to enable it.
1161. -#rest_enable_tls = true
1162. -
1163. -# The X.509 certificate file to use for securing the REST API.
1164. -#rest_tls_cert_file = /path/to/graylog2.crt
1165. -
1166. -# The private key to use for securing the REST API.
1167. -#rest_tls_key_file = /path/to/graylog2.key
1168. -
1169. -# The password to unlock the private key used for securing the REST API.
1170. -#rest_tls_key_password = secret
1171. -
1172. -# The maximum size of a single HTTP chunk in bytes.
1173. -#rest_max_chunk_size = 8192
1174. -
1175. -# The maximum size of the HTTP request headers in bytes.
1176. -#rest_max_header_size = 8192
1177. -
1178. -# The maximal length of the initial HTTP/1.1 line in bytes.
1179. -#rest_max_initial_line_length = 4096
1180. -
1181. -# The size of the execution handler thread pool used exclusively for serving the REST API.
1182. -#rest_thread_pool_size = 16
1183. -
1184. -# The size of the worker thread pool used exclusively for serving the REST API.
1185. -#rest_worker_threads_max_pool_size = 16
1186. -
1187. -# Embedded Elasticsearch configuration file
1188. -# pay attention to the working directory of the server, maybe use an absolute path here
1189. -#elasticsearch_config_file = /etc/graylog/server/elasticsearch.yml
1190. -
1191. -# Graylog will use multiple indices to store documents in. You can configured the strategy it uses to determine
1192. -# when to rotate the currently active write index.
1193. -# It supports multiple rotation strategies:
1194. -# - "count" of messages per index, use elasticsearch_max_docs_per_index below to configure
1195. -# - "size" per index, use elasticsearch_max_size_per_index below to configure
1196. -# valid values are "count", "size" and "time", default is "count"
1197. +# Elasticsearch
1198. +elasticsearch_node_master = false
1199. +elasticsearch_node_data = false
1200. +elasticsearch_http_enabled = false
1201. +elasticsearch_config_file = /etc/graylog-elasticsearch.yml
1202. rotation_strategy = count
1203. -
1204. -# (Approximate) maximum number of documents in an Elasticsearch index before a new index
1205. -# is being created, also see no_retention and elasticsearch_max_number_of_indices.
1206. -# Configure this if you used 'rotation_strategy = count' above.
1207. elasticsearch_max_docs_per_index = 20000000
1208. -
1209. -# (Approximate) maximum size in bytes per Elasticsearch index on disk before a new index is being created, also see
1210. -# no_retention and elasticsearch_max_number_of_indices. Default is 1GB.
1211. -# Configure this if you used 'rotation_strategy = size' above.
1212. -#elasticsearch_max_size_per_index = 1073741824
1213. -
1214. -# (Approximate) maximum time before a new Elasticsearch index is being created, also see
1215. -# no_retention and elasticsearch_max_number_of_indices. Default is 1 day.
1216. -# Configure this if you used 'rotation_strategy = time' above.
1217. -# Please note that this rotation period does not look at the time specified in the received messages, but is
1218. -# using the real clock value to decide when to rotate the index!
1219. -# Specify the time using a duration and a suffix indicating which unit you want:
1220. -# 1w = 1 week
1221. -# 1d = 1 day
1222. -# 12h = 12 hours
1223. -# Permitted suffixes are: d for day, h for hour, m for minute, s for second.
1224. -#elasticsearch_max_time_per_index = 1d
1225. -
1226. -# Disable checking the version of Elasticsearch for being compatible with this Graylog release.
1227. -# WARNING: Using Graylog with unsupported and untested versions of Elasticsearch may lead to data loss!
1228. -#elasticsearch_disable_version_check = true
1229. -
1230. -# Disable message retention on this node, i. e. disable Elasticsearch index rotation.
1231. -#no_retention = false
1232. -
1233. -# How many indices do you want to keep?
1234. +elasticsearch_max_size_per_index = 1073741824
1235. +elasticsearch_max_time_per_index = 1d
1236. elasticsearch_max_number_of_indices = 20
1237. -
1238. -# Decide what happens with the oldest indices when the maximum number of indices is reached.
1239. -# The following strategies are availble:
1240. -# - delete # Deletes the index completely (Default)
1241. -# - close # Closes the index and hides it from the system. Can be re-opened later.
1242. retention_strategy = delete
1243. -
1244. -# How many Elasticsearch shards and replicas should be used per index? Note that this only applies to newly created indices.
1245. elasticsearch_shards = 4
1246. elasticsearch_replicas = 0
1247. -
1248. -# Prefix for all Elasticsearch indices and index aliases managed by Graylog.
1249. elasticsearch_index_prefix = graylog2
1250. -
1251. -# Name of the Elasticsearch index template used by Graylog to apply the mandatory index mapping.
1252. -# # Default: graylog-internal
1253. -#elasticsearch_template_name = graylog-internal
1254. -
1255. -# Do you want to allow searches with leading wildcards? This can be extremely resource hungry and should only
1256. -# be enabled with care. See also: https://www.graylog.org/documentation/general/queries/
1257. -allow_leading_wildcard_searches = false
1258. -
1259. -# Do you want to allow searches to be highlighted? Depending on the size of your messages this can be memory hungry and
1260. -# should only be enabled after making sure your Elasticsearch cluster has enough memory.
1261. -allow_highlighting = false
1262. -
1263. -# settings to be passed to elasticsearch's client (overriding those in the provided elasticsearch_config_file)
1264. -# all these
1265. -# this must be the same as for your Elasticsearch cluster
1266. -#elasticsearch_cluster_name = graylog2
1267. -
1268. -# you could also leave this out, but makes it easier to identify the graylog2 client instance
1269. -#elasticsearch_node_name = graylog2-server
1270. -
1271. -# we don't want the graylog2 server to store any data, or be master node
1272. -#elasticsearch_node_master = false
1273. -#elasticsearch_node_data = false
1274. -
1275. -# use a different port if you run multiple Elasticsearch nodes on one machine
1276. -#elasticsearch_transport_tcp_port = 9350
1277. -
1278. -# we don't need to run the embedded HTTP server here
1279. -#elasticsearch_http_enabled = false
1280. -
1281. -#elasticsearch_discovery_zen_ping_multicast_enabled = false
1282. -#elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300
1283. -
1284. -# Change the following setting if you are running into problems with timeouts during Elasticsearch cluster discovery.
1285. -# The setting is specified in milliseconds, the default is 5000ms (5 seconds).
1286. -#elasticsearch_cluster_discovery_timeout = 5000
1287. -
1288. -# the following settings allow to change the bind addresses for the Elasticsearch client in graylog2
1289. -# these settings are empty by default, letting Elasticsearch choose automatically,
1290. -# override them here or in the 'elasticsearch_config_file' if you need to bind to a special address
1291. -# refer to http://www.elasticsearch.org/guide/en/elasticsearch/reference/0.90/modules-network.html
1292. -# for special values here
1293. -#elasticsearch_network_host =
1294. -#elasticsearch_network_bind_host =
1295. -#elasticsearch_network_publish_host =
1296. -
1297. -# The total amount of time discovery will look for other Elasticsearch nodes in the cluster
1298. -# before giving up and declaring the current node master.
1299. -#elasticsearch_discovery_initial_state_timeout = 3s
1300. -
1301. -# Analyzer (tokenizer) to use for message and full_message field. The "standard" filter usually is a good idea.
1302. -# All supported analyzers are: standard, simple, whitespace, stop, keyword, pattern, language, snowball, custom
1303. -# Elasticsearch documentation: http://www.elasticsearch.org/guide/reference/index-modules/analysis/
1304. -# Note that this setting only takes effect on newly created indices.
1305. +elasticsearch_cluster_name = graylog2
1306. +elasticsearch_node_name = graylog2-server
1307. +elasticsearch_transport_tcp_port = 9350
1308. +elasticsearch_discovery_zen_ping_multicast_enabled = false
1309. +elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300
1310. elasticsearch_analyzer = standard
1311. -
1312. -# Global request timeout for Elasticsearch requests (e. g. during search, index creation, or index time-range
1313. -# calculations) based on a best-effort to restrict the runtime of Elasticsearch operations.
1314. -# Default: 1m
1315. -#elasticsearch_request_timeout = 1m
1316. -
1317. -# Time interval for index range information cleanups. This setting defines how often stale index range information
1318. -# is being purged from the database.
1319. -# Default: 1h
1320. -#index_ranges_cleanup_interval = 1h
1321. -
1322. -# Batch size for the Elasticsearch output. This is the maximum (!) number of messages the Elasticsearch output
1323. -# module will get at once and write to Elasticsearch in a batch call. If the configured batch size has not been
1324. -# reached within output_flush_interval seconds, everything that is available will be flushed at once. Remember
1325. -# that every outputbuffer processor manages its own batch and performs its own batch write calls.
1326. -# ("outputbuffer_processors" variable)
1327. output_batch_size = 500
1328. -
1329. -# Flush interval (in seconds) for the Elasticsearch output. This is the maximum amount of time between two
1330. -# batches of messages written to Elasticsearch. It is only effective at all if your minimum number of messages
1331. -# for this time period is less than output_batch_size * outputbuffer_processors.
1332. output_flush_interval = 1
1333. -
1334. -# As stream outputs are loaded only on demand, an output which is failing to initialize will be tried over and
1335. -# over again. To prevent this, the following configuration options define after how many faults an output will
1336. -# not be tried again for an also configurable amount of seconds.
1337. output_fault_count_threshold = 5
1338. output_fault_penalty_seconds = 30
1339.  
1340. -# The number of parallel running processors.
1341. -# Raise this number if your buffers are filling up.
1342. +# Processors
1343. processbuffer_processors = 5
1344. outputbuffer_processors = 3
1345. -
1346. -#outputbuffer_processor_keep_alive_time = 5000
1347. -#outputbuffer_processor_threads_core_pool_size = 3
1348. -#outputbuffer_processor_threads_max_pool_size = 30
1349. -
1350. -# UDP receive buffer size for all message inputs (e. g. SyslogUDPInput).
1351. -#udp_recvbuffer_sizes = 1048576
1352. -
1353. -# Wait strategy describing how buffer processors wait on a cursor sequence. (default: sleeping)
1354. -# Possible types:
1355. -# - yielding
1356. -# Compromise between performance and CPU usage.
1357. -# - sleeping
1358. -# Compromise between performance and CPU usage. Latency spikes can occur after quiet periods.
1359. -# - blocking
1360. -# High throughput, low latency, higher CPU usage.
1361. -# - busy_spinning
1362. -# Avoids syscalls which could introduce latency jitter. Best when threads can be bound to specific CPU cores.
1363. +async_eventbus_processors = 2
1364. +outputbuffer_processor_keep_alive_time = 5000
1365. +outputbuffer_processor_threads_core_pool_size = 3
1366. +outputbuffer_processor_threads_max_pool_size = 30
1367. processor_wait_strategy = blocking
1368. -
1369. -# Size of internal ring buffers. Raise this if raising outputbuffer_processors does not help anymore.
1370. -# For optimum performance your LogMessage objects in the ring buffer should fit in your CPU L3 cache.
1371. -# Start server with --statistics flag to see buffer utilization.
1372. -# Must be a power of 2. (512, 1024, 2048, ...)
1373. -ring_size = 65536
1374. -
1375. +udp_recvbuffer_sizes = 1048576
1376. inputbuffer_ring_size = 65536
1377. inputbuffer_processors = 2
1378. inputbuffer_wait_strategy = blocking
1379.  
1380. -# Enable the disk based message journal.
1381. +# Message journal
1382. message_journal_enabled = true
1383. -
1384. -# The directory which will be used to store the message journal. The directory must me exclusively used by Graylog and
1385. -# must not contain any other files than the ones created by Graylog itself.
1386. message_journal_dir = /var/lib/graylog-server/journal
1387. +message_journal_max_age = 12h
1388. +message_journal_max_size = 5gb
1389. +message_journal_flush_age = 1m
1390. +message_journal_flush_interval = 1000000
1391. +message_journal_segment_age = 1h
1392. +message_journal_segment_size = 100mb
1393.  
1394. -# Journal hold messages before they could be written to Elasticsearch.
1395. -# For a maximum of 12 hours or 5 GB whichever happens first.
1396. -# During normal operation the journal will be smaller.
1397. -#message_journal_max_age = 12h
1398. -#message_journal_max_size = 5gb
1399. +# Timeouts
1400. +output_module_timeout = 10000
1401. +stale_master_timeout = 2000
1402. +shutdown_timeout = 30000
1403. +ldap_connection_timeout = 2000
1404. +http_connect_timeout = 5s
1405. +http_read_timeout = 10s
1406. +http_write_timeout = 10s
1407. +stream_processing_timeout = 2000
1408. +elasticsearch_cluster_discovery_timeout = 5000
1409. +elasticsearch_discovery_initial_state_timeout = 3s
1410. +elasticsearch_request_timeout = 1m
1411.  
1412. -#message_journal_flush_age = 1m
1413. -#message_journal_flush_interval = 1000000
1414. -#message_journal_segment_age = 1h
1415. -#message_journal_segment_size = 100mb
1416. +# Ring buffers
1417. +ring_size = 65536
1418.  
1419. -# Number of threads used exclusively for dispatching internal events. Default is 2.
1420. -#async_eventbus_processors = 2
1421. -
1422. -# EXPERIMENTAL: Dead Letters
1423. -# Every failed indexing attempt is logged by default and made visible in the web-interface. You can enable
1424. -# the experimental dead letters feature to write every message that was not successfully indexed into the
1425. -# MongoDB "dead_letters" collection to make sure that you never lose a message. The actual writing of dead
1426. -# letter should work fine already but it is not heavily tested yet and will get more features in future
1427. -# releases.
1428. -dead_letters_enabled = false
1429. -
1430. -# How many seconds to wait between marking node as DEAD for possible load balancers and starting the actual
1431. -# shutdown process. Set to 0 if you have no status checking load balancers in front.
1432. +# Load balancing
1433. lb_recognition_period_seconds = 3
1434.  
1435. -# Every message is matched against the configured streams and it can happen that a stream contains rules which
1436. -# take an unusual amount of time to run, for example if its using regular expressions that perform excessive backtracking.
1437. -# This will impact the processing of the entire server. To keep such misbehaving stream rules from impacting other
1438. -# streams, Graylog limits the execution time for each stream.
1439. -# The default values are noted below, the timeout is in milliseconds.
1440. -# If the stream matching for one stream took longer than the timeout value, and this happened more than "max_faults" times
1441. -# that stream is disabled and a notification is shown in the web interface.
1442. -#stream_processing_timeout = 2000
1443. -#stream_processing_max_faults = 3
1444. +# Stream processing
1445. +stream_processing_max_faults = 3
1446.  
1447. -# Length of the interval in seconds in which the alert conditions for all streams should be checked
1448. -# and alarms are being sent.
1449. -#alert_check_interval = 60
1450. +# Intervals
1451.  
1452. -# Since 0.21 the graylog2 server supports pluggable output modules. This means a single message can be written to multiple
1453. -# outputs. The next setting defines the timeout for a single output module, including the default output module where all
1454. -# messages end up.
1455. -#
1456. -# Time in milliseconds to wait for all message outputs to finish writing a single message.
1457. -#output_module_timeout = 10000
1458. -
1459. -# Time in milliseconds after which a detected stale master node is being rechecked on startup.
1460. -#stale_master_timeout = 2000
1461. -
1462. -# Time in milliseconds which Graylog is waiting for all threads to stop on shutdown.
1463. -#shutdown_timeout = 30000
1464. -
1465. -# MongoDB connection string
1466. -# See http://docs.mongodb.org/manual/reference/connection-string/ for details
1467. -mongodb_uri = mongodb://localhost/graylog2
1468. -
1469. -# Authenticate against the MongoDB server
1470. -#mongodb_uri = mongodb://grayloguser:secret@localhost:27017/graylog2
1471. -
1472. -# Use a replica set instead of a single host
1473. -#mongodb_uri = mongodb://grayloguser:secret@localhost:27017,localhost:27018,localhost:27019/graylog2
1474. -
1475. -# Increase this value according to the maximum connections your MongoDB server can handle from a single client
1476. -# if you encounter MongoDB connection problems.
1477. +# MongoDB Configuration
1478. +mongodb_uri = mongodb://127.0.0.1:27017/graylog2
1479. mongodb_max_connections = 100
1480. -
1481. -# Number of threads allowed to be blocked by MongoDB connections multiplier. Default: 5
1482. -# If mongodb_max_connections is 100, and mongodb_threads_allowed_to_block_multiplier is 5,
1483. -# then 500 threads can block. More than that and an exception will be thrown.
1484. -# http://api.mongodb.org/java/current/com/mongodb/MongoOptions.html#threadsAllowedToBlockForConnectionMultiplier
1485. mongodb_threads_allowed_to_block_multiplier = 5
1486.  
1487. # Drools Rule File (Use to rewrite incoming log messages)
1488. -# See: https://www.graylog.org/documentation/general/rewriting/
1489. -#rules_file = /etc/graylog/server/rules.drl
1490. +# See: http://docs.graylog.org/en/1.0/pages/drools.html
1491.  
1492. # Email transport
1493. -#transport_email_enabled = false
1494. -#transport_email_hostname = mail.example.com
1495. -#transport_email_port = 587
1496. -#transport_email_use_auth = true
1497. -#transport_email_use_tls = true
1498. -#transport_email_use_ssl = true
1499. -#transport_email_auth_username = you@example.com
1500. -#transport_email_auth_password = secret
1501. -#transport_email_subject_prefix = [graylog2]
1502. -#transport_email_from_email = graylog2@example.com
1503. +transport_email_enabled = false
1504. +transport_email_hostname = mail.example.com
1505. +transport_email_port = 587
1506. +transport_email_use_auth = true
1507. +transport_email_use_tls = true
1508. +transport_email_use_ssl = true
1509. +transport_email_auth_username = you@example.com
1510. +transport_email_auth_password = secret
1511. +transport_email_subject_prefix = [graylog]
1512. +transport_email_from_email = graylog@example.com
1513.  
1514. -# Specify and uncomment this if you want to include links to the stream in your stream alert mails.
1515. -# This should define the fully qualified base url to your web interface exactly the same way as it is accessed by your users.
1516. -#transport_email_web_interface_url = https://graylog2.example.com
1517. +# HTTP proxy for outgoing HTTP calls
1518.  
1519. -# The default connect timeout for outgoing HTTP connections.
1520. -# Values must be a positive duration (and between 1 and 2147483647 when converted to milliseconds).
1521. -# Default: 5s
1522. -#http_connect_timeout = 5s
1523. +# GC
1524.  
1525. -# The default read timeout for outgoing HTTP connections.
1526. -# Values must be a positive duration (and between 1 and 2147483647 when converted to milliseconds).
1527. -# Default: 10s
1528. -#http_read_timeout = 10s
1529. +# Collector
1530. +collector_inactive_threshold = 1m
1531. +collector_expiration_threshold = 14d
1532.  
1533. -# The default write timeout for outgoing HTTP connections.
1534. -# Values must be a positive duration (and between 1 and 2147483647 when converted to milliseconds).
1535. -# Default: 10s
1536. -#http_write_timeout = 10s
1537. -
1538. -# HTTP proxy for outgoing HTTP connections
1539. -#http_proxy_uri =
1540. -
1541. -# Disable the optimization of Elasticsearch indices after index cycling. This may take some load from Elasticsearch
1542. -# on heavily used systems with large indices, but it will decrease search performance. The default is to optimize
1543. -# cycled indices.
1544. -#disable_index_optimization = true
1545. -
1546. -# Optimize the index down to <= index_optimization_max_num_segments. A higher number may take some load from Elasticsearch
1547. -# on heavily used systems with large indices, but it will decrease search performance. The default is 1.
1548. -#index_optimization_max_num_segments = 1
1549. -
1550. -# The threshold of the garbage collection runs. If GC runs take longer than this threshold, a system notification
1551. -# will be generated to warn the administrator about possible problems with the system. Default is 1 second.
1552. -#gc_warning_threshold = 1s
1553. -
1554. -# Connection timeout for a configured LDAP server (e. g. ActiveDirectory) in milliseconds.
1555. -#ldap_connection_timeout = 2000
1556. -
1557. -# Enable collection of Graylog-related metrics into MongoDB
1558. -# WARNING: This will add *a lot* of data into your MongoDB database on a regular interval (1 second)!
1559. -# DEPRECATED: This setting and the respective feature will be removed in a future version of Graylog.
1560. -#enable_metrics_collection = false
1561. -
1562. -# Disable the use of SIGAR for collecting system stats
1563. -#disable_sigar = false
1564. -
1565. -# Amount of time of inactivity after which collectors are flagged as inactive (Default: 1 minute)
1566. -#collector_inactive_threshold = 1m
1567. -
1568. -# Amount of time after which inactive collectors are purged (Default: 14 days)
1569. -#collector_expiration_threshold = 14d
1570. -
1571. -# The default cache time for dashboard widgets. (Default: 10 seconds, minimum: 1 second)
1572. -#dashboard_widget_default_cache_time = 10s
1573. -
1574. -# Automatically load content packs in "content_packs_dir" on the first start of Graylog.
1575. -#content_packs_loader_enabled = true
1576. -
1577. -# The directory which contains content packs which should be loaded on the first start of Graylog.
1578. +# Content packs
1579. +content_packs_loader_enabled = false
1580. content_packs_dir = /usr/share/graylog-server/contentpacks
1581. -
1582. -# A comma-separated list of content packs (files in "content_packs_dir") which should be applied on
1583. -# the first start of Graylog.
1584. content_packs_auto_load = grok-patterns.json
1585. +
1586. +# Additional options
1587. - change mode from '0644' to '0640'
1588. - change group from 'root' to 'graylog'
1589. - restore selinux security context
1590. * template[/etc/sysconfig/graylog-server] action create
1591. - update content in file /etc/sysconfig/graylog-server from e407db to dbb389
1592. --- /etc/sysconfig/graylog-server 2015-12-18 15:30:32.000000000 +0000
1593. +++ /tmp/chef-rendered-template20160419-6294-1qkyxx5 2016-04-19 13:39:34.352015056 +0000
1594. @@ -1,8 +1,10 @@
1595. # Path to the java executable.
1596. -JAVA=/usr/bin/java
1597. +JAVA="/usr/bin/java"
1598. +JAVA_HOME=""
1599. +export JAVA_HOME
1600.  
1601. -# Default Java options for heap and garbage collection.
1602. -GRAYLOG_SERVER_JAVA_OPTS="-Xms1g -Xmx1g -XX:NewRatio=1 -XX:PermSize=128m -XX:MaxPermSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow"
1603. +# Might be used to adjust the Java heap size. (i.e. "-Xms1024m -Xmx2048m")
1604. +GRAYLOG_SERVER_JAVA_OPTS="-Djava.net.preferIPv4Stack=true -Xms1g -Xmx1g -XX:NewRatio=1 -XX:PermSize=128m -XX:MaxPermSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow"
1605.  
1606. # Pass some extra args to graylog-server. (i.e. "-d" to enable debug mode)
1607. GRAYLOG_SERVER_ARGS=""
1608. @@ -10,4 +12,6 @@
1609. # Program that will be used to wrap the graylog-server command. Useful to
1610. # support programs like authbind.
1611. GRAYLOG_COMMAND_WRAPPER=""
1612. +
1613. +# Additional environment variables
1614. - restore selinux security context
1615. * template[/etc/graylog/server/log4j.xml] action create
1616. - change mode from '0644' to '0640'
1617. - change group from 'root' to 'graylog'
1618. - restore selinux security context
1619. * template[/etc/graylog-elasticsearch.yml] action create
1620. - create new file /etc/graylog-elasticsearch.yml
1621. - update content in file /etc/graylog-elasticsearch.yml from none to 21fe6d
1622. --- /etc/graylog-elasticsearch.yml 2016-04-19 13:39:34.588133057 +0000
1623. +++ /tmp/chef-rendered-template20160419-6294-38cyay 2016-04-19 13:39:34.588133057 +0000
1624. @@ -1 +1,67 @@
1625. +# this must be the same as for your elasticsearch cluster
1626. +cluster.name: graylog2
1627. +
1628. +# you could also leave this out, but makes it easier to identify the graylog2 client instance
1629. +node.name: "graylog2-server"
1630. +
1631. +# we don't want the graylog2 client to store any data, or be master node
1632. +node.master: false
1633. +node.data: false
1634. +
1635. +# you might need to bind to a certain IP address, do that here
1636. +#network.host: 172.24.0.14
1637. +# use a different port if you run multiple elasticsearch nodes on one machine
1638. +transport.tcp.port: 9350
1639. +
1640. +# we don't need to run the embedded HTTP server here
1641. +http.enabled: false
1642. +
1643. +# adapt these for discovery to work in your network! multicast can be tricky
1644. +#discovery.zen.ping.multicast.address: 172.24.0.14
1645. +#discovery.zen.ping.multicast.group: 224.0.0.1
1646. +
1647. +
1648. +################################## Discovery ##################################
1649. +
1650. +# Discovery infrastructure ensures nodes can be found within a cluster
1651. +# and master node is elected. Multicast discovery is the default.
1652. +
1653. +# Set to ensure a node sees N other master eligible nodes to be considered
1654. +# operational within the cluster. Set this option to a higher value (2-4)
1655. +# for large clusters (>3 nodes):
1656. +#
1657. +# discovery.zen.minimum_master_nodes: 1
1658. +
1659. +# Set the time to wait for ping responses from other nodes when discovering.
1660. +# Set this option to a higher value on a slow or congested network
1661. +# to minimize discovery failures:
1662. +#
1663. +# discovery.zen.ping.timeout: 3s
1664. +
1665. +# See <http://elasticsearch.org/guide/reference/modules/discovery/zen.html>
1666. +# for more information.
1667. +
1668. +# Unicast discovery allows to explicitly control which nodes will be used
1669. +# to discover the cluster. It can be used when multicast is not present,
1670. +# or to restrict the cluster communication-wise.
1671. +#
1672. +# 1. Disable multicast discovery (enabled by default):
1673. +#
1674. +discovery.zen.ping.multicast.enabled: false
1675. +
1676. +#
1677. +# 2. Configure an initial list of master nodes in the cluster
1678. +# to perform discovery when new nodes (master or data) are started:
1679. +#
1680. +discovery.zen.ping.unicast.hosts: 127.0.0.1:9300
1681. +
1682. +# EC2 discovery allows to use AWS EC2 API in order to perform discovery.
1683. +#
1684. +# You have to install the cloud-aws plugin for enabling the EC2 discovery.
1685. +#
1686. +# See <http://elasticsearch.org/guide/reference/modules/discovery/ec2.html>
1687. +# for more information.
1688. +#
1689. +# See <http://elasticsearch.org/tutorials/2011/08/22/elasticsearch-on-ec2.html>
1690. +# for a step-by-step tutorial.
1691. - change mode from '' to '0640'
1692. - change owner from '' to 'root'
1693. - change group from '' to 'graylog'
1694. - restore selinux security context
1695. Recipe: graylog2::web
1696. * yum_package[graylog-web] action install
1697. - install version 1.3.2-1 of package graylog-web
1698. * directory[/var/log/graylog-web] action create (up to date)
1699. * service[graylog-web] action nothing (skipped due to action :nothing)
1700. * template[/etc/graylog/web/web.conf] action create
1701. - update content in file /etc/graylog/web/web.conf from f795aa to 9536da
1702. --- /etc/graylog/web/web.conf 2015-12-18 15:34:47.000000000 +0000
1703. +++ /tmp/chef-rendered-template20160419-6294-15tnmcv 2016-04-19 13:40:07.257459552 +0000
1704. @@ -1,37 +1,30 @@
1705. # graylog2-server REST URIs (one or more, comma separated) For example: "http://127.0.0.1:12900/,http://127.0.0.1:12910/"
1706. -graylog2-server.uris=""
1707. +graylog2-server.uris = "http://10.0.2.15:12900/"
1708.  
1709. -# Learn how to configure custom logging in the documentation:
1710. -# http://docs.graylog.org/en/latest/pages/installation.html#manual-setup-graylog-web-interface-on-linux
1711. -
1712. # Secret key
1713. # ~~~~~
1714. # The secret key is used to secure cryptographics functions. Set this to a long and randomly generated string.
1715. # If you deploy your application to several instances be sure to use the same key!
1716. -# Generate for example with: pwgen -N 1 -s 96
1717. -application.secret=""
1718. +# Generate for example with: pwgen -s 96
1719. +application.secret = "secretfromdatabag"
1720.  
1721. # Web interface timezone
1722. -# Graylog stores all timestamps in UTC. To properly display times, set the default timezone of the interface.
1723. -# If you leave this out, Graylog will pick your system default as the timezone. Usually you will want to configure it explicitly.
1724. -# timezone="Europe/Berlin"
1725. +# Graylog2 stores all timestamps in UTC. To properly display times, set the default timezone of the interface.
1726. +# If you leave this out, Graylog2 will pick your system default as the timezone. Usually you will want to configure it explicitly.
1727. +timezone = Europe/Berlin
1728.  
1729. # Message field limit
1730. # Your web interface can cause high load in your browser when you have a lot of different message fields. The default
1731. # limit of message fields is 100. Set it to 0 if you always want to get all fields. They are for example used in the
1732. # search result sidebar or for autocompletion of field names.
1733. -field_list_limit=100
1734. +field_list_limit = 100
1735.  
1736. -# Use this to run Graylog with a path prefix
1737. -#application.context=/graylog2
1738. +# Use this to run Graylog2 with a path prefix
1739.  
1740. -# You usually do not want to change this.
1741. -application.global=lib.Global
1742. +# Gelf Logging
1743.  
1744. -# Global timeout for communication with Graylog server nodes; default: 5s
1745. -#timeout.DEFAULT=5s
1746. +# Additional options
1747.  
1748. -# Accept any server certificate without checking for validity; required if using self-signed certificates.
1749. -# Default: true
1750. -# graylog2.client.accept-any-certificate=true
1751. +# You usually do not want to change this.
1752. +application.global=lib.Global
1753. - change mode from '0644' to '0640'
1754. - change group from 'root' to 'graylog-web'
1755. - restore selinux security context
1756. * template[/etc/sysconfig/graylog-web] action create
1757. - update content in file /etc/sysconfig/graylog-web from 88f660 to 82b9cb
1758. --- /etc/sysconfig/graylog-web 2015-12-18 15:34:47.000000000 +0000
1759. +++ /tmp/chef-rendered-template20160419-6294-133lcjl 2016-04-19 13:40:07.381521557 +0000
1760. @@ -1,14 +1,21 @@
1761. +# Path to the java executable.
1762. +JAVA="/usr/bin/java"
1763. +JAVA_HOME=""
1764. +export JAVA_HOME
1765. +
1766. # HTTP server settings.
1767. GRAYLOG_WEB_HTTP_ADDRESS="0.0.0.0"
1768. GRAYLOG_WEB_HTTP_PORT="9000"
1769.  
1770. # Might be used to adjust the Java heap size. (i.e. "-Xms1024m -Xmx2048m")
1771. -GRAYLOG_WEB_JAVA_OPTS=""
1772. +GRAYLOG_WEB_JAVA_OPTS="-Djava.net.preferIPv4Stack=true"
1773.  
1774. -# Pass some extra args to graylog-web. (i.e. "-d" to enable debug mode or "-java-home /usr/lib/jvm/java-1.8.0")
1775. +# Pass some extra args to graylog2-web. (i.e. "-d" to enable debug mode)
1776. GRAYLOG_WEB_ARGS=""
1777.  
1778. # Program that will be used to wrap the graylog-web command. Useful to
1779. # support programs like authbind.
1780. GRAYLOG_COMMAND_WRAPPER=""
1781. +
1782. +# Additional environment variables
1783. - restore selinux security context
1784. * template[/etc/graylog/web/logback.xml] action create
1785. - change mode from '0644' to '0640'
1786. - change group from 'root' to 'graylog-web'
1787. - restore selinux security context
1788. Recipe: graylog2::api_access
1789. * chef_gem[mongo] action install
1790. - install version 1.12.3 of package mongo
1791. * chef_gem[faraday] action install
1792. - install version 0.9.0 of package faraday
1793. * chef_gem[faraday-conductivity] action install
1794. - install version 0.3.0 of package faraday-conductivity
1795. * graylog2_api_check[api_check] action create[2016-04-19T13:45:31+00:00] FATAL: Couldn't connect to the Graylog2 API http://0.0.0.0:12900
1796.  
1797.  
1798. ================================================================================
1799. Error executing action `create` on resource 'graylog2_api_check[api_check]'
1800. ================================================================================
1801.  
1802. SystemExit
1803. ----------
1804. exit
1805.  
1806. Cookbook Trace:
1807. ---------------
1808. /tmp/kitchen/cache/cookbooks/graylog2/providers/api_check.rb:23:in `rescue in block in class_from_file'
1809. /tmp/kitchen/cache/cookbooks/graylog2/providers/api_check.rb:17:in `block in class_from_file'
1810.  
1811. Resource Declaration:
1812. ---------------------
1813. # In /tmp/kitchen/cache/cookbooks/graylog2/recipes/api_access.rb
1814.  
1815. 15: graylog2_api_check 'api_check'
1816. 16: Chef::Log.info 'Graylog2 API available, resume provision'
1817.  
1818. Compiled Resource:
1819. ------------------
1820. # Declared in /tmp/kitchen/cache/cookbooks/graylog2/recipes/api_access.rb:15:in `from_file'
1821.  
1822. graylog2_api_check("api_check") do
1823. action :create
1824. retries 0
1825. retry_delay 2
1826. default_guard_interpreter :default
1827. declared_type :graylog2_api_check
1828. cookbook_name "graylog2"
1829. recipe_name "api_access"
1830. end
1831.  
1832. Recipe: mongodb::default
1833. * service[mongod] action reload
1834. - reload service service[mongod]
1835. Recipe: elasticsearch::default
1836. * service[elasticsearch] action start
1837. - start service service[elasticsearch]
1838. * service[elasticsearch] action restart
1839. - restart service service[elasticsearch]
1840. Recipe: graylog2::server
1841. * service[graylog-server] action restart
1842. - restart service service[graylog-server]
1843. Recipe: graylog2::web
1844. * service[graylog-web] action restart
1845. - restart service service[graylog-web]
1846.  
1847. Running handlers:
1848. [2016-04-19T13:46:20+00:00] ERROR: Running exception handlers
1849. Running handlers complete
1850. [2016-04-19T13:46:20+00:00] ERROR: Exception handlers complete
1851. Chef Client failed. 72 resources updated in 802.614777113 seconds
1852. [2016-04-19T13:46:21+00:00] FATAL: Stacktrace dumped to /tmp/kitchen/cache/chef-stacktrace.out
1853. [2016-04-19T13:46:21+00:00] ERROR: graylog2_api_check[api_check] (graylog2::api_access line 15) had an error: SystemExit: exit
1854. [2016-04-19T13:46:22+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
1855. >>>>>> Converge failed on instance <default-centos-67>.
1856. >>>>>> Please see .kitchen/logs/default-centos-67.log for more details
1857. >>>>>> ------Exception-------
1858. >>>>>> Class: Kitchen::ActionFailed
1859. >>>>>> Message: SSH exited (1) for command: [sh -c '
1860.  
1861. sudo -E /opt/chef/bin/chef-client --local-mode --config /tmp/kitchen/client.rb --log_level warn --force-formatter --no-color --json-attributes /tmp/kitchen/dna.json --chef-zero-port 8889
1862. ']
1863. >>>>>> ----------------------
1864. zlib(finalizer): the stream was freed prematurely.
1865. ✔ ~/Development/chef/graylog2-cookbook [master|✚ 3…2⚑ 2]
1866. 08:46 $