Merge pull request #197 from Graylog2/pr-195

Pr 195
Graylog2 · Jan 13, 2025 · 062ba01 · 062ba01
2 parents 81b4c34 + c38dfe6
commit 062ba01
Show file tree

Hide file tree

Showing 9 changed files with 91 additions and 34 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -17,10 +17,10 @@ jobs:
         with:
           path: 'graylog2.graylog-ansible-role'
 
-      - name: Set up Python 3.
+      - name: Set up Python 3.9
         uses: actions/setup-python@v2
         with:
-          python-version: '3.x'
+          python-version: '3.9'
 
       - name: Install test dependencies.
         run: pip3 install yamllint
@@ -49,7 +49,7 @@ jobs:
       - name: Set up Python 3.
         uses: actions/setup-python@v2
         with:
-          python-version: '3.x'
+          python-version: '3.9'
 
       - name: Install test dependencies.
         run: pip3 install -r requirements.txt

diff --git a/README.md b/README.md
@@ -5,14 +5,17 @@
 
 ## Requirements
 
-- Ansible (> 2.5.0)
+- Ansible (2.13.13)
+- Python 3.9
 - At least 4gb of memory on the target instance.
   - Linux
     - Currently tested against:
         - Ubuntu 18.04
         - Ubuntu 20.04
+        - Ubuntu 22.04
         - Centos 7
         - Centos 8
+        - Centos 9
 
 To install the role, run:
 
@@ -33,10 +36,13 @@ Be certain you are running a supported version of Elasticsearch. You can configu
 
 **Compatibility Matrix**
 
-| Graylog version   | 3.x | 4.x |
-|:--------------|:-------------:|:-------------:|
-| Elasticsearch | 5-6 | 6.8 - 7.10 |
+| Graylog version   | 3.x |    4.x     | 5.x | 6.x |
+|:--------------|:-------------:|:----------:|:-------------:|:-------------:|
+| Elasticsearch | 5-6 | 6.8 - 7.10 | 6.8 - 7.10 | n/a |
+ | OpenSearch | |    1.x*    | 1.x - 2.x | 1.x - 2.x |
+*Graylog 4.3.x introduces support for OpenSearch.
 
+Refer to the [Software Interoperability Chart](https://go2docs.graylog.org/5-0/planning_your_deployment/planning_your_upgrade_to_opensearch.htm)
 
 You will need to these Ansible role dependencies:
   - [Java](https://github.com/lean-delivery/ansible-role-java)
@@ -77,13 +83,15 @@ Here is an example playbook that uses this role. This is a single-instance confi
     es_action_auto_create_index: False
 
     #Graylog vars
-    graylog_version: 4.2
+    graylog_version: 5.2
     graylog_install_java: True
     graylog_password_secret: "" # Insert your own here. Generate with: pwgen -s 96 1
     graylog_root_password_sha2: "" # Insert your own root_password_sha2 here.
     graylog_http_bind_address: "{{ ansible_default_ipv4.address }}:9000"
     graylog_http_publish_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
     graylog_http_external_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
+    graylog_install_open_package: True
+    graylog_install_enterprise_package: False
 
   roles:
     - role: "graylog2.graylog"
@@ -222,7 +230,7 @@ We run smoke tests for Graylog using this role. Documentation on that can be fou
 
 ## Author Information
 
-Author: Marius Sturm (<[email protected]>) and [contributors](https://github.com/Graylog2/graylog2-ansible-role/graphs/contributors)
+Author: Graylog and [contributors](https://github.com/Graylog2/graylog2-ansible-role/graphs/contributors)
 
 ## License
 

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -187,7 +187,7 @@ graylog_web_thread_pool_size:        16
 # JVM
 graylog_gc_warning_threshold: "1s"
 graylog_server_heap_size:     "1500m"
-graylog_server_java:          "/usr/bin/java"
+graylog_server_java:          "/usr/bin/java" # For usage of the bundled openjdk version within graylog leave varviable blank
 graylog_server_java_opts_extra: ""
 graylog_server_java_opts:     "-Djava.net.preferIPv4Stack=true -Xms{{ graylog_server_heap_size }} -Xmx{{ graylog_server_heap_size }} -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:-OmitStackTraceInFastThrow {{graylog_server_java_opts_extra}}"
 graylog_server_args:          ""
@@ -202,11 +202,19 @@ graylog_install_java:          True
 # Disable steps which break tests
 graylog_not_testing:           True
 
-# Plugins
+# Plugins for Graylog Versions <5.0
 graylog_install_enterprise_plugins:               False
 graylog_install_integrations_plugins:             False
 graylog_install_enterprise_integrations_plugins:  False
 
+# package version for Graylog Version >=5.0
+graylog_install_enterprise_package: False
+graylog_install_open_package:       True
+
+# Graylog Version to install
+graylog_version: 5.0
+graylog_full_version: ""
+
 graylog_additional_config: {}
 
 required_vars:

diff --git a/docs/Variables.md b/docs/Variables.md
@@ -9,9 +9,11 @@
 | `graylog_install_java` | True | Whether to install Java on the instance.|
 | `graylog_install_elasticsearch` | True | Whether to install Elasticsearch on the instance. |
 | `graylog_install_mongodb` | True | Whether to install MongoDB on the instance. |
-| `graylog_install_enterprise_plugins` | False | Whether to install the [graylog-enterprise-plugins](https://docs.graylog.org/docs/intro) package. |
-| `graylog_install_integrations_plugins` | False | Whether to install the [graylog-integrations-plugins](https://docs.graylog.org/docs/integrations) package. |
-| `graylog_install_enterprise_integrations_plugins` | False | Whether to install the [graylog-enterprise-integrations-plugins](https://docs.graylog.org/docs/intro) package. |
+| `graylog_install_enterprise_plugins` | False | Whether to install the [graylog-enterprise-plugins](https://docs.graylog.org/docs/intro) package for version <= 4.3. |
+| `graylog_install_integrations_plugins` | False | Whether to install the [graylog-integrations-plugins](https://docs.graylog.org/docs/integrations) package for version <= 4.3. |
+| `graylog_install_enterprise_integrations_plugins` | False | Whether to install the [graylog-enterprise-integrations-plugins](https://docs.graylog.org/docs/intro) package for version <= 4.3. |
+| `graylog_install_open_package` | False | Whether to install the [graylog-server](https://docs.graylog.org/docs/intro) package for version >= 5.0. |
+| `graylog_install_enterprise_package` | False | Whether to install the [graylog-enterprise](https://docs.graylog.org/docs/intro) package for version >= 5.0. |
 
 
 ## Java Variables

diff --git a/meta/main.yml b/meta/main.yml
@@ -14,10 +14,10 @@ dependencies:
 galaxy_info:
   role_name: graylog
   namespace: graylog2
-  author: "Marius Sturm"
+  author: "Graylog"
   company: "Graylog, Inc."
   description: "Install and configure Graylog log management."
-  min_ansible_version: "2.5"
+  min_ansible_version: "2.13.13"
   license: "Apache 2"
   platforms:
     - name: "EL"

diff --git a/requirements.txt b/requirements.txt
@@ -1,13 +1,20 @@
-ansible==4.2.0
-ansible-base==2.10.5
+ansible==6.7.0
+ansible-compat==24.5.1
+ansible-core==2.13.13
 ansible-lint==4.3.5
 enrich==1.2.6
 molecule==3.5.1
 molecule-docker==1.0.2
 molecule-vagrant==0.6
 python-vagrant==0.5.15
 pytest-testinfra==6.1.0
+python-dateutil==2.9.0.post0
+python-dotenv==1.0.1
+python-slugify==8.0.4
+PyYAML==5.3.1
 selenium==3.141.0
+selinux==0.3.0
+setuptools==58.1.0
 yamllint==1.25.0
 webdriver-manager
-wheel
+wheel==0.45.1
diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml
@@ -26,8 +26,23 @@
 
 - name: "Graylog server package should be installed"
   apt:
-    name: "graylog-server{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}"
+    name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
+  when: graylog_version is version('5.0', '<')
+  notify: "restart graylog-server"
+
+- name: "Graylog Open server package should be installed"
+  apt:
+    name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}"
+    state: "{{ graylog_package_state }}"
+  when: (graylog_install_open_package | bool == true and graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>='))
+  notify: "restart graylog-server"
+
+- name: "Graylog Enterprise server package should be installed"
+  apt:
+    name: "graylog-enterprise{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}"
+    state: "{{ graylog_package_state }}"
+  when: (graylog_install_open_package | bool == false and graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>='))
   notify: "restart graylog-server"
 
 - name: "setup-Debian.yml | Set elasticsearch priority to {{ graylog_es_debian_pin_version }} apt_preferences"
@@ -39,21 +54,21 @@
 
 - name: "Installing graylog-enterprise-plugins"
   apt:
-    name: "graylog-enterprise-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}"
+    name: "graylog-enterprise-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  when: graylog_install_enterprise_plugins
+  when: (graylog_install_enterprise_plugins | bool == true and graylog_version is version('5.0', '<'))
   notify: restart graylog-server
 
 - name: "Installing graylog-integrations-plugins"
   apt:
-    name: "graylog-integrations-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}"
+    name: "graylog-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  when: graylog_install_integrations_plugins
+  when: (graylog_install_integrations_plugins | bool == true and graylog_version is version('5.0', '<'))
   notify: restart graylog-server
 
 - name: "Installing graylog-enterprise-integrations-plugins"
   apt:
-    name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is defined %}={{ graylog_full_version }}{% endif %}"
+    name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}={{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  when: graylog_install_enterprise_integrations_plugins
+  when: (graylog_install_enterprise_integrations_plugins | bool == true and graylog_version is version('5.0', '<'))
   notify: restart graylog-server
diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml
@@ -10,27 +10,42 @@
 
 - name: "Graylog server should be installed"
   yum:
-    name: "graylog-server{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}"
+    name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  notify: restart graylog-server
+  when: graylog_version is version('5.0', '<')
+  notify: "restart graylog-server"
+
+- name: "Graylog Open server package should be installed"
+  yum:
+    name: "graylog-server{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}"
+    state: "{{ graylog_package_state }}"
+  when: (graylog_install_open_package | bool == true and graylog_install_enterprise_package | bool == false and graylog_version is version('5.0', '>='))
+  notify: "restart graylog-server"
+
+- name: "Graylog Enterprise server package should be installed"
+  yum:
+    name: "graylog-enterprise{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}"
+    state: "{{ graylog_package_state }}"
+  when: (graylog_install_open_package | bool == false and graylog_install_enterprise_package | bool == true and graylog_version is version('5.0', '>='))
+  notify: "restart graylog-server"
 
 - name: "Installing graylog-enterprise-plugins"
   yum:
-    name: "graylog-enterprise-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}"
+    name: "graylog-enterprise-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  when: graylog_install_enterprise_plugins
+  when: (graylog_install_enterprise_plugins | bool == true and graylog_version is version('5.0', '<'))
   notify: restart graylog-server
 
 - name: "Installing graylog-integrations-plugins"
   yum:
-    name: "graylog-integrations-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}"
+    name: "graylog-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  when: graylog_install_integrations_plugins
+  when: (graylog_install_integrations_plugins | bool == true and graylog_version is version('5.0', '<'))
   notify: restart graylog-server
 
 - name: "Installing graylog-enterprise-integrations-plugins"
   yum:
-    name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is defined %}-{{ graylog_full_version }}{% endif %}"
+    name: "graylog-enterprise-integrations-plugins{% if graylog_full_version is not none and graylog_full_version | length > 1 %}-{{ graylog_full_version }}{% endif %}"
     state: "{{ graylog_package_state }}"
-  when: graylog_install_enterprise_integrations_plugins
+  when: (graylog_install_enterprise_integrations_plugins | bool == true and graylog_version is version('5.0', '<'))
   notify: restart graylog-server
diff --git a/templates/graylog.server.default.j2 b/templates/graylog.server.default.j2
@@ -1,4 +1,6 @@
+{% if graylog_server_java is defined and graylog_server_java|length %}
 JAVA="{{ graylog_server_java }}"
+{% endif %}
 GRAYLOG_SERVER_JAVA_OPTS="{{ graylog_server_java_opts }}"
 GRAYLOG_SERVER_ARGS="{{ graylog_server_args }}"
 GRAYLOG_COMMAND_WRAPPER="{{ graylog_server_wrapper }}"