Code Monkey home page Code Monkey logo

elastalert-rpm's Introduction

Elastalert RPM Build repository Build Status

Automated Centos7 RPM build of Elastalert http://elastalert.readthedocs.io/en/latest/

Stack

Usage

The build script build.sh create a python virtualenv to install elastalert then uses fpm to package the entire virtualenv into an RPM. The script works on centos7.

Build

$> docker run -v $(pwd):/build -it centos:centos7 /build/build.sh
...

$> rpm -qp --info /build/elastalert-0.1.18-1.el7.x86_64.rpm
Name        : elastalert
Version     : 0.1.18
Release     : 1.el7
Architecture: x86_64
Install Date: (not installed)
Group       : default
Size        : 50901525
License     : Apache 2.0
Signature   : (none)
Source RPM  : elastalert-0.1.18-1.el7.src.rpm
Build Date  : Thu Jul 27 12:06:02 2017
Build Host  : c90b33846cbd
Relocations : /
Packager    : [email protected]
Vendor      : @c90b33846cbd
URL         : http://elastalert.readthedocs.io/en/latest
Summary     : ElastAlert - Easy & Flexible Alerting With Elasticsearch.
Description :
ElastAlert - Easy & Flexible Alerting With Elasticsearch.

Configuration

Edit the file /etc/elastalert/config.yml :

rules_folder: /etc/elastalert/rules
es_host: localhost
es_port: 9200
writeback_index: elastalert_status
run_every:
  minutes: 1
buffer_time:
  minutes: 10

Don't forget to run for the 1st run : $> elastalert-create-index
http://elastalert.readthedocs.io/en/latest/running_elastalert.html

Start

$> systemctl start elastalert

Run KitchenCI/Inspec test

You will need ruby, bundler and docker installed on you system. A Vangrantfile is provided for convinience. KitchenCI configuration can be found in the file .kitchen.yml :

---
driver:
  name: docker
  use_sudo: false

provisioner:
  name: ansible_playbook
  hosts: test-kitchen
  roles_path: roles
  ansible_verbose: true
  require_ansible_repo: true
  require_ansible_omnibus: false
  require_chef_for_busser: false
  require_ruby_for_busser: false

verifier:
  name: inspec

platforms:
  - name: centos-7.3
    platform: centos
    driver_config:
      image: local/c7-systemd
      run_command: /usr/sbin/init
      port: 22
      volume: 
        - /sys/fs/cgroup:/sys/fs/cgroup:ro
        - <%=ENV['PWD']%>:/build

suites:
  - name: default

Docker with systemd

As this package is meant to be used on Centos7 we need to enable systemd inside the Docker container used by KitchenCI. This can be done using the dockerfile systemd.Dockerfile :

FROM centos:centos7

ENV container docker

# Enable Systemd
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*; \
rm -f /usr/lib/tmpfiles.d/systemd-nologin.conf;
VOLUME [ "/sys/fs/cgroup" ]
VOLUME ["/run"]

# Start
CMD ["/usr/sbin/init"]

More information can be found on the official Centos7 docker image repos : https://github.com/docker-library/docs/tree/master/centos

Running the tests

Before running the tests we need to build the base docker image with systemd :

$> docker build --rm -t local/c7-systemd -f systemd.Dockerfile .

Then run the tests :

$> bundle install
$> bundle exec kitchen test all

...
Profile: tests from {:path=>"/vagrant/test/integration/default/inspec"}
Version: (not specified)
Target:  ssh://kitchen@localhost:32768

  ✔  elastalert-1: Elastalert: Check RPM Installation
     ✔  System Package elastalert should be installed
     ✔  User elastalert should exist
     ✔  User elastalert group should eq "elastalert"
     ✔  User elastalert home should eq "/usr/share/python/elastalert"
     ✔  User elastalert shell should eq "/sbin/nologin"
     ✔  Service elastalert should be installed
     ✔  Service elastalert should not be enabled
     ✔  Service elastalert should not be running
     ✔  File /etc/elastalert/config.yml should exist
     ✔  File /etc/sysconfig/elastalert should exist
     ✔  File /usr/lib/systemd/system/elastalert.service should exist

Profile Summary: 1 successful, 0 failures, 0 skipped
Test Summary: 11 successful, 0 failures, 0 skipped

A simple ansible playbook is used to install the rpm in kitchen docker image and the Inspec test are located under test/integration/default/inspec.

elastalert-rpm's People

Contributors

amine7536 avatar fpoirotte avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.