From 16117f431f9c002c43d4572f53a2d634501decf1 Mon Sep 17 00:00:00 2001 From: Dale McDiarmid Date: Thu, 17 Aug 2017 18:52:02 +0100 Subject: [PATCH 1/2] Test for custom log4j file --- files/logging/log4j2.properties.custom.j2 | 76 +++++++++++++++++++ test/integration/config.yml | 2 + .../helpers/serverspec/config_spec.rb | 8 ++ .../helpers/serverspec/standard_spec.rb | 1 + 4 files changed, 87 insertions(+) create mode 100644 files/logging/log4j2.properties.custom.j2 diff --git a/files/logging/log4j2.properties.custom.j2 b/files/logging/log4j2.properties.custom.j2 new file mode 100644 index 0000000..9a2a60f --- /dev/null +++ b/files/logging/log4j2.properties.custom.j2 @@ -0,0 +1,76 @@ +#CUSTOM LOG4J FILE + +status = error + +# log action execution errors for easier debugging +logger.action.name = org.elasticsearch.action +logger.action.level = info + +appender.console.type = Console +appender.console.name = console +appender.console.layout.type = PatternLayout +appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n + +appender.rolling.type = RollingFile +appender.rolling.name = rolling +appender.rolling.fileName = ${sys:es.logs}.log +appender.rolling.layout.type = PatternLayout +appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.-10000m%n +appender.rolling.filePattern = ${sys:es.logs}-%d{yyyy-MM-dd}.log +appender.rolling.policies.type = Policies +appender.rolling.policies.time.type = TimeBasedTriggeringPolicy +appender.rolling.policies.time.interval = 1 +appender.rolling.policies.time.modulate = true + +rootLogger.level = debug +rootLogger.appenderRef.console.ref = console +rootLogger.appenderRef.rolling.ref = rolling + +appender.deprecation_rolling.type = RollingFile +appender.deprecation_rolling.name = deprecation_rolling +appender.deprecation_rolling.fileName = ${sys:es.logs}_deprecation.log +appender.deprecation_rolling.layout.type = PatternLayout +appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.-10000m%n +appender.deprecation_rolling.filePattern = ${sys:es.logs}_deprecation-%i.log.gz +appender.deprecation_rolling.policies.type = Policies +appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy +appender.deprecation_rolling.policies.size.size = 10mb +appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy +appender.deprecation_rolling.strategy.max = 4 + +logger.deprecation.name = org.elasticsearch.deprecation +logger.deprecation.level = debug +logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling +logger.deprecation.additivity = false + +appender.index_search_slowlog_rolling.type = RollingFile +appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling +appender.index_search_slowlog_rolling.fileName = ${sys:es.logs}_index_search_slowlog.log +appender.index_search_slowlog_rolling.layout.type = PatternLayout +appender.index_search_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.-10000m%n +appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs}_index_search_slowlog-%d{yyyy-MM-dd}.log +appender.index_search_slowlog_rolling.policies.type = Policies +appender.index_search_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy +appender.index_search_slowlog_rolling.policies.time.interval = 1 +appender.index_search_slowlog_rolling.policies.time.modulate = true + +logger.index_search_slowlog_rolling.name = index.search.slowlog +logger.index_search_slowlog_rolling.level = debug +logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling +logger.index_search_slowlog_rolling.additivity = false + +appender.index_indexing_slowlog_rolling.type = RollingFile +appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling +appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs}_index_indexing_slowlog.log +appender.index_indexing_slowlog_rolling.layout.type = PatternLayout +appender.index_indexing_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.-10000m%n +appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs}_index_indexing_slowlog-%d{yyyy-MM-dd}.log +appender.index_indexing_slowlog_rolling.policies.type = Policies +appender.index_indexing_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy +appender.index_indexing_slowlog_rolling.policies.time.interval = 1 +appender.index_indexing_slowlog_rolling.policies.time.modulate = true + +logger.index_indexing_slowlog.name = index.indexing.slowlog.index +logger.index_indexing_slowlog.level = debug +logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling +logger.index_indexing_slowlog.additivity = false diff --git a/test/integration/config.yml b/test/integration/config.yml index 9c652b2..881d442 100644 --- a/test/integration/config.yml +++ b/test/integration/config.yml @@ -25,6 +25,8 @@ es_templates: false es_version_lock: false es_heap_size: 1g + #add a custom log4j file + es_config_log4j2: "./files/logging/log4j2.properties.custom.j2" es_api_port: 9401 es_plugins: - plugin: ingest-attachment diff --git a/test/integration/helpers/serverspec/config_spec.rb b/test/integration/helpers/serverspec/config_spec.rb index 95a4bfd..bab4500 100644 --- a/test/integration/helpers/serverspec/config_spec.rb +++ b/test/integration/helpers/serverspec/config_spec.rb @@ -145,5 +145,13 @@ shared_examples 'config::init' do |es_version,plugins| it { should be_file } end end + + describe file('/etc/elasticsearch/node1/log4j2.properties') do + it { should be_file } + it { should be_owned_by 'elasticsearch' } + it { should contain 'CUSTOM LOG4J FILE' } + end + + end diff --git a/test/integration/helpers/serverspec/standard_spec.rb b/test/integration/helpers/serverspec/standard_spec.rb index 1baf571..d5cb660 100644 --- a/test/integration/helpers/serverspec/standard_spec.rb +++ b/test/integration/helpers/serverspec/standard_spec.rb @@ -22,6 +22,7 @@ shared_examples 'standard::init' do |es_version,plugins| describe file('/etc/elasticsearch/node1/log4j2.properties') do it { should be_file } it { should be_owned_by 'elasticsearch' } + it { should_not contain 'CUSTOM LOG4J FILE' } end describe file('/etc/elasticsearch/node1/jvm.options') do From 53741c33c6dc3938ea04dc5f03c071c06751d5e2 Mon Sep 17 00:00:00 2001 From: Dale McDiarmid Date: Thu, 17 Aug 2017 21:44:46 +0100 Subject: [PATCH 2/2] X-pack security fix + activation --- .kitchen.yml | 3 +++ tasks/xpack/security/elasticsearch-xpack-activation.yml | 6 +++--- test/integration/helpers/serverspec/xpack_spec.rb | 4 ++-- test/integration/xpack.yml | 4 ++-- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/.kitchen.yml b/.kitchen.yml index 44d127f..4092d17 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -17,6 +17,9 @@ provisioner: ignore_extensions_from_root: [".git",".idea",".kitchen.yml"] ignore_paths_from_root: [".git",".idea",".kitchen"] +transport: + max_ssh_sessions: 6 + platforms: - name: ubuntu-14.04 driver_config: diff --git a/tasks/xpack/security/elasticsearch-xpack-activation.yml b/tasks/xpack/security/elasticsearch-xpack-activation.yml index 4b1fd3f..c1f401b 100644 --- a/tasks/xpack/security/elasticsearch-xpack-activation.yml +++ b/tasks/xpack/security/elasticsearch-xpack-activation.yml @@ -3,7 +3,7 @@ - name: Activate ES license (without security authentication) uri: method: PUT - url: "http://{{es_api_host}}:{{es_api_port}}/_license?acknowledge=true" + url: "http://{{es_api_host}}:{{es_api_port}}/_xpack/license?acknowledge=true" body_format: json body: "{{ es_xpack_license }}" return_content: yes @@ -18,7 +18,7 @@ - name: Activate ES license (with security authentication) uri: method: PUT - url: "http://{{es_api_host}}:{{es_api_port}}/_license?acknowledge=true" + url: "http://{{es_api_host}}:{{es_api_port}}/_xpack/license?acknowledge=true" user: "{{es_api_basic_auth_username}}" password: "{{es_api_basic_auth_password}}" body_format: json @@ -34,4 +34,4 @@ license_activated.json.license_status != 'valid' - debug: - msg: "License: {{ license_activated.content }}" + msg: "License: {{ license_activated }}" diff --git a/test/integration/helpers/serverspec/xpack_spec.rb b/test/integration/helpers/serverspec/xpack_spec.rb index 08a7cac..4687a66 100644 --- a/test/integration/helpers/serverspec/xpack_spec.rb +++ b/test/integration/helpers/serverspec/xpack_spec.rb @@ -137,11 +137,11 @@ shared_examples 'xpack::init' do |es_version,plugins| #Test native roles and users are loaded - describe command('curl -s localhost:9200/_xpack/security/user -u es_admin:changeMeAgain | md5sum | grep 74bcc9f9534b253c1204e264df21496c') do + describe command('curl -s localhost:9200/_xpack/security/user -u es_admin:changeMeAgain | md5sum | grep b6a1293c343e745a508c74778c9be8bb') do its(:exit_status) { should eq 0 } end - describe command('curl -s localhost:9200/_xpack/security/role -u es_admin:changeMeAgain | md5sum | grep 2bf3ffbb9cabf26bb25de6334c4da323') do + describe command('curl -s localhost:9200/_xpack/security/role -u es_admin:changeMeAgain | md5sum | grep 44b97844bd8b31d5573493a99ef62106') do its(:exit_status) { should eq 0 } end diff --git a/test/integration/xpack.yml b/test/integration/xpack.yml index b468874..6c57500 100644 --- a/test/integration/xpack.yml +++ b/test/integration/xpack.yml @@ -8,7 +8,7 @@ vars: es_heap_size: "1g" es_templates: true - es_version: "5.1.2" + es_version: "5.4.0" es_enable_xpack: true es_xpack_license: "{{ lookup('file', '/tmp/license.json') }}" es_plugins: @@ -90,7 +90,7 @@ vars: es_heap_size: "1g" es_templates: true - es_version: "5.2.2" + es_version: "5.5.1" es_enable_xpack: true es_xpack_license: "{{ lookup('file', '/tmp/license.json') }}" es_plugins: