Merge pull request #44340 from shmish111/es-curator

nixos/curator: init elasticsearch curator

authored by

Bas van Dijk and committed by
GitHub
a144c798 b2dc75cd

+168 -4
+6
nixos/doc/manual/release-notes/rl-1809.xml
··· 111 111 <link xlink:href="https://github.com/strongswan/strongswan/blob/master/README_LEGACY.md">stroke configuration interface</link>. 112 112 </para> 113 113 </listitem> 114 + <listitem> 115 + <para> 116 + The new <varname>services.elasticsearch-curator</varname> service 117 + periodically curates or manages, your Elasticsearch indices and snapshots. 118 + </para> 119 + </listitem> 114 120 </itemizedlist> 115 121 </section> 116 122
+1
nixos/modules/module-list.nix
··· 623 623 ./services/scheduling/fcron.nix 624 624 ./services/scheduling/marathon.nix 625 625 ./services/search/elasticsearch.nix 626 + ./services/search/elasticsearch-curator.nix 626 627 ./services/search/hound.nix 627 628 ./services/search/kibana.nix 628 629 ./services/search/solr.nix
+93
nixos/modules/services/search/elasticsearch-curator.nix
··· 1 + { config, lib, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.elasticsearch-curator; 7 + curatorConfig = pkgs.writeTextFile { 8 + name = "config.yaml"; 9 + text = '' 10 + --- 11 + # Remember, leave a key empty if there is no value. None will be a string, 12 + # not a Python "NoneType" 13 + client: 14 + hosts: ${builtins.toJSON cfg.hosts} 15 + port: ${toString cfg.port} 16 + url_prefix: 17 + use_ssl: False 18 + certificate: 19 + client_cert: 20 + client_key: 21 + ssl_no_validate: False 22 + http_auth: 23 + timeout: 30 24 + master_only: False 25 + logging: 26 + loglevel: INFO 27 + logfile: 28 + logformat: default 29 + blacklist: ['elasticsearch', 'urllib3'] 30 + ''; 31 + }; 32 + curatorAction = pkgs.writeTextFile { 33 + name = "action.yaml"; 34 + text = cfg.actionYAML; 35 + }; 36 + in { 37 + 38 + options.services.elasticsearch-curator = { 39 + 40 + enable = mkEnableOption "elasticsearch curator"; 41 + interval = mkOption { 42 + description = "The frequency to run curator, a systemd.time such as 'hourly'"; 43 + default = "hourly"; 44 + type = types.str; 45 + }; 46 + hosts = mkOption { 47 + description = "a list of elasticsearch hosts to connect to"; 48 + type = types.listOf types.str; 49 + default = ["localhost"]; 50 + }; 51 + port = mkOption { 52 + description = "the port that elasticsearch is listening on"; 53 + type = types.int; 54 + default = 9200; 55 + }; 56 + actionYAML = mkOption { 57 + description = "curator action.yaml file contents, alternatively use curator-cli which takes a simple action command"; 58 + example = '' 59 + --- 60 + actions: 61 + 1: 62 + action: delete_indices 63 + description: >- 64 + Delete indices older than 45 days (based on index name), for logstash- 65 + prefixed indices. Ignore the error if the filter does not result in an 66 + actionable list of indices (ignore_empty_list) and exit cleanly. 67 + options: 68 + ignore_empty_list: True 69 + disable_action: False 70 + filters: 71 + - filtertype: pattern 72 + kind: prefix 73 + value: logstash- 74 + - filtertype: age 75 + source: name 76 + direction: older 77 + timestring: '%Y.%m.%d' 78 + unit: days 79 + unit_count: 45 80 + ''; 81 + }; 82 + }; 83 + 84 + config = mkIf cfg.enable { 85 + 86 + systemd.services.elasticsearch-curator = { 87 + startAt = cfg.interval; 88 + serviceConfig = { 89 + ExecStart = ''${pkgs.python36Packages.elasticsearch-curator}/bin/curator --config ${curatorConfig} ${curatorAction}''; 90 + }; 91 + }; 92 + }; 93 + }
+32
nixos/tests/elk.nix
··· 63 63 package = elk.kibana; 64 64 elasticsearch.url = esUrl; 65 65 }; 66 + 67 + elasticsearch-curator = { 68 + enable = true; 69 + actionYAML = '' 70 + --- 71 + actions: 72 + 1: 73 + action: delete_indices 74 + description: >- 75 + Delete indices older than 1 second (based on index name), for logstash- 76 + prefixed indices. Ignore the error if the filter does not result in an 77 + actionable list of indices (ignore_empty_list) and exit cleanly. 78 + options: 79 + ignore_empty_list: True 80 + disable_action: False 81 + filters: 82 + - filtertype: pattern 83 + kind: prefix 84 + value: logstash- 85 + - filtertype: age 86 + source: name 87 + direction: older 88 + timestring: '%Y.%m.%d' 89 + unit: seconds 90 + unit_count: 1 91 + ''; 92 + }; 66 93 }; 67 94 }; 68 95 }; ··· 91 118 # See if logstash messages arive in elasticsearch. 92 119 $one->waitUntilSucceeds("curl --silent --show-error '${esUrl}/_search' -H 'Content-Type: application/json' -d '{\"query\" : { \"match\" : { \"message\" : \"flowers\"}}}' | jq .hits.total | grep -v 0"); 93 120 $one->waitUntilSucceeds("curl --silent --show-error '${esUrl}/_search' -H 'Content-Type: application/json' -d '{\"query\" : { \"match\" : { \"message\" : \"dragons\"}}}' | jq .hits.total | grep 0"); 121 + 122 + # Test elasticsearch-curator. 123 + $one->systemctl("stop logstash"); 124 + $one->systemctl("start elasticsearch-curator"); 125 + $one->waitUntilSucceeds("! curl --silent --show-error '${esUrl}/_cat/indices' | grep logstash | grep -q ^$1"); 94 126 ''; 95 127 }; 96 128 in mapAttrs mkElkTest {
+6 -4
pkgs/development/python-modules/elasticsearch-curator/default.nix
··· 1 1 { stdenv 2 2 , buildPythonPackage 3 3 , fetchPypi 4 + , boto3 4 5 , click 5 6 , certifi 7 + , requests-aws4auth 6 8 , voluptuous 7 9 , pyyaml 8 10 , elasticsearch ··· 22 24 sha256 = "e75abeb7f7be939b1c64c071898760dc10ab5f08307c253fc074abf8a41a76f0"; 23 25 }; 24 26 25 - # The integration tests require a running elasticsearch cluster. 26 - postUnpackPhase = '' 27 - rm -r test/integration 28 - ''; 27 + # The test hangs so we disable it. 28 + doCheck = false; 29 29 30 30 propagatedBuildInputs = [ 31 31 click 32 32 certifi 33 + requests-aws4auth 33 34 voluptuous 34 35 pyyaml 35 36 elasticsearch 37 + boto3 36 38 ]; 37 39 38 40 checkInputs = [
+28
pkgs/development/python-modules/requests-aws4auth/default.nix
··· 1 + { lib, buildPythonPackage, fetchPypi, fetchzip, isPy3k, requests }: 2 + with lib; 3 + buildPythonPackage rec { 4 + pname = "requests-aws4auth"; 5 + version = "0.9"; 6 + 7 + src = fetchPypi { 8 + inherit pname version; 9 + sha256 = "0g52a1pm53aqkc9qb5q1m918c1qy6q47c1qz63p5ilynfbs3m5y9"; 10 + }; 11 + 12 + postPatch = optionalString isPy3k '' 13 + sed "s/path_encoding_style/'path_encoding_style'/" \ 14 + -i requests_aws4auth/service_parameters.py 15 + ''; 16 + 17 + propagatedBuildInputs = [ requests ]; 18 + 19 + # The test fail on Python >= 3 because of module import errors. 20 + doCheck = !isPy3k; 21 + 22 + meta = { 23 + description = "Amazon Web Services version 4 authentication for the Python Requests library."; 24 + homepage = https://github.com/sam-washington/requests-aws4auth; 25 + license = licenses.mit; 26 + maintainers = [ maintainers.basvandijk ]; 27 + }; 28 + }
+2
pkgs/top-level/python-packages.nix
··· 2009 2009 2010 2010 requests-unixsocket = callPackage ../development/python-modules/requests-unixsocket {}; 2011 2011 2012 + requests-aws4auth = callPackage ../development/python-modules/requests-aws4auth { }; 2013 + 2012 2014 howdoi = callPackage ../development/python-modules/howdoi {}; 2013 2015 2014 2016 neurotools = callPackage ../development/python-modules/neurotools {};