metron-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nickal...@apache.org
Subject [1/2] incubator-metron git commit: METRON-132 Monit integration + METRON-85 Removed fixed wait from EC2 deployment (nickwallen) closes apache/incubator-metron#118
Date Fri, 13 May 2016 21:29:19 GMT
Repository: incubator-metron
Updated Branches:
  refs/heads/master 9a4481cab -> 9898b4c6a


http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/monit/templates/monit/yaf.monit
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/monit/templates/monit/yaf.monit b/metron-deployment/roles/monit/templates/monit/yaf.monit
new file mode 100644
index 0000000..1f7b4d2
--- /dev/null
+++ b/metron-deployment/roles/monit/templates/monit/yaf.monit
@@ -0,0 +1,24 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+check process yaf
+  with pidfile /var/run/yaf.pid
+  start program = "/etc/init.d/yaf start"
+  stop program = "/etc/init.d/yaf stop"
+  if does not exist then restart
+  group yaf
+  group sensors
+  group metron

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/monit/templates/scripts/start_enrichment_topology.sh
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/monit/templates/scripts/start_enrichment_topology.sh
b/metron-deployment/roles/monit/templates/scripts/start_enrichment_topology.sh
new file mode 100644
index 0000000..e170460
--- /dev/null
+++ b/metron-deployment/roles/monit/templates/scripts/start_enrichment_topology.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# start the enrichment topology
+#
+export METRON_VERSION={{ metron_version }}
+export METRON_HOME={{ metron_directory }}
+{{ item }}

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/monit/templates/scripts/start_topology.sh
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/monit/templates/scripts/start_topology.sh b/metron-deployment/roles/monit/templates/scripts/start_topology.sh
new file mode 100644
index 0000000..a8a60fa
--- /dev/null
+++ b/metron-deployment/roles/monit/templates/scripts/start_topology.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# start a storm topology
+#
+export METRON_VERSION={{ metron_version }}
+export METRON_HOME={{ metron_directory }}
+$METRON_HOME/bin/start_parser_topology.sh {{ item }}

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/monit/templates/scripts/status_topology.sh
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/monit/templates/scripts/status_topology.sh b/metron-deployment/roles/monit/templates/scripts/status_topology.sh
new file mode 100644
index 0000000..67e9373
--- /dev/null
+++ b/metron-deployment/roles/monit/templates/scripts/status_topology.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# is a given storm topology running?
+#
+
+TOPOLOGY={{ item }}
+STATUS=`storm list | grep $TOPOLOGY | awk '{print $2}'`
+
+if [ "ACTIVE" = "$STATUS" ]; then
+  echo "Running: $TOPOLOGY"
+  exit 0
+else
+  echo "Stopped: $TOPOLOGY"
+  exit 1
+fi

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/monit/templates/scripts/stop_topology.sh
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/monit/templates/scripts/stop_topology.sh b/metron-deployment/roles/monit/templates/scripts/stop_topology.sh
new file mode 100644
index 0000000..d864621
--- /dev/null
+++ b/metron-deployment/roles/monit/templates/scripts/stop_topology.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# stop a storm topology
+#
+storm kill {{ item }}

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/mysql_server/tasks/geoip.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/mysql_server/tasks/geoip.yml b/metron-deployment/roles/mysql_server/tasks/geoip.yml
new file mode 100644
index 0000000..87b5721
--- /dev/null
+++ b/metron-deployment/roles/mysql_server/tasks/geoip.yml
@@ -0,0 +1,37 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+---
+- name: Download GeoIP databases
+  unarchive:
+    src:  http://geolite.maxmind.com/download/geoip/database/GeoLiteCity_CSV/GeoLiteCity-latest.tar.xz
+    dest: /tmp/geoip
+    copy: no
+    creates: /tmp/geopip/*/GeoLiteCity-Blocks.csv
+
+- name: Copy to MySQL import directory
+  shell: "cp /tmp/geoip/*/*.csv /var/lib/mysql-files/"
+
+- name: Copy DDL
+  copy:
+    src: geoip_ddl.sql
+    dest: /tmp/geoip_ddl.sql
+
+- name: Import GeoIP DDL
+  mysql_db:
+    name: all
+    state: import
+    target: /tmp/geoip_ddl.sql

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/mysql_server/tasks/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/mysql_server/tasks/main.yml b/metron-deployment/roles/mysql_server/tasks/main.yml
index a484ed0..159e5a6 100644
--- a/metron-deployment/roles/mysql_server/tasks/main.yml
+++ b/metron-deployment/roles/mysql_server/tasks/main.yml
@@ -15,79 +15,6 @@
 #  limitations under the License.
 #
 ---
-- name: Create temporary directories
-  file:
-    path: "/tmp/geoip"
-    state: directory
-    mode: 0755
-
-- name: Install Mysql Community Release Repo Def
-  get_url:
-    dest: /tmp/{{ mysql_rpm_version }}.rpm
-    url: "{{ mysql_yum_repo_url }}"
-
-- name: Install Mysql Community Release Repo
-  yum:
-    pkg: /tmp/{{ mysql_rpm_version }}.rpm
-    state: installed
-  register: result
-  until: result.rc == 0
-  retries: 5
-  delay: 10
-
-- name: Install MySQL
-  yum:
-    name: "{{ item }}"
-    state: latest
-  with_items:
-    - "mysql-community-server"
-    - "MySQL-python"
-  register: result
-  until: result.rc == 0
-  retries: 5
-  delay: 10
-
-- name: Start MySQL
-  service:
-    name: mysqld
-    state: started
-    enabled: yes
-
-- name: Retrieve temporary root password
-  shell: "grep 'temporary password' /var/log/mysqld.log | sed 's/.*root@localhost: //'"
-  args:
-    creates: ~/.my.cnf
-  register: temp_root_password
-
-- name: Update mysql root password
-  command: "mysqladmin --user=root --password='{{ temp_root_password.stdout }}' password
'{{ mysql_root_password }}'"
-  ignore_errors: yes
-  args:
-    creates: ~/.my.cnf
-
-- name: Create .my.cnf
-  template:
-    src: "../roles/mysql_server/templates/.my.cnf"
-    dest: ~/.my.cnf
-
-
-- name: Download GeoIP databases
-  unarchive:
-    src:  http://geolite.maxmind.com/download/geoip/database/GeoLiteCity_CSV/GeoLiteCity-latest.tar.xz
-    dest: /tmp/geoip
-    copy: no
-    creates: /tmp/geopip/*/GeoLiteCity-Blocks.csv
-
-- name: Copy to MySQL import directory
-  shell: "cp /tmp/geoip/*/*.csv /var/lib/mysql-files/"
-
-- name: Copy DDL
-  copy:
-    src: geoip_ddl.sql
-    dest: /tmp/geoip_ddl.sql
-
-- name: Import GeoIP DDL
-  mysql_db:
-    name: all
-    state: import
-    target: /tmp/geoip_ddl.sql
+- include: mysql.yml
+- include: mysql-password.yml
+- include: geoip.yml

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/mysql_server/tasks/mysql-password.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/mysql_server/tasks/mysql-password.yml b/metron-deployment/roles/mysql_server/tasks/mysql-password.yml
new file mode 100644
index 0000000..a4f0d0b
--- /dev/null
+++ b/metron-deployment/roles/mysql_server/tasks/mysql-password.yml
@@ -0,0 +1,33 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+---
+- name: Retrieve temporary root password
+  shell: "grep 'temporary password' /var/log/mysqld.log | sed 's/.*root@localhost: //'"
+  args:
+    creates: ~/.my.cnf
+  register: temp_root_password
+
+- name: Update mysql root password
+  command: "mysqladmin --user=root --password='{{ temp_root_password.stdout }}' password
'{{ mysql_root_password }}'"
+  ignore_errors: yes
+  args:
+    creates: ~/.my.cnf
+
+- name: Create .my.cnf
+  template:
+    src: "../roles/mysql_server/templates/.my.cnf"
+    dest: ~/.my.cnf

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/mysql_server/tasks/mysql.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/mysql_server/tasks/mysql.yml b/metron-deployment/roles/mysql_server/tasks/mysql.yml
new file mode 100644
index 0000000..e48ad5c
--- /dev/null
+++ b/metron-deployment/roles/mysql_server/tasks/mysql.yml
@@ -0,0 +1,60 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+---
+- name: Create temporary directories
+  file:
+    path: "/tmp/geoip"
+    state: directory
+    mode: 0755
+
+- name: Install Mysql Community Release Repo Def
+  get_url:
+    dest: /tmp/{{ mysql_rpm_version }}.rpm
+    url: "{{ mysql_yum_repo_url }}"
+
+- name: Install Mysql Community Release Repo
+  yum:
+    pkg: /tmp/{{ mysql_rpm_version }}.rpm
+    state: installed
+  register: result
+  until: result.rc == 0
+  retries: 5
+  delay: 10
+
+- name: Install MySQL
+  yum:
+    name: "{{ item }}"
+    state: latest
+  with_items:
+    - "mysql-community-server"
+    - "MySQL-python"
+  register: result
+  until: result.rc == 0
+  retries: 5
+  delay: 10
+
+#
+# mysql must be running for the 'mysql_client' role to function properly.  that
+# role grants access to mysql clients connecting from external hosts (think
+# storm topologies doing geoip enrichment).
+#
+# ideally the logic in 'mysql_client' would be moved to 'mysql_server' so that
+# mysql could be started, access granted, and then shutdown after this is
+# complete.
+#
+- name: Start MySQL
+  service: name=mysqld state=started

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/pcap_replay/defaults/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/pcap_replay/defaults/main.yml b/metron-deployment/roles/pcap_replay/defaults/main.yml
index b1fae1e..9b948a3 100644
--- a/metron-deployment/roles/pcap_replay/defaults/main.yml
+++ b/metron-deployment/roles/pcap_replay/defaults/main.yml
@@ -16,6 +16,6 @@
 #
 ---
 pcap_replay_interface: eth0
-pcap_path: /opt/pcap-replay
+pcap_replay_home: /opt/pcap-replay
 tcpreplay_version: 4.1.1
 tcpreplay_prefix: /opt

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/pcap_replay/tasks/service.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/pcap_replay/tasks/service.yml b/metron-deployment/roles/pcap_replay/tasks/service.yml
index 9e13e7f..46b00c5 100644
--- a/metron-deployment/roles/pcap_replay/tasks/service.yml
+++ b/metron-deployment/roles/pcap_replay/tasks/service.yml
@@ -16,7 +16,7 @@
 #
 ---
 - name: Create pcap directory
-  file: path={{ pcap_path }} state=directory mode=0755
+  file: path={{ pcap_replay_home }} state=directory mode=0755
 
 - name: Install init.d service script
   template: src=pcap-replay dest=/etc/init.d/pcap-replay mode=0755

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/pcap_replay/templates/pcap-replay
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/pcap_replay/templates/pcap-replay b/metron-deployment/roles/pcap_replay/templates/pcap-replay
index b9ae0c3..1df7337 100644
--- a/metron-deployment/roles/pcap_replay/templates/pcap-replay
+++ b/metron-deployment/roles/pcap_replay/templates/pcap-replay
@@ -22,17 +22,15 @@
 # processname: pcap-replay
 #
 
-DAEMON_PATH="{{ pcap_path }}"
+DAEMON_PATH="{{ pcap_replay_home }}"
 PCAPIN=`ls $DAEMON_PATH/*.pcap 2> /dev/null`
 IFACE="{{ pcap_replay_interface }}"
 EXTRA_ARGS="${@:2}"
-DAEMON="{{ tcpreplay_prefix }}/bin/tcpreplay"
-DAEMONOPTS="--intf1=$IFACE --loop=0 $EXTRA_ARGS $PCAPIN"
-
 NAME=pcap-replay
 DESC="Replay packet capture data"
 PIDFILE=/var/run/$NAME.pid
 SCRIPTNAME=/etc/init.d/$NAME
+LOGFILE=/var/log/$NAME.log
 
 case "$1" in
   start)
@@ -44,7 +42,9 @@ case "$1" in
     else
       # kick-off the daemon
       cd $DAEMON_PATH
-      PID=`$DAEMON $DAEMONOPTS > /dev/null 2>&1 & echo $!`
+      DAEMON="{{ tcpreplay_prefix }}/bin/tcpreplay"
+      DAEMONOPTS="--intf1=$IFACE --loop=0 $EXTRA_ARGS $PCAPIN"
+      PID=`$DAEMON $DAEMONOPTS > $LOGFILE 2>&1 & echo $!`
       if [ -z $PID ]; then
           printf "%s\n" "Fail"
       else

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/pycapa/tasks/pycapa-service.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/pycapa/tasks/pycapa-service.yml b/metron-deployment/roles/pycapa/tasks/pycapa-service.yml
index 5342939..017cc66 100644
--- a/metron-deployment/roles/pycapa/tasks/pycapa-service.yml
+++ b/metron-deployment/roles/pycapa/tasks/pycapa-service.yml
@@ -20,6 +20,3 @@
 
 - name: Install service script
   template: src=pycapa dest=/etc/init.d/pycapa mode=0755
-
-- name: Start pycapa
-  service: name=pycapa state=restarted

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/sensor-test-mode/tasks/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/sensor-test-mode/tasks/main.yml b/metron-deployment/roles/sensor-test-mode/tasks/main.yml
index 26b72c9..24ca87e 100644
--- a/metron-deployment/roles/sensor-test-mode/tasks/main.yml
+++ b/metron-deployment/roles/sensor-test-mode/tasks/main.yml
@@ -16,8 +16,10 @@
 #
 ---
 - include: pcap.yml
-  when: pcap_replay
+  when: install_pcap_replay
+
 - include: yaf.yml
   when: install_yaf
+  
 - include: snort.yml
   when: install_snort

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/sensor-test-mode/tasks/pcap.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/sensor-test-mode/tasks/pcap.yml b/metron-deployment/roles/sensor-test-mode/tasks/pcap.yml
index b088d5a..dda1bae 100644
--- a/metron-deployment/roles/sensor-test-mode/tasks/pcap.yml
+++ b/metron-deployment/roles/sensor-test-mode/tasks/pcap.yml
@@ -19,7 +19,4 @@
 # load example pcap data to replay
 #
 - name: Install example pcap file
-  copy: src=example.pcap dest={{ pcap_path }}/
-
-- name: Start the pcap-replay service
-  service: name=pcap-replay state=restarted
+  copy: src=example.pcap dest={{ pcap_replay_home }}/

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/sensor-test-mode/tasks/snort.yml b/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
index 5fd57ff..4deae23 100644
--- a/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
+++ b/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
@@ -30,7 +30,3 @@
     dest: /etc/snort/rules/test.rules
     line: "alert tcp any any -> any any (msg:'snort test alert'; sid:999158; )"
     create: yes
-
-- name: Restart snort
-  become: True
-  service: name=snortd state=restarted

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml b/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
index 5fa29ce..1206e23 100644
--- a/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
+++ b/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
@@ -23,5 +23,8 @@
   service: name=yaf state=stopped
 
 - name: Configure yaf to generate a flow record for every network packet
-  become: True
-  service: name=yaf state=started args="--idle-timeout 0"
+  lineinfile:
+    dest: /etc/init.d/yaf
+    regexp: "^DAEMONOPTS=\"${@:2}\"$"
+    line: "DAEMONOPTS=\"${@:2} --idle-timeout 0\""
+    backup: yes

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/snort/tasks/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/snort/tasks/main.yml b/metron-deployment/roles/snort/tasks/main.yml
index 80755be..b2ed836 100644
--- a/metron-deployment/roles/snort/tasks/main.yml
+++ b/metron-deployment/roles/snort/tasks/main.yml
@@ -16,16 +16,6 @@
 #
 ---
 - include: daq.yml
-
 - include: snort.yml
-
 - include: flume.yml
-
-- name: Turn on promiscuous mode for {{ sniff_interface }}
-  shell: "ip link set {{ sniff_interface }} promisc on"
-
-- name: Start snort
-  service: name=snortd state=restarted
-
-- name: Start flume service to consume snort alerts
-  service: name=flume-agent state=restarted args=snort
+- include: nic.yml

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/snort/tasks/nic.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/snort/tasks/nic.yml b/metron-deployment/roles/snort/tasks/nic.yml
new file mode 100644
index 0000000..6053618
--- /dev/null
+++ b/metron-deployment/roles/snort/tasks/nic.yml
@@ -0,0 +1,19 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+---
+- name: Turn on promiscuous mode for {{ sniff_interface }}
+  shell: "ip link set {{ sniff_interface }} promisc on"

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/yaf/tasks/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/yaf/tasks/main.yml b/metron-deployment/roles/yaf/tasks/main.yml
index 15f67f6..7d21348 100644
--- a/metron-deployment/roles/yaf/tasks/main.yml
+++ b/metron-deployment/roles/yaf/tasks/main.yml
@@ -17,3 +17,4 @@
 ---
 - include: fixbuf.yml
 - include: yaf.yml
+- include: nic.yml

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/yaf/tasks/nic.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/yaf/tasks/nic.yml b/metron-deployment/roles/yaf/tasks/nic.yml
new file mode 100644
index 0000000..6053618
--- /dev/null
+++ b/metron-deployment/roles/yaf/tasks/nic.yml
@@ -0,0 +1,19 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+---
+- name: Turn on promiscuous mode for {{ sniff_interface }}
+  shell: "ip link set {{ sniff_interface }} promisc on"

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/roles/yaf/tasks/yaf.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/yaf/tasks/yaf.yml b/metron-deployment/roles/yaf/tasks/yaf.yml
index 10d3205..9a9787b 100644
--- a/metron-deployment/roles/yaf/tasks/yaf.yml
+++ b/metron-deployment/roles/yaf/tasks/yaf.yml
@@ -52,9 +52,3 @@
 - name: Register the service with systemd
   shell: systemctl enable pcap-replay
   when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
-
-- name: Turn on promiscuous mode for {{ sniff_interface }}
-  shell: "ip link set {{ sniff_interface }} promisc on"
-
-- name: Start yaf
-  service: name=yaf state=restarted args="{{ yaf_args }}"

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/vagrant/fastcapa-test-platform/playbook.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/vagrant/fastcapa-test-platform/playbook.yml b/metron-deployment/vagrant/fastcapa-test-platform/playbook.yml
index 61509c4..cbc54d5 100644
--- a/metron-deployment/vagrant/fastcapa-test-platform/playbook.yml
+++ b/metron-deployment/vagrant/fastcapa-test-platform/playbook.yml
@@ -27,6 +27,8 @@
     - role: pcap_replay
     - { role: pycapa, install_pycapa_service: False }
     - { role: sensor-test-mode, pcap_replay: True, install_yaf: False, install_snort: False
}
+    - service: name=pcap-replay state=started
+    - service: name=pycapa state=started
 
 #
 # the 'sink' consumes network traffic
@@ -38,6 +40,7 @@
   roles:
     - role: librdkafka
     - role: fastcapa
+    - service: name=fastcapa state=started
 
 #
 # validate the environment - needs to run on `source` node

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/9898b4c6/metron-deployment/vagrant/full-dev-platform/README.md
----------------------------------------------------------------------
diff --git a/metron-deployment/vagrant/full-dev-platform/README.md b/metron-deployment/vagrant/full-dev-platform/README.md
index 4242be2..1139f0d 100644
--- a/metron-deployment/vagrant/full-dev-platform/README.md
+++ b/metron-deployment/vagrant/full-dev-platform/README.md
@@ -61,9 +61,9 @@ Now that the hard part is done, start the Metron deployment process.
   ```
   vagrant provision
   ```
-  
+
   In addition to re-running the entire provisioning play book, you may now re-run an individual
Ansible tag or a collection of tags in the following ways.
-  
+
   ```
   ./run_ansible_role.sh web
   ```
@@ -72,22 +72,22 @@ Now that the hard part is done, start the Metron deployment process.
   vagrant --ansible-tags="web" provision
   ```
   Will re-run the web role on the Vagrant image. This will re-install (if necessary) and
start the UI.
-   
+
   A collection of tags is specified as a comma separated list.
-  
+
   ```
   ./run_ansbile_role.sh "sensors,enrichment"
-  
+
   ```
-  
+
   Tags are listed in the playbooks, some frequently used tags:
   + hdp-install - Install HDP
   + hdp-deploy - Deploy and Start HDP Services (will start all Hadoop Services)
   + sensors - Deploy and Start Sensors.
   + enrichment - Deploy and Start Enrichment Topology.
-  
+
   Note: there is a convienence script, ```./run_enrichment_role.sh```,  which runs the enrichment
tag.
-  
+
 ### Explore Metron
 
 Navigate to the following resources to explore your newly minted Apache Metron environment.


Mime
View raw message