-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplaybook.aws-cloudwatch-agent.yml
87 lines (74 loc) · 2.63 KB
/
playbook.aws-cloudwatch-agent.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
---
- hosts: fcos
gather_facts: false
vars_files:
- external_vars.yml
tasks:
##########
# Amazon CloudWatch Agent
##########
- name: Make CloudWatch directory
become: yes
file:
path: /var/home/core/cloudwatch-agent
state: directory
- name: Create CloudWatch Dockerfile
become: yes
copy:
dest: /var/home/core/cloudwatch-agent/Dockerfile
content: |
FROM debian:latest
RUN apt-get update && \
apt-get install -y ca-certificates curl && \
rm -rf /var/lib/apt/lists/*
RUN curl -O https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb && \
dpkg -i -E amazon-cloudwatch-agent.deb && \
rm -rf /tmp/* && \
rm -rf /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard && \
rm -rf /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl && \
rm -rf /opt/aws/amazon-cloudwatch-agent/bin/config-downloader && \
rm /amazon-cloudwatch-agent.deb && \
mkdir -p /opt/aws/amazon-cloudwatch-agent/bin
COPY default_linux_config.json /opt/aws/amazon-cloudwatch-agent/bin/default_linux_config.json
COPY default_linux_config.json /etc/cwagentconfig
ENV RUN_IN_CONTAINER="True"
ENTRYPOINT ["/opt/aws/amazon-cloudwatch-agent/bin/start-amazon-cloudwatch-agent"]
- name: Create CloudWatch Configuration File
become: yes
copy:
dest: /var/home/core/cloudwatch-agent/default_linux_config.json
content: |
{
"logs": {
"logs_collected": {
"files": {
"collect_list": [{
"file_path": "/var/log/audit/audit.log",
"log_group_name": "audit",
"log_stream_name": "{instance_id}",
"timestamp_format": "%H: %M: %S%y%b%-d"
}]
}
},
"log_stream_name": "default_stream"
}
}
- name: Install docker package
become: yes
pip:
executable: /usr/bin/pip3
extra_args: --user
name: docker
state: present
- name: Build CloudWatch Agent Image
become: yes
docker_image:
build:
path: /var/home/core/cloudwatch-agent
pull: no
name: dva/cloudwatch-agent
tag: '1.0'
source: build
- name: Start CloudWatch agent container
become: yes
command: docker run --detach --volume /var/log/audit:/var/log/audit:z dva/cloudwatch-agent:1.0