diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index e89f2656..1dc931f3 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -1,15 +1,18 @@ ## Changelog ## Navigation +* [9.2.1-patch1](#921-patch1) * [9.2.1](#921) * [9.2.0.1](#9201) * [9.2.0](#920) +* [9.1.4-patch1](#914-patch1) * [9.1.4](#914) * [9.1.3](#913) * [9.1.2](#912) * [9.1.1](#911) * [9.1.0.2](#9102) * [9.1.0.1](#9101) +* [9.0.9-patch1](#909-patch1) * [9.0.9](#909) * [9.0.8](#908) * [9.0.7](#907) @@ -87,6 +90,14 @@ --- +## 9.2.1-patch1 + +#### Changes +* Check for UDS file instead of UDS flag +* Bugfixes + +--- + ## 9.2.1 #### Changes @@ -111,6 +122,14 @@ --- +## 9.1.4-patch1 + +#### Changes +* Check for UDS file instead of UDS flag +* Bugfixes + +--- + ## 9.1.4 #### Changes @@ -159,6 +178,14 @@ --- +## 9.0.9-patch1 + +#### Changes +* Check for UDS file instead of UDS flag +* Bugfixes + +--- + ## 9.0.9 #### Changes diff --git a/roles/splunk_common/handlers/restart_splunk.yml b/roles/splunk_common/handlers/restart_splunk.yml index 0e3e1cf5..3eb7e068 100644 --- a/roles/splunk_common/handlers/restart_splunk.yml +++ b/roles/splunk_common/handlers/restart_splunk.yml @@ -23,7 +23,12 @@ state: restarted when: splunk.enable_service and not ansible_system is match("Linux") +- name: Check if UDS file exists + stat: + path: "/opt/splunkforwarder/var/run/splunk/cli.socket" + register: uds_socket_exists + - name: "Wait for splunkd management port" wait_for: port: "{{ splunk.svc_port }}" - when: splunk.splunk_http_enabled|bool == true + when: not uds_socket_exists.stat.exists diff --git a/roles/splunk_common/tasks/configure_mgmt_port.yml b/roles/splunk_common/tasks/configure_mgmt_port.yml index a50a2579..59abc779 100644 --- a/roles/splunk_common/tasks/configure_mgmt_port.yml +++ b/roles/splunk_common/tasks/configure_mgmt_port.yml @@ -1,16 +1,4 @@ --- -- name: Set mgmt port - ini_file: - dest: "{{ splunk.home }}/etc/system/local/web.conf" - section: settings - option: "mgmtHostPort" - value: "0.0.0.0:{{ splunk.svc_port }}" - owner: "{{ splunk.user }}" - group: "{{ splunk.group }}" - when: - - "'svc_port' in splunk" - register: set_mgmt_port - - name: Configure to set Mgmt Mode as auto (Allows UDS) ini_file: dest: "{{ splunk.home }}/etc/system/local/server.conf" @@ -30,8 +18,3 @@ owner: "{{ splunk.user }}" group: "{{ splunk.group }}" when: splunk.role == "splunk_universal_forwarder" and splunk.splunk_http_enabled|bool == true - -# Restart only when Splunk is running and when any of the above have changed -- include_tasks: ../handlers/restart_splunk.yml - when: set_mgmt_port is changed - diff --git a/roles/splunk_common/tasks/install_python_requirements.yml b/roles/splunk_common/tasks/install_python_requirements.yml new file mode 100644 index 00000000..8d10246a --- /dev/null +++ b/roles/splunk_common/tasks/install_python_requirements.yml @@ -0,0 +1,28 @@ +--- +- name: Check if requests_unixsocket exists + command: "pip list | grep 'requests-unixsocket'" + register: requests_unixsocket_check + ignore_errors: true + +- name: Install and upgrade pip + pip: + name: pip + extra_args: --upgrade + executable: pip3 + when: requests_unixsocket_check is failed + +- name: Check if pip3 unixsocket exits + command: "pip3 list | grep 'requests-unixsocket'" + register: requests_unixsocket_check_py3 + when: requests_unixsocket_check is failed + ignore_errors: true + +- name: Install missing requests_unixsocket + ansible.builtin.pip: + name: "requests_unixsocket" + when: requests_unixsocket_check is succeeded and (requests_unixsocket_check.stdout | length == 0 or requests_unixsocket_check.stdout.find("requests-unixsocket") == -1) + +- name: Install missing requests_unixsocket PY3 + ansible.builtin.pip: + name: "requests_unixsocket" + when: requests_unixsocket_check_py3 is succeeded and (requests_unixsocket_check_py3.stdout | length == 0 or requests_unixsocket_check_py3.stdout.find("requests-unixsocket") == -1) diff --git a/roles/splunk_common/tasks/main.yml b/roles/splunk_common/tasks/main.yml index 065a0b4a..c624b3e6 100644 --- a/roles/splunk_common/tasks/main.yml +++ b/roles/splunk_common/tasks/main.yml @@ -1,6 +1,8 @@ --- - include_tasks: get_facts.yml +- include_tasks: install_python_requirements.yml + - include_tasks: change_splunk_directory_owner.yml when: - ansible_system is match("Linux") @@ -74,6 +76,8 @@ - "'http_port' in splunk" - splunk.http_port | int != 8000 +- include_tasks: set_mgmt_port.yml + - include_tasks: set_root_endpoint.yml when: "'root_endpoint' in splunk and splunk.root_endpoint" @@ -122,8 +126,13 @@ - include_tasks: start_splunk.yml +- name: Check if UDS file exists + stat: + path: "/opt/splunkforwarder/var/run/splunk/cli.socket" + register: uds_socket_exists + - include_tasks: set_certificate_prefix.yml - when: splunk.splunk_http_enabled|bool == true + when: not uds_socket_exists.stat.exists - include_tasks: clean_user_seed.yml diff --git a/roles/splunk_common/tasks/set_certificate_prefix.yml b/roles/splunk_common/tasks/set_certificate_prefix.yml index c1a28b7b..19abcbf0 100644 --- a/roles/splunk_common/tasks/set_certificate_prefix.yml +++ b/roles/splunk_common/tasks/set_certificate_prefix.yml @@ -1,4 +1,9 @@ --- +- name: Check if UDS file exists + stat: + path: "/opt/splunkforwarder/var/run/splunk/cli.socket" + register: uds_socket_exists + - name: "Test basic https endpoint" uri: url: "https://127.0.0.1:{{ splunk.svc_port }}" @@ -8,7 +13,7 @@ timeout: 10 use_proxy: no register: ssl_enabled - when: splunk.splunk_http_enabled|bool == true + when: not uds_socket_exists.stat.exists ignore_errors: true delay: "{{ retry_delay }}" retries: "{{ retry_num }}" diff --git a/roles/splunk_common/tasks/set_mgmt_port.yml b/roles/splunk_common/tasks/set_mgmt_port.yml new file mode 100644 index 00000000..cfc9cd14 --- /dev/null +++ b/roles/splunk_common/tasks/set_mgmt_port.yml @@ -0,0 +1,16 @@ +--- +- name: Set mgmt port + ini_file: + dest: "{{ splunk.home }}/etc/system/local/web.conf" + section: settings + option: "mgmtHostPort" + value: "0.0.0.0:{{ splunk.svc_port }}" + owner: "{{ splunk.user }}" + group: "{{ splunk.group }}" + when: + - "'svc_port' in splunk" + register: set_mgmt_port + +# Restart only when Splunk is running and when any of the above have changed +- include_tasks: ../handlers/restart_splunk.yml + when: set_mgmt_port is changed diff --git a/roles/splunk_common/tasks/start_splunk.yml b/roles/splunk_common/tasks/start_splunk.yml index 0508961f..88220dd1 100644 --- a/roles/splunk_common/tasks/start_splunk.yml +++ b/roles/splunk_common/tasks/start_splunk.yml @@ -50,10 +50,15 @@ - splunk.enable_service - ansible_os_family == "Windows" +- name: Check if UDS file exists + stat: + path: "/opt/splunkforwarder/var/run/splunk/cli.socket" + register: uds_socket_exists + - name: "Wait for splunkd management port" wait_for: port: "{{ splunk.svc_port }}" - when: splunk.splunk_http_enabled|bool == true + when: not uds_socket_exists.stat.exists - name: Flush restart handlers meta: flush_handlers diff --git a/roles/splunk_common/tasks/wait_for_splunk_process.yml b/roles/splunk_common/tasks/wait_for_splunk_process.yml index 6f3e53c6..439c8a1d 100644 --- a/roles/splunk_common/tasks/wait_for_splunk_process.yml +++ b/roles/splunk_common/tasks/wait_for_splunk_process.yml @@ -5,9 +5,14 @@ state: present when: ansible_system is match("Linux") +- name: Check if UDS file exists + stat: + path: "/opt/splunkforwarder/var/run/splunk/cli.socket" + register: uds_socket_exists + - name: Wait for the Splunk service port to be available wait_for: host: 127.0.0.1 port: "{{ splunk.svc_port }}" timeout: 180 - when: splunk.splunk_http_enabled|bool == true + when: not uds_socket_exists.stat.exists