You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@metron.apache.org by ly...@apache.org on 2016/09/04 19:15:34 UTC

incubator-metron git commit: METRON-400 Deploy Probes to running Docker Container closes apache/incubator-metron#238

Repository: incubator-metron
Updated Branches:
  refs/heads/master 839bd2093 -> 5ac442431


METRON-400 Deploy Probes to running Docker Container closes apache/incubator-metron#238


Project: http://git-wip-us.apache.org/repos/asf/incubator-metron/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-metron/commit/5ac44243
Tree: http://git-wip-us.apache.org/repos/asf/incubator-metron/tree/5ac44243
Diff: http://git-wip-us.apache.org/repos/asf/incubator-metron/diff/5ac44243

Branch: refs/heads/master
Commit: 5ac442431d567a1d4c45a22f3103f0e0d01d951d
Parents: 839bd20
Author: dlyle65535 <dl...@gmail.com>
Authored: Sun Sep 4 15:14:59 2016 -0400
Committer: David Lyle <dl...@gmail.com>
Committed: Sun Sep 4 15:14:59 2016 -0400

----------------------------------------------------------------------
 .../playbooks/docker_probe_install.yml          | 63 ++++++++++++++++++++
 metron-deployment/roles/bro/meta/main.yml       |  1 -
 .../roles/bro/tasks/dependencies.yml            |  2 +
 .../roles/sensor-test-mode/tasks/snort.yml      |  2 -
 .../roles/sensor-test-mode/tasks/yaf.yml        |  1 -
 metron-deployment/roles/snort/meta/main.yml     |  1 -
 metron-deployment/roles/yaf/meta/main.yml       |  1 -
 metron-deployment/roles/yaf/tasks/yaf.yml       |  2 +-
 8 files changed, 66 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/playbooks/docker_probe_install.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/playbooks/docker_probe_install.yml b/metron-deployment/playbooks/docker_probe_install.yml
new file mode 100644
index 0000000..b23e72a
--- /dev/null
+++ b/metron-deployment/playbooks/docker_probe_install.yml
@@ -0,0 +1,63 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one or more
+#  contributor license agreements.  See the NOTICE file distributed with
+#  this work for additional information regarding copyright ownership.
+#  The ASF licenses this file to You under the Apache License, Version 2.0
+#  (the "License"); you may not use this file except in compliance with
+#  the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+---
+#
+# sensors
+#
+- hosts: localhost
+  tasks:
+  - name: add container to inventory
+    add_host:
+      name: amb-server
+      ansible_connection: docker
+      groups: sensors
+    changed_when: false
+    tags: add-host
+
+- hosts: sensors
+  vars:
+    metron_version: 0.2.0BETA
+    metron_directory: /usr/metron/{{ metron_version }}
+    bro_version: "2.4.1"
+    fixbuf_version: "1.7.1"
+    yaf_version: "2.8.0"
+    daq_version: "2.0.6-1"
+    pycapa_repo: "https://github.com/OpenSOC/pycapa.git"
+    pycapa_home: "/opt/pycapa"
+    snort_version: "2.9.8.0-1"
+    snort_alert_csv_path: "/var/log/snort/alert.csv"
+    threat_intel_bulk_load: False
+    sensor_test_mode: True
+    install_pycapa: False
+    install_bro: True
+    install_snort: True
+    install_yaf: True
+    install_pcap_replay: True
+    sniff_interface: eth0
+    pcap_replay_interface: "{{ sniff_interface }}"
+    pcapservice_port: 8081
+    kafka_broker_url: amb4.service.consul:6667
+  connection: docker
+  roles:
+    - { role: bro,                    tags: ['bro'] }
+    - { role: flume,                  tags: ['snort','flume'] }
+    - { role: snort,                  tags: ['snort'] }
+    - { role: yaf,                    tags: ['yaf'] }
+    - { role: pcap_replay,            tags: ['pcap-replay'] }
+    - { role: sensor-test-mode,       tags: ['sensor-test-mode'] }
+  tags:
+    - sensors

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/bro/meta/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/bro/meta/main.yml b/metron-deployment/roles/bro/meta/main.yml
index 9c9286f..df226e7 100644
--- a/metron-deployment/roles/bro/meta/main.yml
+++ b/metron-deployment/roles/bro/meta/main.yml
@@ -17,7 +17,6 @@
 ---
 dependencies:
   - libselinux-python
-  - ambari_gather_facts
   - build-tools
   - kafka-client
   - librdkafka

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/bro/tasks/dependencies.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/bro/tasks/dependencies.yml b/metron-deployment/roles/bro/tasks/dependencies.yml
index 431e861..fa20b71 100644
--- a/metron-deployment/roles/bro/tasks/dependencies.yml
+++ b/metron-deployment/roles/bro/tasks/dependencies.yml
@@ -31,6 +31,8 @@
     - swig
     - zlib-devel
     - perl
+    - crontabs
+    - net-tools
   register: result
   until: result.rc == 0
   retries: 5

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/sensor-test-mode/tasks/snort.yml b/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
index a9785c0..3b1af5f 100644
--- a/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
+++ b/metron-deployment/roles/sensor-test-mode/tasks/snort.yml
@@ -19,13 +19,11 @@
 # configure snort to alert on every packet
 #
 - name: Configure snort to use a set of test rules
-  become: True
   lineinfile:
     dest: /etc/snort/snort.conf
     line: "include $RULE_PATH/test.rules"
 
 - name: Create a snort alert for testing that alerts on every packet
-  become: True
   lineinfile:
     dest: /etc/snort/rules/test.rules
     line: "alert tcp any any -> any any (msg:'snort test alert'; sid:999158; )"

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml b/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
index 1206e23..c867d60 100644
--- a/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
+++ b/metron-deployment/roles/sensor-test-mode/tasks/yaf.yml
@@ -19,7 +19,6 @@
 # configure yaf to generate a flow record for every packet
 #
 - name: Stop running instances of yaf
-  become: True
   service: name=yaf state=stopped
 
 - name: Configure yaf to generate a flow record for every network packet

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/snort/meta/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/snort/meta/main.yml b/metron-deployment/roles/snort/meta/main.yml
index f742973..ebca8ed 100644
--- a/metron-deployment/roles/snort/meta/main.yml
+++ b/metron-deployment/roles/snort/meta/main.yml
@@ -16,7 +16,6 @@
 #
 ---
 dependencies:
-  - ambari_gather_facts
   - epel
   - libselinux-python
   - build-tools

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/yaf/meta/main.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/yaf/meta/main.yml b/metron-deployment/roles/yaf/meta/main.yml
index ff366b8..768bcac 100644
--- a/metron-deployment/roles/yaf/meta/main.yml
+++ b/metron-deployment/roles/yaf/meta/main.yml
@@ -16,7 +16,6 @@
 #
 ---
 dependencies:
-  - ambari_gather_facts
   - build-tools
   - java_jdk
   - libselinux-python

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/5ac44243/metron-deployment/roles/yaf/tasks/yaf.yml
----------------------------------------------------------------------
diff --git a/metron-deployment/roles/yaf/tasks/yaf.yml b/metron-deployment/roles/yaf/tasks/yaf.yml
index 9a9787b..7ee361e 100644
--- a/metron-deployment/roles/yaf/tasks/yaf.yml
+++ b/metron-deployment/roles/yaf/tasks/yaf.yml
@@ -50,5 +50,5 @@
   template: src=yaf dest=/etc/init.d/yaf mode=0755
 
 - name: Register the service with systemd
-  shell: systemctl enable pcap-replay
+  shell: systemctl enable yaf
   when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"