Ansible playbook
You can use an Ansible playbook to install and configure a production-ready OpenSearch cluster along with OpenSearch Dashboards.
The Ansible playbook only supports deployment of OpenSearch and OpenSearch Dashboards to the most popular Linux distributions (CentOS 7, RHEL7, Amazon Linux 2, Ubuntu 20.04) hosts.
Prerequisites
Make sure you have Ansible and Java 8 installed.
Configuration
-
Clone the OpenSearch ansible-playbook repository:
git clone https://github.com/opensearch-project/ansible-playbook
-
Configure the node properties in the
inventories/opensearch/hosts
file:ansible_host=<Public IP address> ansible_user=root ip=<Private IP address / 0.0.0.0>
where:
ansible_host
is the IP address of the target node that you want the Ansible playbook to install OpenSearch and OpenSearch DashBoards on.ip
is the IP address that you want OpenSearch and OpenSearch DashBoards to bind to. You can specify the private IP of the target node, or localhost, or 0.0.0.0.
-
You can modify the default configuration values in the
inventories/opensearch/group_vars/all/all.yml
file. For example, you can increase the Java memory heap size:xms_value: 8 xmx_value: 8
Make sure you have direct SSH access into the root user of the target node.
Run OpenSearch and OpenSearch Dashboards using Ansible playbook
-
Run the Ansible playbook with root privileges:
ansible-playbook -i inventories/opensearch/hosts opensearch.yml --extra-vars "admin_password=Test@123 kibanaserver_password=Test@6789 logstash_password=Test@456"
You can set the passwords for reserved users (
admin
,kibanaserver
, andlogstash
) using theadmin_password
,kibanaserver_password
, andlogstash_password
variables. -
After the deployment process is complete, you can access OpenSearch and OpenSearch Dashboards with the username
admin
and the password that you set for theadmin_password
variable.If you bind
ip
to a private IP or localhost, make sure you’re logged into the server that deployed the playbook to access OpenSearch and OpenSearch Dashboards:curl https://localhost:9200 -u 'admin:Test@123' --insecure
If you bind
ip
to 0.0.0.0, then replacelocalhost
with the public IP or the private IP (if it’s in the same network).